MANAGED CARE August 1999. ©1999 MediMedia USA
New techniques of verifying identity will allow sensitive information to be made available safely, conveniently, and expeditiously over the Internet.
Many people remember the great New Yorker cartoon from a few years ago in which a dog is seated in front of a computer, typing, as he thinks, "On the Internet, no one knows you're a dog." Too true, as recent events have shown. For example, no one knew that the eBay high roller making the winning bid on millions of dollars worth of luxury goods was in fact a 13-year-old boy who thought he was playing a game.
What's needed is a way to bring to online health care transactions the same interrelated ways in which humans verify identity. Fortunately, new advances in technology are starting to make this possible.
Think of the ways in which you identify someone. To some extent, we're born with the ability to do this. Research has shown that very young infants can recognize and remember faces. As we grow we add more and more cues to our identification checklist. We remember faces and voices, scent, physical size, gait, hand gestures, handwriting, sense of humor, type of personality, and other characteristics. In addition, we associate people with certain settings or times in our lives, giving us another way to consult our personal database to make an identification. Remember the time you met a med school classmate, years later, at a health care conference? Memory failed because you were in a different place, doing different things.
Degrees of openness
Now think for a moment about how we act once we've determined identity. Your internal dialogue varies greatly depending on the situation and who you're interacting with. Some examples include:
"That's the director of medicine — act as if everything's under control."
"That's my cynical coworker — gripe about the director of medicine."
"That's my research partner — be excited about renovations to our lab facilities."
"That's a new resident — be blandly pleasant but don't reveal anything personal."
Based on identity, we define and sometimes limit the information we're willing to expose, and the ways in which we present the information that we do expose.
Easy to hack
In the physical world, there are many interlocking and reinforcing cues that let you know who's who. But, as in the case of that now-famous dog on the Internet, if all you see on your workstation screen is standard ASCII text, how can you know who's on the other end? Today, most of the Internet is not really secure, and it's relatively easy for unscrupulous people to assume an electronic disguise successfully. Because of this, most security on the Internet has been built on a purely defensive assumption: People will break into online health care information, so we must restrict the information we make available.
Health care organizations put lots of effort into security for closed, online environments. These can include intranets (networks within the organization), E-mail, and other activities that go on behind a firewall. These technologies are well known, quite well developed, and widely implemented.
The more recent arrival of extranets — online activities that happen outside the institution's physical firewall — presents more serious challenges to the health care industry for ensuring security and correct identification of identity. Health care organizations, banks, and online retailers are all examples of businesses that have moved to an extranet-based way of conducting business, and their security needs are different and more demanding, because they allow outside access to highly sensitive information. Defensively restricting the types of information you make available on an extranet is fundamentally at odds with the reasons you want to build an extranet in the first place: to provide more efficient service through increased information access.
If you assume that you will be "hacked," and therefore you restrict information, you give up the advantage of putting your health care business online. Unfortunately, it is this very information — internal, proprietary, meaningful information --that could provide the greatest competitive advantage if you could share it with providers, insurers, patients and research colleagues. This is what happens today because of inadequate security, which in turn is caused by insufficient components of online identity.
Call it 'E-dentity'
What's a better solution than the PINs and passwords that we're all familiar with? We need a form of identity for the online health care world that is almost as complex and unique as the ways in which humans identify each other.
A fairly new technology called PKI, for public key infrastructure, comes closer to the type of multi-layered interlocking cues described earlier. Through PKI a "trusted source," which could be a hospital, an HMO, a bank, a government or some other organization, issues a "digital certificate" to a user. This organization is called the "certificate authority." The certificate itself is really a long, complex, random series of numbers and characters. Most often, it is placed on a "smart card" or some other form of electronic storage. Most are more than 200 characters long, not the six or seven characters typical of most PINs. This unique certificate is virtually unduplicable, in the same way that the combination of your face, voice, and personality together cannot be matched.
The certificate authority — the organization that issued the certificate to you — has another copy of the certificate in a database. Your identity is confirmed only when your copy and the authority's copy are engaged simultaneously, along with a password or some other form of identification. The combination of these variables creates a multilayered, interdependent form of security that is nearly as complex as those that make up the process of human identification. I call this "E-dentity."
Just as people can translate their recognition of identity unconsciously and instantly into a specific set of behavior guidelines based on that identity, online interactions based on E-dentity offer far more open and productive interactions than what are typical in today's online environment.
Imagine that a worldwide supplier of health care products wants to share key corporate information with a specific set of provider organizations. If those providers have an E-dentity with the worldwide supplier, they could be privy to much more useful information, perhaps reducing costs or shipping products more efficiently. Or imagine a health care organization that today must keep patient information under such tight wraps that often patients can't see information about their own cases. With E-dentity-level security, patients could see much more relevant information, make better-informed decisions and at the same time know that their personal information is secure.
With E-dentity-level online security, the much-sought-after days of "frictionless commerce" on the Internet could come much closer to reality, providing people with better customer service, access to more relevant information, and better, less-expensive products. By ensuring that transactions occur between the correct people, E-dentity security could revolutionize the way companies do business. Good news, unless you're a hacker dog.