Combating Cyberattacks: How Payers and Providers Are Managing Digital Identity Authentication

In a survey conducted by Xtelligent Healthcare Media, LexisNexis received feedback from over 100 combined healthcare provider and payer stakeholders exploring the current state of cybersecurity in healthcare. Survey respondents also provided their recommended best practices for deploying robust digital identity authentication. A major driver behind the growth of threats to digital identity security is an increased opportunity for attack due to the expedited digitization of healthcare data. Following the widespread adoption of telehealth services in combination with a growing remote workforce has provided ample opportunity for cyberattacks in greater numbers than ever before.

Patients must be able to access their health data and other personal information, as well as healthcare services and resources, but patient portals and telehealth platforms provide new external access points that need protection. Providers and payers are each tackling the issue with efforts to authenticate digital identities, though they primarily deploy different methods to secure these sensitive transactions. The goal is to verify key identity attributes to ensure that patients can obtain access to their data, but only their own data. Regardless of the strategy, healthcare organizations must invest in developing the infrastructure needed to handle internal and external identity access management.

Tackling the Internal Threats to Identity and Personal Data

To take identity security a step further, some organizations have begun training employees in their new cybersecurity strategies. To streamline the process, many are also beginning to automate identity authentication processes.

Because of the many recent changes and new developments in healthcare legislation and technology, digital safety has become a constantly moving target. New points of exposure plus more digital identity data available means an attractive target for fraudsters to make ransomware attacks and achieve significant breaches.

Creating a Digital Balance - Identity Verification Meets Frictionless User Access

A multi-layered approach to identity authentication is necessary to make sure healthcare organizations are prepared. Providers, payers and patients routinely move through a virtual world and are all users of these connected systems, so safeguarding digital identities has never been more crucial. Balancing secure access without creating barriers to users remains a challenge as these systems are implemented. Patients want to be able to interact with their healthcare how and when they want. That means every step of their journey is critical to creating a positive experience.

Multi-factor authentication remains the safest way to secure personally identifiable information (PII) and all other sensitive health and personal data with minimal friction. This also helps remove the potential for human error.

A Digital World Provides Many Use Cases for Enhanced Security

Protection from breaches is not the only motivating factor for needing reliable identity verification and other safeguards to be put in place. Staying compliant with new regulatory guidelines, increased budget, and investment in new digital offerings are also driving forces, especially for payer organizations. Healthcare organizations must adhere to a range of regulatory and legal requirements as part of their operations. Effective multi-factor solutions will help create the intended balance between streamlined data access and HIPAA-protected data with appropriate security measures.

Survey respondents agree on the top three priorities they face in building their digital security and identity management strategies. Download the white paper survey results to better understand their motivations and priorities as they strive to create dynamic responses to these constantly evolving threats.