Being in healthcare IT, I get bombarded by security and strong authentication vendors pitching their latest systems to ostensibly help us become HIPAA-compliant and more secure (note to vendors: showing up with HIPPA instead of HIPAA on your slidedeck isn’t a good thing). The biggest issue with these solutions isn’t necessarily the technology itself, but how it integrates into various clinical workflows spanning busy multi-user in-patient environments to encounter-oriented out-patient settings.

A new solution, Dynahand, aims to relieve users of having to remember complex passwords by using their own handwriting samples as the basis for establishing trust and authenticating users. It’s another biometric solution that uses something physically unique to a user, but it doesn’t require any additional hardware. Instead, the user recognizes their unique handwritten digits and selects them to perform authentication. I’d love to see the samples of clinicians — a group not known for their stellar penmanship. Luckily, that’s not the point.

Solutions that combine physical and behavioral characteristics to provide authentication is an interesting space for us. While usernames and passwords work today, they’re definitely cumbersome and periodically changing them can be a pain for some of our users. However, I haven’t yet seen a better path forward that doesn’t somehow force our users to remember to carry a smartcard (even when combined with their physical access badge, they’ll forgot it), go through the template creation process of biometrics or require some additional and costly hardware at some end of the infrastructure spectrum. We continue to evaluate and recommend new options that meet our criteria of usability, management, support and of course, cost.