Privacy implications for single sign-on authentication in a hospital environment

Authors:
Rosa R. Heckle;Wayne G. Lutters
Affiliations:
UMBC, Baltimore, MD;UMBC, Baltimore, MD
Venue:
Proceedings of the 3rd symposium on Usable privacy and security
Year:
2007

Citing 1
Cited 3

Users are not the enemy

Communications of the ACM

An offline foundation for online accountable pseudonyms

Proceedings of the 1st Workshop on Social Network Systems
Family accounts: a new paradigm for user accounts within the home environment

Proceedings of the 2008 ACM conference on Computer supported cooperative work
Biometrics for Electronic Health Records

Journal of Medical Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Healthcare providers and their IT staff, working in an effort to balance appropriate accessibility with stricter security mandates, are considering the use of a single network sign-on approach for authentication and password management. There is an inherent tension between an authentication mechanism's security strength and the privacy implications of using that authentication technology. This is particularly true with single sign-on authentication. While single sign-on does facilitate authentication, our on-going field work in a regional hospital reveals several unanticipated privacy implications.