Study Shows Security Risk in Password Sharing Among Medical Professionals

Technology > Security

Photo by: DarkoStojanovic via Pixabay



Healthcare Informatics Research recently published a study that password sharing is common among healthcare providers, and this behavior may potentially weaken the whole institution’s data security.

Researchers from Duke University, Harvard University, Hadassah-Hebrew University Medical Center, and Ben-Gurion University of the Negev claim that 73 percent of those who participated in their study use another staff’s password to access electronic health records at work. Fifty-seven percent of them says they borrow their co-worker’s password for an average of 4.75 frequency.

The study with researchers Hassidim et al. assessed 299 healthcare providers including medical students, nurses, interns, and residents. The survey also revealed that these medical residents obtain passwords with the consent of the account’s owner.

The research notes that “unfortunately, the use of passwords is doomed because medical staff members share their passwords with one another.” It also said that there is a decrease of data safety in the medical field and that the strict regulation of requiring every staff to have their own unique user ID is what leads them to password sharing. In fact, 77 percent of the medical students and 83 percent of the intern respondents use someone else’s credentials because they were not administered to a user ID.

“Medical staff must provide timely and efficient care while maintaining patient confidentiality,” researchers say. They also advise adding an option where each EHR role will have maximum privileges as long as the protected health information security officer and the senior physician will be prompted once such option is used. That way, even junior staff members maintain the proper security measure while making quick decisions for operational and clinical processes.