I just think they should be able to opt out. Its up to the patient what their security posture is. If they don’t want it, they shouldnt be forced to have it. Just have them sign away their rights to sue the hospital or something along those lines.
I’m open to hearing an argument why it should be forced to use MFA even if the patient doesnt want it. I know at least one hospital my company works with that has it optional for patients who want it.
I think most people are just unaware of the risk that is involved. Healthcare information is some of the most sensitive data on a person and should be protected at all cost.
Some older people in particular have as much of a self-preservation instinct on the internet as toddlers in real life. If protecting them takes away a tiny bit of agency from them then so be it because they cannot be trusted with such decisions. I believe any reasonable person would use MFA because trading off a tiny bit of convenience for a significant amount of security is always worth it.
I just think they should be able to opt out. Its up to the patient what their security posture is. If they don’t want it, they shouldnt be forced to have it. Just have them sign away their rights to sue the hospital or something along those lines.
I’m open to hearing an argument why it should be forced to use MFA even if the patient doesnt want it. I know at least one hospital my company works with that has it optional for patients who want it.
I think most people are just unaware of the risk that is involved. Healthcare information is some of the most sensitive data on a person and should be protected at all cost.
Some older people in particular have as much of a self-preservation instinct on the internet as toddlers in real life. If protecting them takes away a tiny bit of agency from them then so be it because they cannot be trusted with such decisions. I believe any reasonable person would use MFA because trading off a tiny bit of convenience for a significant amount of security is always worth it.
Most of these patients have already received emails from multiple healthcare organizations that their data was breached though.
The way medical data is stolen isnt through individual accounts usually unless you are famous or a politician.