Eric Schmidt at HiMMS and comments from Craig Workinger

A final update from Craig at the HiMMS…

Eric Schmidt, the former executive chairman of Alphabet, delivered a bold vision of the future of health care and technology at HiMMS, urging participants to go immediately to the cloud.

The cloud, he notes, can take in—and provide security for—the large amounts of data being generated from the growing number of new mobile apps and sensors, then integrate and structure this data into an information flow to support the clinician sitting in front of a patient. Through an earbud or mobile phone, the clinician can access potentially life-saving guidance.

But Eric’s comments underscore the big challenge facing the next generation of EHR (Electronic Health Records). EHR has a growing, vast flow of potentially valuable data from broad array of devices and apps. What’s lacking is the means to store it and validate its sources.

Identity authentication across platforms and devices is thus crucial to the next generation of EHR. To be usable, all that data must be tied unequivocally to the individual in front of the clinician. In turn, that means having an integrated, holistic approach to managing identity across all the platforms, apps and sensors.

Data, technology, and culture

More from our Craig Workinger at HiMSS…


We are attending the HiMSS annual meeting this week and wanted to share a few observations. It’s a terrific event, and a reminder of how important personal contacts are in an age when we’re on our screens constantly.

Nearly every conversation here includes the issue of how to get data out of isolated, proprietary systems so it can be used more effectively. If data can be collected from many sources, then AI and machine learning tools can be applied to it, looking at both text and images to create a predictive system for clinicians. That offers a real opportunity to improve patient care.

This also seems to be driving talk of partnerships, another hot topic at the conference. People recognize there are lots of technologies trying to solve healthcare’s problems but they approach it in an isolated way. So they are trying to figure out how to make data actionable and link it to what others have. The idea of partnerships is a departure for big industry players who’ve mostly taken a go-it-alone approach in the past.

Interoperability is also getting a lot of buzz at HiMSS. Most people focus on its technological aspect but that’s only half the challenge. The other is culture.

From a technology perspective, there are lots of vendors battling for market share and holding on to data as part of their competitive strategy. But that’s running up against consumer behavior. People today get their health care from a variety of places – hospitals, outpatient centers, specialized clinics, even their home – and they are increasingly shopping around. Inevitably, they wind up in separate health systems, and none of them speak to each other. So the challenge is to get the data up a level so that it’s accessible to their doctor no matter where they go.

There are technologies that can do that, and more. But change is slow, and that’s where culture comes in. Many healthcare organizations are reluctant to change. Some still use fax machines and paper records. They want to be more efficient but are slow to embrace the technology that can help them get there. Of course, adoption has been the challenge for every technology innovation, from PCs to cell phones. Healthcare tech is no different.

Surprises at HiMSS

As promised, here’s Craig Workinger from HiMSS…


Craig Workinger

I’ve been attending HiMSS for more than 15 years (do I get an award for that?), and every year I see a few things that surprise me. That’s what keeps it interesting.

One surprise is the number of vendors who claim to have a patient identity solution when what they actually do is patient identity for one specific application, like labs or payments. They don’t provide that identity outside of their system. There’s almost no one addressing the need for a universal identity repository – a database that would handle identity authentication for multiple applications. (That’s what Securlinx offers, and that’s why we are excited about the opportunities we are seeing to help healthcare organizations.)

The other surprise is the absence of the insurance industry. The major insurers are a huge part of healthcare, involved in everything from procedures and protocols to reimbursements and record-keeping. And they see how much money is lost every year from errors and fraud. Yet hey don’t have a presence here and don’t seem to collaborate with other organizations much right now. That will change, though. Collaborating to reduce costs and improve care would be a natural focus for them, not to mention a great marketing message. Insurers are a key component in all this.

Securlinx at HiMSS

Photo: Craig Workinger via Twitter

Securlinx has a presence at the Healthcare Information and Management Systems Society (HiMSS) Conference currently underway in Las Vegas.

Our own Craig Workinger (LinkedIn, Twitter) and Securlinx Healthcare Advisory Board member Tom Karson, MD (LinkedIn) have found time to report some of their observations and insights from the conference. I will share what they have to say here as their reports come in.

Biometrics for better Healthcare Records Management

How biometrics is giving identities to ‘invisible citizens’ (CNN)

“Biometrics as a technology has completely changed our way of thinking,” Mwaura told CNN. He says Simprints is giving citizens without identities hope and access to a better-synced healthcare system.

“Without it, they’d probably stay at home and accept their fate.”

Once someone is successfully enrolled they can easily visit a doctor — who can then access their entire medical history digitally.



Google’s popular art selfie tech not accessible in Illinois [and Texas] (Illinois News Network)

“The company hasn’t said why residents of the two states can’t use it. One thing both have in common is laws allowing lawsuits for not protecting biometric information. A key difference, however, is any Illinoisan can file a lawsuit, whereas Texas’ attorney general would have to initiate one there. Washington state has a law similar to Texas but users there reportedly are able to access the function.”

For fingerprints at least, familiarity breeds contentment

Visa Survey Results Suggest Familiarity is Key to Enthusiasm for Biometric Authentication (Mobile ID World)

“Conducted by AYTM Market Research, the study polled a thousand Canadian adults toward the end of last autumn. Fifty-seven percent of respondents said they were most familiar with fingerprint recognition, and a quarter said they use it regularly. Sixty-nine percent expressed interest in fingerprint-based authentication, and 61 percent reported being interested in using the technology for payments.”

Someone sold passwords to India’s ID database

Aadhaar ‘breach’: Everything you need to know (Hindustan Times)

“The crux of the matter, as reported by Tribune newspaper and corroborated by BuzzFeed News, is that there exists a portal on the Aadhaar website which gives anyone who has the login credentials access to the Aadhaar database. UIDAI says the portal is intended for government officials for addressing grievances such as rectifying spelling mistakes in a person’s name.
But somewhere in the chain, according to media reports, rogue agents have started to sell access to this portal to just anyone.”

It looks like a government employee was selling username/password(s) to access the government database at a fairly low level. It should be pretty easy to figure out who abused their position.

Amazon files mobile face recognition patent for payments

Amazon will soon accept mobile payments using selfies instead of passwords (Silicon Republic)

Amazon has filed a patent application for technology that will allow users to authenticate a payment using a photo or video in a seamless way that doesn’t necessarily require passwords.

“The user is identified using image information which is processed utilising facial recognition. The device verifies that the image information corresponds to a living human using one or more human-verification processes,” the patent reads.

Amazon files mobile face recognition patent for payments

Amazon will soon accept mobile payments using selfies instead of passwords (Silicon Republic)

Amazon has filed a patent application for technology that will allow users to authenticate a payment using a photo or video in a seamless way that doesn’t necessarily require passwords.

“The user is identified using image information which is processed utilising facial recognition. The device verifies that the image information corresponds to a living human using one or more human-verification processes,” the patent reads.

“Holy Bat-phone, Batman!”

NEC develops biometrics technology that uses sound to distinguish individually unique ear cavity shape (NEC)

The new technology instantaneously measures (within approximately one second) acoustic characteristics determined by the shape of the ear, which is unique for each person, using an earphone with a built-in microphone to collect earphone-generated sounds as they resonate within ear cavities. This unique method for extracting features is useful for distinguishing individuals based on acoustic characteristics and enables rapid and highly accurate recognition (greater than 99% accuracy).


Illinois: Google faces face-rec lawsuit

Google Gets Sued Over Face Recognition, Joining Facebook And Shutterfly In Battle Over Biometric Privacy In Illinois (IBTimes)

In the latest scuffle over biometric data collection in Illinois, Google Inc. this week was hit with a lawsuit over its face-recognition technology, making Google the latest tech giant to be accused of violating an unusual state privacy law that restricts the collection and storage of so-called faceprints. Illinois and Texas are the only two states that regulate how private companies may use biometric data, and Illinois is the only state that authorizes statutory damages for violations.

Forecast: Global Biometrics Market in Hospitality Sector 2016-2020

Market outlook of the biometrics market in the hospitality sector (Research and Markets)

The market research analyst predicts the global biometrics market in the hospitality sector to grow at a CAGR of around 27% during the forecast period. With the increase in cases of time theft, data theft, and other criminal activities in the hospitality sector, the demand for security technologies including a highly reliable and accessible personal authentication and identification systems has increased. Biometrics has emerged as a suitable security and monitoring solution to meet this need as it is based on the behavioral and physiological characteristics of an individual, which is difficult to replicate. Biometrics in the hospitality sector is seen as the most accurate and reliable system because it eliminates manual inputs, identity card exchange, and time theft.

Biometrics for better government finances

Nigeria saves $11 million after removing 20,000 ‘ghost workers’ (Hindustan Times)

Nigeria’s government has removed more than 20,000 non-existent workers from its payroll following an audit, leading to savings of 2.29 billion naira ($11.53 million) from its monthly wage bill, the Finance Ministry said on Sunday.

The audit used biometric data and a bank verification number (BVN) to identify holders of bank accounts into which salaries were being paid.

The proof is in the fingerprint: how biometrics are proving security doubters wrong (memeburn)

Biometrics is not the uncharted Wild West or the strange cousin who lives next door, it is one of the fastest growing markets in the world because it works. It is also predicted to be worth around US$23.3 billion by 2019 with a CAGR of 20.8%. This is one market which is on a steady trajectory thanks to its potential and its ability to reduce fraud and data theft by significant amounts. The proof as they say, is not so much in the pudding as it is in the fingerprint…

Healthcare: Getting serious about multifactor authentication

The Time Has Come for Two-Factor Authentication in Health Care (iHealthBeat)

William Braithwaite — a health information privacy and security consultant and chair of the Healthcare Information and Management Systems Society’s identity management task force — noted that, no matter how long or complex passwords are, they’re still vulnerable to theft. “The real problem is that passwords are being stolen, not that they’re being broken,” he said.

Face recognition in retail

Walmart’s Use of Sci-fi Tech To Spot Shoplifters Raises Privacy Questions (Fortune)

The only company that acknowledged using the software was Walmart. According to a spokesperson, the retailer tested facial recognition software in stores across several states for several months, but then discontinued the practice earlier this year.

“We were looking for a concrete business rationale … It didn’t have the ROI,” or return on investment, the spokesperson says.

Retailers and biometrics companies have been working together for years trying to figure out how to apply face recognition to the problem of shoplifting. As expected in a retail business, it all comes down to Return on Investment (ROI).

First, here’s what modern shoplifting looks like. It isn’t just teenagers pocketing lip-sticks and candy bars.

Police bust ‘amazing’ $15,000-a-day shoplifting ring (USA Today)

HAZEL PARK, Mich. — Police say a 7,600-square-foot warehouse served as the business hub for a sophisticated, multimillion-dollar theft ring that stole items from southeastern Michigan retailers and resold them on the Internet.

Veteran investigators said the shoplifting ring, which swiped as much as $15,000 a day in over-the-counter drugs and other goods from area stores, is the largest they have ever seen.

Oakland County Sheriff Michael Bouchard called the illegal business “amazing in size and scope” and one that likely operated for years before drug investigators spotted it last month.

The ring operators stored stolen items in the warehouse and sold them on the Internet through eBay, and other sites, investigators said.

Read the whole thing. Criminal organizations like these cause huge losses to retailers, higher prices to consumers, and increased production of dangerous street drugs. More and more, shoplifting is an organized crime problem, and everyone who isn’t in on the scam pays the price in one way or another.

Privacy issues associated with facial recognition in businesses open to the public get a lot of well-deserved attention. Clearly, facial recognition technology could be deployed in businesses open to the public in ways that are injurious to a reasonable person’s expectation of privacy. Brainstorming those ways, however, takes us pretty far away from the ROI calculation that is motivating retail outlets to seek out technologies that can help them reduce losses due to theft.

The privacy focus for facial recognition in retail spaces should be on what data is collected and what happens to it. In this case that means the photos and personal information that goes along with them. The easy part is that retail establishments have been collecting information on suspected shoplifters for a long time now and they already have policies about what they collect, when they collect it, and how long they retain it. The hard part is that new facial recognition technology makes sharing the information easier, securing it more difficult (and important!), and it requires new training for loss prevention staff about what, exactly, the technology is telling them.

That brings us back to the ROI. Obviously, using facial recognition to prevent a $15,000 organized crime heist helps the ROI calculation. Using facial recognition to interrupt a shopper based upon a “false positive” ID hurts the ROI calculation. So there’s at least a little bit of good news here for privacy: The ROI calculation that is so important to the business’s decision whether or not to use a facial recognition system does have a built-in way to account for at least some privacy concerns.