A simple combination for a better world

Jul13


Problem:
In an earlier post we’ve seen some security issues with the Electronic Health Record. To avoid this type of information leakage we need to improve the awareness among the people using these cards.

To try and solve this problem I want to introduce a little mix of existing components to improve the security level and security awareness for the people that are using these (smart) cards for authentication. For example in hospitals and pharmacies they are using cards to have access to patient data (see this blog). But people treat it unsafe. Maybe don’t see the value of this authentication card.

This post describes a solution, not in the field of software testing but more in the field of communication, a change of mindset to create awareness among the people. The final result is to improve health care. Because if people use their personal card in a safe way, information security will be on a higher level. This is also part of the health care, because if you’re a famous star, you don’t like it if your personal health record is known in the media. First of all some simple ingredients that are part of the combination to improve the world.

Let me give you an overview of the different ingredients.

Ingredient 1: A printed hard plastic credit card
I think for 2,5 year now, (why? I don’t know) I carry with me, in my bunch of bank cards, two plastic cards printed with a linguistic and mathematical mnemonic. This printed hard plastic card can be printed with your own design. We need this technique later on if we combine this with the other two ingredients. Know that it’s possible to print your own design.

Design your own business card

Ingredient 2: The existing authentication cards
The cards we issue to our medical staff for authentication of the medical systems, like the electronic health record. There are several types of cards used all over the world. Most of them have the size of a credit card. These cards are used multiple times per day by all these people.

The Estonia Health Card

The German gesundheidskarte

The Dutch UZI-pas

Ingredient 3: Five Golden rules
5 Golden rules, 5 ‘keep in mind’ statements to create security awareness about the use of the authentication card as mentioned in ingredient 2. Statements like:

  • This card is like a key, keep it private
  • This card is like underwear, don’t share it with others.
  • This card is your personal secret, don’t tell it to others
  • This card is like a glass, handle with care.
  • This card is like a sport car, be aware of his power

The recipe
If we combine these three ingredients together the result is a card with the same functions as the authentication card already in use. But from now on printed cards with 5 golden rules to create awareness for the secure use of this card. Because if people will see these 5 statements every time they use the card, they will be triggered about the security. They become aware of the importance of the data and the possibilities of an incorrect use of the card.

The costs
Only a new design of the front or backside of the card.

A better world
If this results is a safer use of the card it will also result in better quality of health for the patients. The staff in for example hospitals will use the card in a safe way. Leaking information of Hollywood stars to the media will happen less. The privacy shall improve with this very simple mix of ingredients.

If this argument is too simple, please let me know why.
If you need more information please let me know and let’s make a new design for the backside for example.

This entry was posted on Tuesday, July 13th, 2010 at 07:29 and is filed under Andréas Prins, innovation in testing. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Responses to “A simple combination for a better world”

  1. Lodewijk Bos Says:
    July 13th, 2010 at 08:12

    Andréas, great post! This should be en element for the ICMCC event on awareness next year (http://ghita.icmcc.org). Like in your previous mail on security, you once more made it clear that professionals should be made aware of the consequences of Health IT to the way they work (and deal with patients).

  2. Andreas Says:
    July 14th, 2010 at 07:38

    @Lodewijk,

    Thank you for the response, good to hear that this kind of topics are interesting for the GHITA. As soon as there is a reqeust for proposal I’ll send one to you. If you need only a presentation at Ghita I’ll be there ;)

  3. Trackbacks Says:
    February 5th, 2012 at 22:56

Leave a Reply

Before you submit form:
Human test by Not Captcha