As the need for collaboration in healthcare grows and patients become increasingly engaged in their care process, organizations are being challenged to deliver information to their stakeholders electronically. This process engenders the need for strong privacy and security controls, particularly as it relates to Personal Health Information (PHI) as defined and regulated by HIPAA.
Within this context, major healthcare trade associations have recommended the adoption of NIST SP 800-63-2 as the benchmark e-authentication standard for their members. Examples of these recommendations appear below.
HIMSS Recommendation re: Patient Identification
AHIP Recommendation re: Patient Identification