University Health deploys biometrics, CA updates privileged management
18 August, 2016
category: Biometrics, Corporate, Digital ID, Health
University Health System deploys RightPatient
RightPatient announced that Augusta, Ga.-based University Health Care System has implemented RightPatient to improve patient safety, data integrity, and revenue cycle management by preventing duplicate medical records, fraud, and patient identification errors.
University Health evaluated several different biometric patient identification technologies before deciding to deploy Photo Biometrics with RightPatient. University Health integrated RightPatient into their Epic in order to minimize potential patient registration errors. University patients have welcomed the use of RightPatient to protect their medical identities, with over 99% choosing to enroll. So far, nearly 50,000 patients have enrolled in the system.
Using RightPatient, patients simply take their picture and the platform identifies them, retrieves the correct medical record within Epic, and displays the patient photo for two-factor authentication. Integration of RightPatient into Epic’s registration system along with a user–friendly interface and analytics platform sealed University’s decision to implement RightPatient with Photo Biometrics.
Since implementing RightPatient, University Health has seen a nearly 30% decline in chart corrections among other benefits. The platform is also eliminating write-offs associated with patient fraud.
CA adds to privileged account management portfolio
CA Technologies has released enhancements to its privileged access management portfolio, giving customers control over the privileged accounts that support a hybrid IT environment and are a frequent vector for cyberattacks.
By updating and integrating CA Privileged Access Manager — formerly Xceedium Xsuite — and CA Privileged Access Manager Server Control, CA can help reduce the risk of data breaches by extending the depth and breadth of control over privileged users end-to-end – from the gateway to the server and from the database to the cloud – all from a single management console.
CA Privileged Access Manager enables customers to implement controls at the network gateway, managing privileged user access to systems and applications based on the identity of the individual user. CA Privileged Access Manager Server Control resides on the server and manages user activity based on resource protection, with policies that control file access and actions taken on the server. This prevents bad actors from covering their tracks and helps accelerate breach discovery.
With the enhancements, customers can consistently manage and control privileged users at both the network and the server. When an IT administrator accesses a system, CA Privileged Access Manager automatically triggers CA’s Server Control product and to apply policies on the server resources based on the individual’s identity vs. simply the administrator account. This provides a more detailed and granular level of access control.
In addition, CA Privileged Access Manager has expanded integration with service management tools to further streamline privileged user provisioning and de-provisioning for those individuals who only require short-term privileged user access, such as temporary employees or contractors.
GlobalPlatform updates TEE specs
GlobalPlatform has published updates to its Trusted Execution Environment (TEE) Initial Configuration v1.1 and Test Suite v2.0 for functional compliance and in parallel has launched a Security Test Suite. Together these will enhance TEE interoperability and security and make it easier for TEE vendors to ensure compliance against GlobalPlatform’s Device Specification.
The TEE is a secure area of the main processor in a smart phone — or any connected device — that ensures sensitive data is stored, processed and protected in an isolated, trusted environment. The technology offers protection against software attacks, assists in the control of access rights and houses sensitive applications.
The Initial Configuration v1.1 and accompanying functional compliance Test Suite v2.0 have been updated in response to the latest feedback from the TEE testing and compliance ecosystem, which is working on live implementations. The updated TEE Initial Configuration v1.1 describes common implementation requirements of core features of the GlobalPlatform Device Specification. It includes refinements to features including the internal core and the client specification.
The functional compliance Test Suite v2.0 sets the basis for a minimum but mandatory level of interoperability. This new test suite and its associated qualified test tools have been tested in both Android and Linux environments to extend the scope of the TEE qualification, to support new types of device and to enhance interoperability.
The parallel launch of the new TEE Security Test Suite enables vendors to confirm the security of their TEE products as measured against the organization’s TEE Protection Profile, through independent security evaluation. It provides a defined set of tests that detect product vulnerabilities and it also incorporates a module that automates testing, thus accelerating and simplifying the testing process for security laboratories and reducing the time required to achieve certification. This enables vendors to carry out security testing during development, allowing them to use the same qualified test tools to automate both security and compliance testing.
Telesign appoints CEO
TeleSign announced it has appointed Aled Miles as CEO, effective immediately. Miles brings more than two decades of leadership experience within both established and high-growth technology companies to TeleSign.
Prior to joining TeleSign, Miles spent a combined 20 years at Symantec, most recently on the executive team, where he served as senior vice president responsible for the global Norton business, the Latin America geography, Global Strategic Accounts and IoT, Cloud & SaaS Partnerships worldwide.
Most recently, Miles was executive vice president and GM at identity management firm ForgeRock, where he oversaw the development of their global business focused on the digital transformation strategies of Fortune 500 customers with an eye for frictionless customer interaction.
