Healthcare facilities adopt PhoneFactor solution

Authentication system secures access to healthcare networks in real-time


OVERLAND PARK, KS (January 9, 2008) - PhoneFactor, a leading provider of security products and services, today announced that two more key clients in the medical industry are adopting its phone-based, two factor authentication security system to protect patient medical records.

Medical records are one of the most important documents to protect from identity thieves. If a hacker gets a person’s medical records, they get the key to that person’s personal kingdom—insurance information, financial information, and access to very private matters that can affect job status, eligibility for mortgages—the implications are enormous.

PhoneFactor solves the identity theft problem, protects patient privacy in real-time, and is so easy to use that doctors take to it instantly.

Here’s how PhoneFactor works: A doctor needs to remotely access a patient’s hospital files from his private practice office. The doctor keys his user ID and password into the hospital network. His cell phone rings instantly, prompting the doctor to confirm the login. If the doctor keys in a PIN on his phone, he is given access. But if the doctor does not, the IT department back at the hospital is alerted immediately, access to the network is denied, and the attack is thwarted. The patient file is never compromised.

"We’ve got physicians starting to use PhoneFactor and they seem pretty enthralled,” said Mike Regan, Senior Network Analyst for Firelands Regional Medical Center in Sandusky, Ohio, which admits 250 area doctors. “Physicians like it because it’s simpler than tokens, which are also more expensive and can be lost. Doctors almost exclusively use their cell phones, though Phone Factor works with any phone."

St. Joseph Hospital, Southern New Hampshire's largest acute care hospital and trauma center, has also adopted PhoneFactor with great results.

"Patient confidentiality is one of our top priorities here at St. Joseph," said Brian Murphy, Director of IT Infrastructure for St. Joseph’s Healthcare. "We sought to add a secure second layer to our password/username system. PhoneFactor not only allowed us to do this easily, but it also was unobtrusive and affordable."

PhoneFactor is not just easier for the end user. For network administrators, it is easy to implement and seamlessly integrates with any VPN, enterprise application, or website. Firelands Regional Medical Center and St. Joseph Hospital join other leading health care organizations, including as OhioHealth, Nationwide Children’s Hospital Research Institute, National Surgical Care, and others who have implemented PhoneFactor’s two-factor authentication platform.

PhoneFactor’s popularity in the medical industry continues to accelerate as regulatory agencies push for additional security measures to ensure that only authorized individuals have access to hospital systems and patient data. The Health Insurance Portability and Accountability Act (HIPAA) and many state pharmacy boards are calling for strong authentication when accessing patient records or prescribing medicine through online systems. To comply, health care organizations must require more than a user name and password before allowing access to their systems. Often, these additional forms of authentication are not user-friendly. Many require users to carry a security token or other device, or restrict them to logging in from a particular computer. PhoneFactor solves these problems.