A Study on Authentication Factors in Electronic Health Records

Privacy and security are one the major challenge for the healthcare providers to maintain with increasing security breaches. User authentication is an essential factor to implement in Electronic Health Records (EHRs) to protect patient data and prevent malicious users from gaining access to the medical server. As Single Factor Authentication (SFA) are prone to vulnerabilities, due to the user using weak passwords and hackers are able to crack the passwords in sophisticated techniques such as brute force, dictionary attack, etc. The International Standards require the healthcare organizations using the Multi-Factor Authentication (MFA) to protect patient privacy and security. The complexity of authentication can be increased using the combination of two or more independent factors (smartcard, security hardware token, biometrics, etc.). This study presents the review of different authentication factors employed in EHRs such as secure communications, handheld devices, smart card, and biometric. It will be beneficial for the researchers to know the current trends and understand the areas that require improvement in the authentication framework.