Top 3 Strategy Priorities in Digital Identity Management

Share on facebook
Share on twitter
Share on linkedin
digital identity
Director, Market Strategy

In our recent survey on managing digital identity authentication, executives from provider and payer organizations identified their top three priorities for identity verification and authentication management heading into 2022.

In 2020, 61% of healthcare data breaches were due to external threat actors and 39% were caused by insiders. Payers and providers have indicated that addressing both external and internal threats are in their top 3 priorities for Identity Access Management.

1. Securing Member/Patient Portal Login

Hackers see PII and PHI as very valuable. On the black market, a healthcare record may be valued at up to $250 compared to the next highest value of $5.40. Most patient portals are secured only by a password, which may or may not be “secure.” Weak passwords open the door to account takeovers.

2. Securing Data Access Via Mobile Apps

Apps can be easy to hack. In a recent healthcare app test, 50% had hardcoded API keys and tokens that would enable hackers to attack the APIs. FHIR/SMART standards aren’t enough. It is only a part of the security needed to secure mobile apps and the APIs if retrieving data and using data resources and other applications.

3. Securing Employee System Access

Since the pandemic, more healthcare services have shifted to remote service with employees accessing HIPAA protected data and company networks leveraging unsecured Wi-Fi, clicking on compromised links etc. that leave healthcare systems vulnerable to cyber fraud. 18M patient records were impacted by ransomware attacks in 2020, a 470% increase from 2019.

Effective Digital Identity Management Is Crucial

Building an adequate security strategy to protect patient data and internal systems from bad actors is a growing challenge for healthcare leaders, but the risk of not doing so is costly. The average healthcare data breach now costs $4.24M per incident, according to the 2021 Cost of a Data Breach Report

A multi-factor approach to cybersecurity can address evolving security vulnerabilities. An effective solution includes a combination of verification and authentication such as device authentication, identity proofing/authentication, phone and email verification. Putting up the right defenses will protect private member/patient data and internal systems from cyberattacks before and as they are happening.

To learn how other healthcare organizations are combating cyberattacks, read our full digital identity study.

The DNA of Healthcare

At LexisNexis Risk Solutions, our goal is to provide the healthcare industry with insights and innovations to improve outcomes, grow market share, reduce fraud and increase compliance.

Related Articles

These blogs are published for information purposes only and can be statements of opinion. Although we LexisNexis rigorously check the accuracy of all information at the time of publishing the blogs, no representations or warranties are expressed or implied as to the blog, its contents and any accompanying materials and it should not be relied upon for acting in specific circumstances. Although links to external websites on any blog posts are tested and deemed accurate at the time of the blog posting, we LexisNexis accept no liability for such links to external websites and do not endorse or warrant in any way any materials available through such links or any privacy or other practices of such sites. In addition to this blog disclaimer, access and use of the blogs is governed by the LexisNexis website.