Is this a viable application for radio frequency identification technology?
That's a very interesting question—and, frankly, one to which I have not previously given a lot of thought. I think the short answer would be "no," unfortunately. Safeguarding a patient's privacy requires more than just technology. It necessitates a set of procedures or guidelines that must be adhered to by staff members and enforced by health-care administrators. But RFID could help.
HIPAA, for those unaware of it, is the Health Insurance Portability and Accountability Act of 1996, which was passed in the United States to address problems that occur when people switch from one insurer to another upon changing jobs. The act included a privacy rule designed to allow the portability of patient records, while ensuring that the sensitive nature of that information was respected and protected. Most of us treated by physicians in this country must sign a document allowing the caregiving organization to share health information with our insurance company.
RFID could be made part of the system of managing health-care records, by giving each patient an RFID card containing a random serial number on it, linked to his or her personal electronic health records within the hospital. When someone is moved from one department to another for treatment, the card could be used to identify that individual. Currently, data is often collected at many points within a medical facility, which gives more people access to the information and expands the potential for a confidentiality breach.
Another way in which RFID could help is by securing access to data. If someone walks away from a workstation, unauthorized personnel could access confidential health records. By requiring doctors and nurses to sign in using an RFID-enabled badge, and by locking the workstation when they walk away (sonar or infrared could be utilized to determine whether or not someone was at the station), a hospital could greatly reduce the chances of that information being accessed by unauthorized parties.
If any of our readers know of other ways in which RFID technology might help to ensure HIPAA compliance, please post information about it below.
—Mark Roberti, Founder and Editor, RFID Journal