Smart Cards and Security

May 1, 1998 12:00 PM, GEORGE PARTINGTON

A 'smart' ID solution at U.K. hospitals Doctors at National Health Service Trust hospitals in London keep their medical history and access credentials on a microprocessor chip in their photo ID cards.

At the Hammersmith Hospitals National Health Service Trust, London, smart cards are the cure for what ails. And what ails is the process of authorized personnel verification.

The trust, which comprises four hospitals including Hammersmith, Charing Cross, Queen Charlotte's and Chelsea Hospitals for Women, and Acton Care for the Elderly Hospital, employs about 6,000 staff and has about 1,400 in-patient beds. The hospitals serve as training ground for undergraduate and postgraduate medical students from the Imperial College School of Science, Medicine and Technology.

Two modern trends have coincided to make the smart card a vital link in the security of patients at National Health Service hospitals. The first is staff turnover; in the 1990s, workers are more apt to move from oneplace of employment to another. And doctors-in-training at National Health Service hospitals frequently move from one department to another and one facility to another, due to the hospitals' partnership with Imperial College. The second, all-too-familiar trend is the increase in criminal behavior in places once thought impervious. In recent years, high-profile hospital cases such as deliberate homicide, baby-snatching and unnecessary exposure of patients have headlined daily newscasts.

The increase in crime means a tightening of ID verification at the hospitals, yet the movement of medical professionals puts undue strain on the verification process. The problem, says Stuart Miller, National Health Service Trust medical director, occupational health, was the accessibility of data. Doctors often reported to an assignment in a new area without proper documentation. Inquiries to the central records department, which keeps records on paper, caused delays that often led to cancellations of scheduled care. In one instance, an operating schedule had to be canceled, says Miller.

One solution considered was a national network of computers, but officials decided it would be too expensive and unsecure, according to Miller. National Health Service Trust eventually decided on the smart card as the answer and turned to NBS Technologies, a global company based in Toronto that manufactures plastic cards, smart cards and card personalization systems.

Each smart card employs about 10 percent of the capacity of a 1,024-byte chip - the microprocessor that puts the "smart" in smart card. The chip stores the card bearer's vital records, including areas of authorized access, and freedom from certain infections and immunity to others.

Doctors reporting to work in new areas present their smart cards, which bear the authorized user's photo. The person in charge then inserts the card into a smart card reader that is hooked into a desktop PC. The reader makes contact with the chip and one computer "talks" to another through the Windows-based software program. The PC will query the smart card, obtaining the information necessary to determine that the individual is cleared for access.

"The key point is that it operates at many different sites," notes Philip Barton, NBS business development manager. And, he points out, incorporating the doctors' records into their ID cards, which they are required to carry, ensures that they will always have their vital statistics with them.

The smart card record system began about a year ago, and the first to have their records stored on the chip are now moving on to other departments and are getting the benefits of automatic access into new departments, according to Barton. Eventually, all staff members will have a smart card photo ID.

Closed-campus applications are ideal for smart cards, says Barton. As at National Health Service Trust, the chip can store records, or, as at many college campuses in Europe and North America, the chip stores a monetary value for cashless vending. In each case, the chip works only in the limited environment, communicating only with the proprietary campus system.

As for traditional security applications such as electronic access control, smart cards are at the "early adopter" stage, according to Stuart Evans, chief executive of Cotag International (see "Smart cards are coming; are you ready?", page 36).

John Hill, a security consultant with Gage, Babcock and Associates, Washington, D.C., says smart cards are cost-prohibitive when compared with alternatives such as proximity and Wiegand. However, smart cards are well suited for access control to high-security areas. Barton says eventually the smart card may be used to provide high-security access control to areas such as operating rooms and drug supply cabinets at National Health Service hospitals.

Want to use this article? Click here for options!
© 2008 Penton Media Inc.

This month in Access Control

• Opening Up About Door Closers
• An Enterprise Approach
• The Framework For Open Systems
• On A Higher Plane
• More from April's issue