
The growth of the Electronic Healthcare Record has provided major advantages, opportunities, and some interesting challenges.
One item to point out is that clinicians and physicians went to school with the desire to take care of patients; not technology.
When they are burdened to spend time logging in with passwords it introduces some potential areas to look at.
Is the password truly unique and is it changed on a mandated basis? While two step authentication and tokens can be used....are these actually used?

However the most interesting situation to think about "Is that really the person that is authorized to have access to that persons Electronic Healthcare information?" Could somebody else have or being sharing their password to make work easier for all?
Another important area to look at is what happens if the logged in user gets distracted (for instance by a code, phone call, or has to consult with another person) and steps away from the session. Is a this session immediately logged out?
It appears that some EHR providers have instituted a time out of for example fifteen minutes, if a secure session is open and if there is no activity. How did someone come up with the idea of 15 minutes? While this on the surface seems like a good stop gap; it still provides an ability for any un-authorized person to have access to not only to the specific patient's files, but the enterprise at large. A back door it seems.
Finally some statistics point out that clinicians are often having to log in and log out sometimes up to 90 times per patient shift. So some could understand potential work arounds. However you would think technology could provide a better way and decrease time and potential security risks.
Why not look at using a leap forward technology platform that uses multi-factor biometrics in a secure fashion to authenticate the right user to the right application...while drastically decreasing the work load and the hassle factor for the clinician.
A proven novel idea...but now becoming a reality. www.blustor.co
Stay tuned for the next evolution.