Healthcare Compliance

The proliferation of digital patient information and a surge in government regulations are forcing a shift in the healthcare industry. As the entire healthcare community adopts digital processes and web-based systems for patient data, the need for stronger security and compliance measures grows exponentially.



The healthcare industry continues to increase the number of initiatives centered around strong identity management. At the center of these initiatives are trusted identities that support strong authentication. However, because these initiatives are mostly de-centralized and, in select cases, state-specific, keeping up with requirements continues to be a challenge for most organizations. Initiatives include:

ONC’s Shared Nationwide Interoperability Roadmap

Drug Enforcement Agency’s Interim Final Rule (IFR)

New York’s I-STOP Act

U.S. White House Precision Medicine Initiative

Surescripts Identity Proofing Requirements

Patient Online (UK)

To satisfy these regulations, a solutions provider needs to balance the right level of security to protect online and mobile apps, identities and transactions all while supporting an optimal user experience.



VASCO’s identity proofing and validation solutions securely confirm provider eligibility and authenticate providers. Our identity proofing and validation solutions meet the NIST Special Publication 800-63 Assurance Level 3 requirements for multi-factor remote network authentication, fulfill a mandatory requirement for compliance with EPCS regulations.

Solution options include:


  • FIPS 140-2 Level 2 Certified

  • Easy to use (one touch button device)

  • Fully supported by VACMAN and IDENTIKEY products

DIGIPASS for Mobile:

  • Frictionless authentication and e-signing experience for mobile users

  • Integrated with VASCO's patented CRONTO technology and Open QR codes

DIGIPASS for Apps:

  • Comprehensive SDK that natively integrates application security, two-factor authentication and transaction signing into mobile applications

  • Drives new levels of interconnected mobile app security and intelligence without performance lags or customer visibility

  • Easy to use

     - Biometric authentication (selfie, fingerprint)
    - Support for push notifications

MYDIGIPASS for Healthcare:

  • Certified as full-service Credential Service Provider (CSP) at NIST SP 800-63 Level of Assurance 3 under the SAFE-BioPharma FICAM Trust Framework

  • One-stop shop for EHR vendors and hospitals includes: identity proofing, credential issuance and delivery

The shortcomings of current authentication methods in health IT

"Aside from the DEA for E-prescribing of controlled substances, there really aren't any mandates around using anything stronger than a user name and password," says Michael Magrath, Director of Healthcare Sales at VASCO Data Security. Recorded at the 2016 Privacy & Security Forum in Los Angeles.

Related Content

Related Products

Related Products

This website uses cookies to improve user experience, functionality and performance. If you continue browsing the site, you consent to the use of cookies on this website. Note that you can change your browser/cookie settings at any time. To learn more about the use of cookies and how to adjust your settings, please read our cookie policy.