Download PDF version Contact company
Hospitals have different layers of security and multiple points of entry for employees 
 Hospitals need stronger 'in-depth' physical security at different entry points

Within the course of any given day, a hospital or health care chief security officer (CSO) faces the task of not only protecting multiple points of access but also doing so in a way that enables movement and activity, is convenient for staff and patients and does not impede the facility's primary function: saving lives. Health care facilities exist in a wide variety of medical focus, administrative complexity and size, yet all demand appropriate access control coverage.

Dan DeBlasio, Director of business development, Identity and Access Management (IAM) and  Keith Chapman, Solutions manager of Logical and Physical Card products (IAM) at HID explore the impact and implications of access control solutions in the health care sector.

From the moment you enter a major hospital or health care facility, it is likely that you are being monitored before you have even got out of your car. Regardless of if you pulled the ticket to access the parking garage, presented your employee ID to the parking entry reader or walked through the triage area of the emergency room, some form of access control and security has already come into play, getting stronger and more robust the further you get into the facility. Called "security in-depth", there are many different layers of security that go into health care facilities, with security monitoring becoming stricter the deeper you go. Often, this involves multiple points of entry and numerous levels of security for different strata of employees, typically beginning with an employee ID or access credential. 

While much of what we read about preventing unauthorized access to certain areas within hospitals or health care facilities is positive, many institutions have already begun the process of implementing stronger physical security in the form of secure contactless smart cards. Breaches of physical security and unauthorized access to confidential patient files need to be addressed by putting deliberate procedures in place to audit, track and report their occurrence.

Access control in a challenging environment

Contactless smart cards minimize overhead when dealing with biometric template management and distribution 

Health care facilities and hospitals present unique challenges when it comes to security. The sheer volume of traffic and staffing at a major health care facility rivals any college campus environment. Whether the need is to restrict access to authorized personnel-only areas or protect personal and private patient information in either electronic or paper formats or keep hygiene standards to the maximum level, security within the confines of a health care-related setting is multi-faceted. It requires knowledge of current and future physical and logical access needs, coupled with an understanding of the standards and regulations facing today's health care practitioners.

For years, health care facilities have used a variety of methods to provide individuals with convenient yet secure access to facilities, the PC and the network. Because building access and IT systems have traditionally been separate purchasing decisions for many organizations, health care employees are familiar with being forced to carry multiple cards or tokens, using multiple PINs or passwords to access various systems. These practices resulted in security systems that are cumbersome for the employee to use and difficult costly for the organization to manage and maintain, not to mention, deadly within an emergency setting.

Utilizing both, contact and contactless smart chip technologies, the use of a single card solution for identification, secure access and payments, can provide a unique access control solution for health care settings.

 Having a cumbersome security system can be detrimental in an emergency
 Ease of access for employees is crucial in an emergency setting

Hospitals' staff need access to many different areas within the facility as well as immediate PC access and permission to access confidential client records. Carrying multiple smart cards to access those areas does not help mobility, speed or convenience for staff.

Using a single card also provides an opportunity for hospitals to combine workplace IDs and security access cards with payment cards, enabling employees to carry fewer cards and, for example, enable doctors, nurses and support staff to gain access to secure areas, while also using the same card for visual ID verification and for making purchases in the hospital cafeteria.

Benefits of contactless smart cards

One excellent example of how a contactless smart card-based application can benefit a health care organization can be seen in the use of biometrics within a pharmacy setting. Contactless smart cards minimize overhead when dealing with biometric template management and distribution. Rather than storing biometrics on a server and distributing them over a wired network, a contactless smart card-based system allows biometric templates to be carried by the card holder, offering a stronger level of authentication and security commonly referred to as "Match on Card."

Contactless smart cards can also enhance security and address privacy concerns, as the biometric template is stored on the secure card, rather than passed over a hackable network. Using a smart card for logical access applications can advance security, improve convenience for the end-user and minimize help-desk calls for forgotten passwords for single sign-on cases.

Cost-effective access control solutions for hospitals

 Cost-effective access solutions make it possible for hospitals to leverage their existing infrastructure
 Cost-effective security solutions will allow hospitals to leverage their existing infrastructure

The availability of cost-effective, multi-technology authentication devices is making it possible for hospitals and all its facilities to leverage their existing infrastructure, while adding new functionality at a reasonable cost. The convenience afforded by using a single smart card solution has many organizations re-examining the value of converging currently independent systems to achieve solutions that are robust, easily managed and cost-effective.

Just like any other highly trafficked business, hospitals and health centers find value in IP video surveillance, either manned or unmanned, with manned surveillance for immediate security and unmanned surveillance for audit and forensics.

Protecting patient information with security standards

As with any security implementation, it is always best to look at relevant security standards and regulations driving the organizational needs. Depending on which country you are in, you must consider what applications are already being used by hospitals and if there are any specific pre-requisites. For example, in the US a standard called HIPPA governs the health care market. In Europe no such one standard exists and every country has its own systems and preferences but not overriding legislation.  

As an example, Austrian hospitals are already quite advanced in their use of multi-application smart cards for patients and hospital staff. The Gerrman eGK (elektronische Gesundheitskarte) is the largest European IT project linking all sorts of patient's records and details with each other and enhance this security system by use of smart cards.

Implementing logical access control solutions for greater security

Facing growing pressure and scrutiny from the public, health care CSOs are looking to implement stronger forms of authentication in an effort to restrict access to private patient data. Throughout the course of a day, username and passwords are used to access everything from computers to online Web portals to network resources, but does this mean that passwords are secure? 

As the amount of confidential data becomes increasingly accessible, health care facilities are evaluating stronger security and searching for a replacement for traditional passwords. Unfortunately, many forms of stronger network security have traditionally been linked to poor user experiences and have resulted in poor user adoption. This does not need to be the case. 

Health care facilities are evaluating stronger security and searching for a replacement for traditional passwords. One way this can be accomplished is through the implementation of logical access solutions 



One way this can be accomplished is through the implementation of logical access solutions, which encompass a number of PC- and network-related applications, including secure authentication and/or log-in to the PC or network, secure email, data encryption, file/folder encryption, single sign-on and remote VPN access.

Gaining access to the network, whether for ordering medication from the pharmacy or for accessing films or private patient information, can be mission critical for health care facilities. With doctors and nurses using shared terminals or mobile work stations, ensuring that patient information is secure and accessible is a major issue, especially when it occurs within a life-saving situation. If you lose or forget your password and cannot gain prompt access to patient records, it could cost a life. However, by using either a contact or contactless smart card to authenticate to the mobile terminal or workstation, many of these issues can be alleviated.

All-in-one access control solution

From a convenience perspective, having one card that does it all-a photo ID, an access control card, a cafeteria card and an additional authentication factor for network login-can provide a striking value proposition for organizations in the health care market. Leveraging the smart card across a wide range of applications beyond just opening the door can provide high value to hospitals and health care facilities that are charged with maintaining the highest levels of security, and doing so with a cost structure that saves time and money, in addition to patient's lives. 

The fact that hospitals and health care facilities globally need to comply with strict hygiene standards has also raised the demand for access and security equipment that is waterproof and can be easily sterilised. Hospital staff who have continuous patient contact while simultaneously using their smart cards to gain access to rooms, secure PC applications and patient records, thus benefit from contactless technologies as it helps to control infections and reduce the likelihood of transferring viruses.

The future is contactless smartcards

Looking ahead, the health care sector will continue to improve their physical security systems and improve patients' confidentiality while increasing hygiene standards. Although some countries seem to be more advanced than others, many countries have already realised that contactless smartcards are the means to better current practice and set a standard for years to come. 

Dan DeBlasio of HID Dan DeBlasio
Director of business development,
Identity and Access Management (IAM) 
HID Global
Keith Chapman of HID Keith Chapman
Solutions manager of Logical and Physical Card products (IAM)

HID Global
Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

In case you missed it

Why Access Control Is Important
Why Access Control Is Important

When we talk about security, people are often quick to jump to conclusions and picture bouncers, heavy steel doors and alarms that go off as soon as a door is opened. Access control is in fact one of the most common and least invasive methods of adding extra security to a home, communal or business premises – controlling who is able to enter a space based on the use of entry codes, key fobs, and/or access cards. Communal flats and office blocks are where access control is often an important factor in keeping the building secure, though private residences also have their own lowkey methods of access control with burglar alarms and personalized codes. With that said, what is it that makes access codes so effective across so many spaces – and why are they so important in today’s society? Benefits of access control Every time you visit an office space, enter a block of flats, or drive into a gated community, you will likely be faced with restricted access and a code pad – plus a button to ring through if you are a visitor. This is a prime example of access control, whereby the owner of the premises has installed a gate or security door which requires a code to enter from the outside. Pressing the request button puts you through to a controller who can then either grant access or deny access. The primary benefit of access control is that it ensures that a space remains secure Some of these code pads have cameras so that the controller can see the visitor – some just have a microphone and speaker. The primary benefit of access control is that it ensures that a space remains secure – only visited by those who are granted access. This restriction helps to keep residents and property safe, not only deterring burglars but ensuring that they are unable to gain entry without permission. Access control panels Some of the examples of access control panels in use include: Private car parks, granting access to employees or residents or paying guests based on the location. Communal buildings and flat entranceways, granting access to residents. These kinds of access control panels will have multiple buttons, one for each flat so that guests can buzz and speak to their contacts. Offices, granting access to employees and their guests. Another key benefit of access control is that entry and exit data can be tracked Another key benefit of access control is that entry and exit data can be tracked, and data can be used for anything from tracking the use of a building, to understanding and logging when individuals have entered and left the premises. For those who have ever watched a Detective drama, you will know how crucial this kind of data can be to determining alibis! Replacing lost keys Inhouse, this can also be useful in identifying who is around when an incident occurs, and in ascertaining how many people are in the premises in the event of a fire or emergency situation. On top of knowing when individuals are accessing certain spaces, access controls can also be used to restrict access to spaces during certain time periods – for example at the end of a shift, or overnight. This is most often found in commercial spaces and car parks, as private residences will grant access at all hours to residents. Access control plays an important role in security and can impact everything from your insurance bills and insurance cover to the amount you spend on replacing lost keys. By keeping certain spaces restricted, only granting access to those who are supposed to be there for work or through their private residence, you are able to keep individuals safe and protect them from the effect of theft. Preventing unlawful access Access control is particularly crucial in tracking the movement of employees should an incident occur In a workspace, access control is particularly crucial in tracking the movement of employees should an incident occur, as well as making the life of your team much easier in allowing them to move between spaces without security personnel and site managers present. It can also reduce the outgoings of a business by reducing the need for security individuals to be hired and paid to remain on site. For a private homeowner or flat owner, access control is what grants you the privacy and security that you deserve in your own space. Whether the control is placed on the outside of a bin store, car parks, communal entrance way or your own personal flat, creating barriers to prevent unlawful access can make a private residence more appealing to tenants or homeowners, and can also provide information and data about who has entered a building and when. Vacant property security The value of access control is that there are a range of solutions according to your budget, your requirements, and the way that you intend to use access control across your site or inside space. For the most part, access control is considered to be a cost effective way of increasing security, cutting back on personnel while ensuring that access is only granted to those who are supposed to be a specific space. The value of access control is that there are a range of solutions according to your budget According to construction site and vacant property security company Sicuro, access control systems with a built in camera are becoming increasingly popular, particularly on the exterior of a building when it comes to granting access to visitors – as those inside can see who is asking to be let in. Managing access control Meanwhile, across inside workspaces and sites, access control managed by pin numbers or fingerprints is often sufficient. Access control is an important part of modern security, ensuring that everywhere from office spaces to private residences are protected from unwanted or unlawful visitors. For the most part, access control is managed automatically, tracking and storing data on who has entered and exited a specific space and at what time – though some examples are tracked and managed manually (for example in a school reception or private residence).

Open Options Paves the Way for New Customers in Access Control
Open Options Paves the Way for New Customers in Access Control

For more than 22 years, Open Options, Addison, Texas, has developed access control solutions that connect to leading security technologies to deliver a full-scale solution based on each customer’s unique needs. In 2018, Open Options was acquired by ACRE, which already owned the Vanderbilt and ComNet brands. To find out the latest, we interviewed Chuck O’Leary, President of Open Options. Q: It has been two and a half years since Open Options was acquired by ACRE. Briefly describe that transition and how the company is stronger today because of it. O’Leary: The ACRE transition really focused on integrating our access control solution, DNA Fusion, with Vanderbilt Industries technologies in order to further our reach in the market and enhance our portfolios. With their support, we have been able to accelerate innovations and expand our global reach. Overall, it has been a great experience to be a part of the ACRE organization, and it has opened the doors to new opportunities for us both here in the states and globally.  Q: What is "Connect Care" and how does it benefit integrators and/or end user customers? O’Leary: For those unfamiliar with the world of access control, it can often be a little overwhelming when first introduced; however, we strive to make our products as easy to use and intuitive as possible, with Connect Care being no different. Connect Care is a system that has been specifically designed to create the most connected experience in the security market Connect Care is a system that has been specifically designed to create the most connected experience in the security market. It serves as a 24/7 bridge from our customers to services like technical support, platform support, professional services, and training. By providing these options for our customers, we can better empower them with the knowledge and expertise of our DNA Fusion access control system and ensure their success with the product.  Q: Who are the new customers entering the market for access control systems in the wake of the pandemic, and how should they be approached/managed differently? O’Leary: Over the last year, there has been a huge demand for access control systems as remote work increased due to COVID-19, and even now, as employees and students are heading back into the offices and schools. Organizations are realizing that having an outdated security system is no longer robust enough for the rapid advancement of technology that we witnessed over the course of the pandemic, and really the past few years. For those who are just dipping their toe into a new access control deployment, the most important thing they can do is to search for a provider who has a solution that is easily integrated, scalable, and provides excellent training and resources. Q: Define the term "touchless access control" and explain why it is gaining a higher profile in the post-pandemic world. O’Leary: The interesting thing about access control is that it has almost always been touchless. Many organizations are looking for robust solutions that are touchless and can be utilized remotely, and it's fairly easy to understand why a solution like this would become widely popular because of COVID-19. Integrators are searching for access control systems that will serve as a proper solution for organizationsThe process of using access control to streamline security infrastructures is not a new concept by any means, but due to the rapid development in technology over the past few years, more integrators are searching for access control systems that will serve as a proper solution for organizations, while still supplying the touchless and remote-based features. Q: What do you see as the future course of the changing technology trends we see in today's market (such as mobile credentials, cloud-based systems, cybersecurity, etc.)? O’Leary: As we continue to tread through the different technological developments in the market today, we are noticing that mobile credentials and biometrics are becoming increasingly popular. As cybersecurity and mobility continue to become more important, we are also seeing the rapid jump to the cloud. By utilizing cloud-based systems, an organization is not hindered by a lack of storage or old software and gains the flexibility to scale their security system as their business grows. Q: How will the access control market look different five years from now versus today? What about 10 years from now? O’Leary: Within the next five years, I suspect that access control will continue to make the move towards cloud-based systems and utilize mobile credentials and biometrics. In 10 years, I think all access control will be open platform and many more organizations will embrace cloud solutions for increased functionality. Also, innovations will continue to be the drivers behind new deployments with some installations being biometrics only and include recognizing fingerprints, retina scans, facial recognition, and voice. Q: What is the biggest challenge currently facing the access control market, and how should manufacturers (including Open Options) be addressing the challenge? O’Leary: One of the biggest challenges facing the physical access control market is organizations actually making the shift to more up-to-date access control systems. Organizations are looking to adopt more digital-focused access control experiencesOrganizations are looking to adopt more digital-focused access control experiences — ones that are focused on integration, newer features, cybersecurity, and ease of monitoring. Access control manufacturers should be addressing this challenge by creating integratable, scalable systems that are easily managed and provide a structured, streamlined approach for an organization’s security infrastructure. Q: What is the biggest misconception about access control? O’Leary: Access control is not a one-size-fits-all solution, and some organizations might have different standards or assets that need protection. This is why it's vital to know the risks your organization faces when speaking with access control providers — to ensure the best possible outcome for your specific needs. It's important to remember that whatever access control system is chosen should proactively mitigate any risks, be easily taught to and successfully used by employees, and be scalable with your organization. No matter the line of work, a proper access control system should streamline the security infrastructure and lessen stress on the security team and employees.

Automatic Gates – The Latest Development In Access Control
Automatic Gates – The Latest Development In Access Control

Automatic gates remain an increasingly popular security choice for family homes, business premises or public buildings – anywhere that full control over access is needed. While there is much to consider for installers when advising clients on the right solution for their property, from the size, weight and cost of a gate system, it’s useful to be aware of the latest developments in the market, as this can help to find the right option to fit their needs. The need for speed Gates can be automated to either swing or to slide open, and there are many factors to take into consideration, when advising on which option to use. However, swing gate motors tend to be slower than the speeds achievable for sliding gates, which means the latter are usually more popular, especially for commercial sites where timing can be among the more important factors. One of the most recent developments in the sliding gates market is the introduction of faster motors One of the most recent developments in the sliding gates market is the introduction of faster motors, such as those from Bft Automation, which allow for opening and closing at a quicker speed than has previously been achievable. Fast authorized access control From a security point of view, the ability to allow people and goods in and out of a property at a quicker pace reduces the risk of unauthorized entry, while waiting for a gate to close – an important consideration in both commercial and residential contexts. Other benefits of a faster motor include reduced waiting times. This can be particularly useful for properties in busy areas, where a vehicle could risk blocking traffic, while waiting to turn into a site controlled by a slower gate. Faster motors Also, a faster motor could potentially reduce the risk of an accident from vehicles entering a property at speed. For example, this might happen if someone was making their first visit to a property situated off a fast road in an unfamiliar area. Beyond these practical considerations, in today’s fast-paced world, people aren’t as used to having to wait for things and this applies to the time it takes to get in and out of their own property. So, security benefits aside, faster motors are likely to be more appealing for clients who have sliding gates fitted to their domestic property and who prioritize convenience. The choice of which of the new faster motors to use will be impacted by a number of factors, including the weight of the gates. Essentially, the lighter the gate is the higher the speed achievable. And, as always, it’s important to make sure that any installation complies with safety regulations. Intelligent torque management systems A further development in access control technology includes intelligent torque management systems A further development in access control technology includes intelligent torque management systems, which update the level of torque required to perform the gate’s operation, allowing it to work at the optimum level, regardless of weather conditions, temperature or the degree of wear and tear on the device. Depending on the typical weather conditions experienced at the site and the anticipated frequency of use, it’s worth looking at options that take these factors into account. Importance of security rights In some scenarios, it’s important for particular individuals to have security rights. In which case, there are motors available that come with personalized keys, which are unique, providing an additional level of security. Installers often face the challenge of fitting gate motors in confined spaces, potentially making for a time consuming and technically demanding task. Available space When you only have a small space to work with, simple details can go a long way to helping you. For example, by putting the fastening screws on the front of a motor’s casing, installation and maintenance are easier and more convenient, even in particularly compact areas. Working with suppliers that offer more than just a manual means you’ll have access to advice and support on how new products work in practice and what you need to consider before advising on an installation.