Smart Card Technology in Healthcare:

Frequently Asked Questions

A Smart Card Alliance Healthcare Council and Identity Council

Publication

Publication Date: May 2009

Publication Number: HC-09002

Smart Card Alliance

191 Clarksville Rd.
Princeton Junction, NJ 08550
www.smartcardalliance.org
About the Smart Card Alliance

The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the
understanding, adoption, use and widespread application of smart card technology. Through
specific projects such as education programs, market research, advocacy, industry relations and
open forums, the Alliance keeps its members connected to industry leaders and innovative thought.
The Alliance is the single industry voice for smart cards, leading industry discussion on the impact
and value of smart cards in the U.S. and Latin America. For more information please visit
http://www.smartcardalliance.org.

Copyright © 2009 Smart Card Alliance, Inc. All rights reserved. Reproduction or distribution of this
publication in any form is forbidden without prior permission from the Smart Card Alliance. The
Smart Card Alliance has used best efforts to ensure, but cannot guarantee, that the information
described in this report is accurate as of the publication date. The Smart Card Alliance disclaims all
warranties as to the accuracy, completeness or adequacy of information in this report.

Smart Card Alliance © 2009

2
FAQ Table of Contents

1. What is a smart card? ...............................................................................................4

2. How do smart cards work?.......................................................................................4
3. How are smart cards being used? ...........................................................................5
4. Are all smart cards the same? In other words, do smart cards always look
like credit cards, or do they come in different shapes and sizes? .......................5
5. How do I know if I have a smart-card based healthcare ID card?.........................5
6. How does a smart card-based healthcare ID card help me as a patient?............5
7. How does a smart card-based healthcare ID card protect my personal
healthcare information?............................................................................................6
8. How would I use a smart patient healthcare card? ................................................6
9. How can smart card-based technology help hospitals? .......................................7
10. Does a hospital need to have an electronic medical record (EMR) system
in place to benefit from smart card-based patient ID cards?................................8
11. How can smart card technology improve critical / emergency care? ..................9
12. Are smart cards being used in any hospital / healthcare system today?............9
13. How can smart card-based patient ID cards help with HIPAA compliance? .....10
14. Can smart cards help with compliance with the enhanced privacy
standards created under the new American Recovery and Reinvestment
Act (ARRA)?.............................................................................................................11
15. What are the benefits of smart cards versus magnetic stripe-based cards?....11
16. Is contactless smart card technology the same as RFID? ..................................12
17. Do you need a unique patient ID in order to use a smart card-based
healthcare ID card? .................................................................................................12

Smart Card Alliance © 2009

3
Smart Card Technology in Healthcare FAQ
This document was developed to answer questions about how smart cards work and how the
technology is used to manage patient identity and protect a healthcare consumer’s personal
information. Unless specifically noted, the answers are focused on the use and deployment of
smart cards in healthcare applications in the United States. In addition, the questions and answers
apply only to smart card-based patient identity management systems and not to patient identity
systems based on magnetic stripe or other ID card technologies.

1. What is a smart card?

A smart card looks very much like a typical credit card (see
Figure 1), but what makes it “smart” is the small microprocessor
chip embedded in the card. The chip is a powerful
minicomputer that can be programmed in different ways. Smart
cards allow data and applications to be securely stored and
accessed on the chip and enable secure data exchange. Smart
card technology provides high levels of security and privacy
protection, making it ideal for handling sensitive information such
as identity and personal health information.

2. How do smart cards work?

A typical smart card has a plastic card body, with a chip
embedded in the plastic and a contact plate (usually gold plated)
on the surface of the card. (See Figure 2.) Figure 1: Smart health cards
To work, a contact smart card must be inserted into a smart card reader that directly touches the
conductive contact plate on the surface of the card. Transmission of commands, data, and card
status takes place over these physical contact points.
RF-enabled smart cards are also available that allow the smart card to communicate with a reader
through a "contactless" RF interface. To work, these contactless smart cards are held in close
proximity to a reader and then transmit commands and data without any contact.
Both contact and contactless smart cards support the same high levels of security that are needed
for protecting sensitive information and enabling secure transactions.

Figure 2: Illustration of contact smart card technology (courtesy of Gemalto)

Smart Card Alliance © 2009

4
3. How are smart cards being used?
Smart cards are used in many applications worldwide, including:
• Secure identity applications - employee ID badges for physical access to buildings and secure
computer/network access, citizen ID documents, electronic passports, driver’s licenses, online
authentication devices
• Healthcare applications - citizen health ID cards, physician ID cards, portable medical records
cards
• Payment applications - contact and contactless credit/debit cards, transit payment cards
• Telecommunications applications - GSM Subscriber Identity Modules, pay telephone payment
cards

4. Are all smart cards the same? In other words, do smart cards always
look like credit cards, or do they come in different shapes and sizes?
1
Smart card technology conforms to international standards ISO/IEC 7816 and ISO/IEC 14443,
which makes them interoperable; however, they do not all look alike. Smart cards are available in a
wide variety of form factors (see Figure 3), including plastic cards, key fobs, subscriber identification
modules (SIMs) used in GSM mobile phones, and USB-based tokens.

Figure 3: Smart card form factors

5. How do I know if I have a smart-card based healthcare

ID card?
It is very easy to tell if you have a contact smart card-based healthcare ID card.
Just look for a chip on the card! It should be similar to the chip shown to the
right.

6. How does a smart card-based healthcare ID card help me as a patient?

There are a number of ways that smart card technology can help patients, all stemming from the
ability to authenticate your identity when you seek medical care. This may seem simple, but it’s
actually the cornerstone of quality medical care and good health systems management. Accurate
identification of each person that receives healthcare:
• Decreases medical errors. Optimal medical care requires that a healthcare provider have
access to all relevant medical history and know what medications have been prescribed. This
can be challenging as individuals seek care from more than one healthcare organization and
fill prescriptions at more than one pharmacy chain. A validated patient identity can be linked to
a healthcare organization’s medical records. Using a smart card also allows the storage of

Smart Card Alliance © 2009

5
 patient record numbers across different medical providers in a secure, privacy-sensitive way.
Other personal information such as your prescription history, name, address, insurance
information, allergies, emergency contact information and other key data elements can also be
securely stored on the card.
• Expedites the admissions process. Use of a smart card-based healthcare ID card allows
patients to bypass the usual lines at inpatient admission offices or ambulatory care admissions
stations. Instead, when entering a healthcare facility, registration can be quickly and easily
achieved by inserting your ID card in a reader at a kiosk or station. This instantly gives the
provider your current information and the link to your medical records, delivering increased
convenience, customer service, and accuracy – in record time!
• Reduces medical identity theft and fraud. Medical identity theft and fraud is a growing concern
to healthcare consumers and providers. Using smart card technology enables the addition of
security elements such as a picture, personal identification number (PIN) or biometric (e.g., a
fingerprint) so that a lost or stolen healthcare ID card cannot be used or accessed by anyone
else. The data kept on the card can also be encrypted so that no one can access your data
without your permission.
• Reduces healthcare costs. In addition to streamlining administrative procedures for your
healthcare provider and reducing the resources dedicated to those functions, the ability to link
to and quickly access all of your medical history makes it less likely that your doctor would
need to order duplicate tests or procedures. These significant cost savings start during the
admissions process and continue all the way through the claims management process.
• Expedites claims reimbursement. Providing complete and accurate information during the
registration process and removing issues with language barriers or human error greatly reduce
the incidence of denied or delayed claims.
In short, smart card-based technology can help you as a patient get better quality healthcare,
delivered faster and more cost effectively. And that’s good for everybody.

7. How does a smart card-based healthcare ID card protect my personal

healthcare information?
The embedded chip in a smart card can hold various types of information in electronic form. The
smart card can protect your information with sophisticated encryption algorithms and can allow
access only by authorized readers; other smart cards may provide a key that unlocks a particular
database on a particular computer. Smart card technology also allows the use of multi-factor
authentication, requiring the use of a second security factor such as a personal identification
number (PIN), or a biometric (e.g., a fingerprint) in order to allow access to your personal
healthcare information. All smart cards have the capability to provide strong authentication, digital
signatures, and security through encryption.

8. How would I use a smart patient healthcare card?

There is no single answer to this question. How you use your smart card-based patient healthcare
card would depend on the issuer (e.g., your insurance provider, hospital, or government-sponsored
medical plan) and the applications that the issuer decides to implement. Example uses could
include:
• Using the card to register at a physician's office or hospital, streamlining the registration and
admissions process (See Figure 4.)
• Using the card to securely access your personal health record to check or update information
• Updating the card with new personal, insurance, prescription or medical record information to
allow faster access to treatment and to provide accurate administrative and clinical information
to healthcare providers

Smart Card Alliance © 2009

6
 Figure 4: How smart healthcare ID cards can work at a hospital (courtesy of Gemalto)

9. How can smart card-based technology help hospitals?

Smart card-based technology offers a way to significantly reduce hospital administrative costs while
maintaining or increasing quality of care and customer service. Smart card technology can help
hospitals achieve:
• Better patient identification. Smart cards serve as highly reliable and secure identity tokens.
The cards can securely store various identity credentials (such as a PIN, photo, or biometric)
directly on the card and make it very difficult to forge or steal the credentials on the card. A
smart card can also create a digital signature. A digital signature serves as a guarantee that
information received has not been modified, as if it were protected by a tamper-proof seal that
is broken if the content is altered. Smart cards can present a considerable barrier to medical

Smart Card Alliance © 2009

7
 identity theft and fraud. Real-time verification is a superior method of confirming the identity of
the incoming patient.
• Administrative efficiencies. The time and resources required to admit a patient are critical
measurements of hospital efficiency. Busy waiting rooms, thin staffing levels, language
barriers and manual transcription of important data from handwritten forms create many
opportunities for error. Smart cards cut down the time for admissions by providing ready
access to accurate, up-to-date patient information. Moreover, the standard set of information
provided by the patient can be obtained via an online pre-registration process, which can be
downloaded onto a smart card. Lastly, admissions can be streamlined when patients use
smart cards at unmanned kiosks – taking out the labor element altogether. These efficiency
2,3
gains lower cost , reduce errors and improve the patient experience.
• Better medical records management. Linking a patient to their medical records seems like a
simple process, but human errors often lead to many issues with matching the right patient
and the right records. Using a smart card to match a patient to a specific medical record
ensures a more comprehensive and accurate patient health record. Smart card-based
healthcare IDs can significantly decrease the incidence of and expenses associated with
4
duplicate record creation . This improves administrative functions such as billing and
registration and also provides for better continuity of care.
• Quality of care. A key benefit for smart patient healthcare cards is the potential reduction of
medical errors and duplicative medical testing. More than 195,000 deaths occur in the United
5
States because of medical error, with 10 out of 17 medical error deaths each year due to
“wrong patient errors.” Smart cards help ensure better quality of care by authenticating the
identity of the person receiving medical treatment. The ability to accurately link a patient to an
institution’s medical records potentially reduces the number of adverse events and medical
errors due to lack of patient information.
• Privacy, security and confidentiality. Since smart cards are physically held by patients, and
because information is supplied by providers in an “approved” network with audit capabilities,
smart cards provide privacy and security measures well beyond the HIPAA regulations.
Information on smart cards can be encrypted using robust, standard cryptography methods
that have been proven to be extremely secure and that are used for government and military
security. Thus, a patient’s information is very secure and private.
Smart card technology offers solutions to a number of challenges that healthcare organizations are
looking to address. Smart card technology offers the ability to automate much of the admissions
process, eliminate costly duplicate and overlaid records, and enable the creation of and access to a
comprehensive medical record across a broad spectrum of healthcare providers.
Smart card technology can also buttress internal hospital security systems. Use of smart cards for
employee IDs enable hospital security to limit a hospital employee’s physical access to those
specific buildings and areas within the facilities that are appropriate for their immediate set of
responsibilities, including access to medication cabinets. Smart employee IDs can also be used for
strong authentication to networks and computers.

10. Does a hospital need to have an electronic medical record (EMR)

system in place to benefit from smart card-based patient ID cards?
Not necessarily. Information on smart cards can be read and used to correctly identify patients, as
well as to provide information that a hospital might not have in its database (e.g., a recent
prescription or record of care at another facility). A smart card system can be self-contained and
does not have to be integrated with other health information systems. That stated, greater
efficiencies are gained when data can flow from the card into an electronic medical records system.

Smart Card Alliance © 2009

8
11. How can smart card technology improve critical / emergency care?
Smart cards enable the immediate identification of a patient and access to the patient's medical
record, regardless of whether or not the patient is conscious or too flustered to accurately convey
the entire medical picture, or if language barriers impede effective communication. Overall, patients
can benefit from improved and faster treatment and medical care.
From the hospital’s perspective, smart cards offer additional value, as they enable effective
management and coordination of care from the first responders through the emergency room
department and potential transition to inpatient care. A smart card, accessed by a portable reader,
can provide vital medical data to a first responder at the scene or en route to the hospital.

12. Are smart cards being used in any hospital / healthcare system today?
Yes. Countries throughout Europe and Asia are providing their citizens with smart cards. Some
use smart cards as part of their national healthcare programs. Others have smart card-based
national ID programs. Table 1 lists examples of national smart health card deployments worldwide;
in addition to the countries listed, smart health card programs are also active in other countries,
6
including China, Finland, Jordan, Poland, and Turkey.

Table 1. Examples of National Health Smart Card Deployments Worldwide

Launch
Country Card Type Number of Cards
Year
7
Algeria CNAS 7 million 2007
8
Austria e-card 11 million patient 2005
24,000 professional
9
Australia Medicare Smartcard 40,000 patient 2006
10
Belgium Social system identity 11 million 1998
11
France Sesam Vitale 60 million (combined) 1998
Sesam Vitale-2 2007
12
France Carte DUO Over 200,000 cards (private 2007
insurance card)

13
Germany Gesundheitskarte 80 million 2006
375,000 professional
14
Hungary MOK, Hungarian Chamber 40,000 professional 2006
of Doctors
15
Italy Carta Nazionale dei 3 million (national services 2004
Servizi card)
16
Mexico Seguro Popular health 3.7 million 2006
insurance cards
17
Slovenia Health insurance card 2 million patient 1999
70,000 professional
18
Spain Carte Santé 5.5 million 1995

Smart Card Alliance © 2009

9
 Launch
Country Card Type Number of Cards
Year
19
Taiwan National health insurance 24 million patient 2002
card 150,000 professional

United NHS Connection for 1.2 million n/a

20
Kingdom Health (health professional
cards)

Healthcare organizations in the United States are implementing smart healthcare cards to support a
variety of features and applications. Prominent programs include the following:
• New York’s Mount Sinai Hospital, one of the oldest and largest voluntary teaching hospitals in
the United States, has led the trend towards smart healthcare cards. Mount Sinai has created
a regional network of institutions in the greater New York City area (HealthSmart Network) that
accepts a common smart card-based Personal Health Card (PHC). Elmhurst Hospital (part of
the Health and Hospitals Corporation, New York City’s public hospital system) is one of the
member organizations and a collaborator in the development of the PHC system. The cards
can be read and updated across all institutions in the network.
• Texas-based Lake Pointe Medical Center, one of 55 Tenet hospital locations, and The
Memorial Hospital of North Conway, NH, are deploying smart patient health cards using the
TM TM
SMART Association, Inc., LifeMed Personal Health Smart Card Platform. LifeMed smart
cards are issued to patients to more accurately identify the patients, grant them a more
streamlined admission, and connect and synchronize patient medical information from sources
TM
outside the hospital. Patients with the LifeMed card have the ability to view and contribute to
their overall medical records, giving the provider a more complete medical picture.
In each case, smart cards are used by patients as authenticated identifiers to match the patient to
his or her individual medical record, to store relevant patient information, and to pass admissions
information into the hospital’s admitting software, thereby automating the process.

13. How can smart card-based patient ID cards help with HIPAA
compliance?
Smart card-based patient ID cards offer covered entities under the Health Insurance Portability and
Accountability Act (HIPAA) an effective tool to facilitate compliance with the HIPAA Privacy Rule.
One of the key provisions of the HIPAA Privacy Rule is to assure that an individual’s health
information is properly protected and that individuals can control how their health information is
accessed and used.
The HIPAA Privacy Rule applies to specific covered entities such as health care providers (e.g.,
doctors, dentists, pharmacies, nursing homes), health plans (e.g., HMOs, health insurance
companies, company health plans) and health clearinghouses. Putting smart cards in the hands of
employees of covered entities as well as patients will ensure that health information is accessed
only by those with the appropriate credentials.
Many high profile breaches of protected health information have occurred when employees at
covered entities have accessed medical records that they were not authorized to access. Smart
card credentials could minimize or eliminate such breaches by allowing only authorized personnel
with a smart card credential to access patient medical records.
With the issuance of smart card-based ID cards for patients, personal medical information can be
securely and accurately linked across multiple institutions and care providers. Patients will have
better control of their personal health information, a key privacy principle. And accurate patient

Smart Card Alliance © 2009

10
identification, a critical issue in healthcare today, will ensure the safety and confidentiality of
protected health information.

14. Can smart cards help with compliance with the enhanced privacy
standards created under the new American Recovery and Reinvestment
Act (ARRA)?
Yes. Smart card-based patient ID cards answer a key ARRA policy concern regarding access to
health information. ARRA establishes a Policy Committee to examine methods to facilitate secure
access by an individual to an individual’s protected health information as well as methods,
guidelines and safeguards to facilitate secure access by caregivers, family members or a guardian.
The HIPAA Privacy Rule protects all individually identifiable health information held or transmitted
by a covered entity. ARRA has expanded those protections beyond the HIPAA rule to include
additional entities, such as vendors of personal health records. A major goal of the Privacy Rule is
to define and limit how and when protected health information is used or disclosed by covered
entities. Smart cards can help covered entities and ARRA-stipulated entities comply with both the
HIPAA Privacy Rule and the security and privacy mandates under ARRA.

15. What are the benefits of smart cards versus magnetic stripe-based
cards?
Smart cards have significant benefits versus magnetic stripe (“mag stripe”) cards for healthcare
applications.
First, smart cards are highly secure and are used worldwide in applications where the security and
privacy of information are critical requirements.
• Smart cards embedded with microprocessors can encrypt and securely store information,
protecting the patient’s personal health information.
• Smart cards can allow access to stored information only to authorized readers. For example,
all or portions of the patient’s personal health information can be protected so that only
authorized doctors, hospitals and medical staff can access it. The rules for accessing medical
information can be enforced by the smart card, even when used offline.
• Smart cards support strong authentication for accessing personal health information. Patients
and providers can use smart health ID cards as a second factor when logging in to access
information. In addition, smart cards support personal identification numbers and biometrics
(e.g., a fingerprint) to further protect access.
• Smart cards support digital signatures which can be used to determine that the card was
issued by a valid organization and that the data on the card has not changed since issuance.
• Smart cards use secure chip technology and are designed and manufactured with features
that help to deter counterfeiting and thwart tampering. Smart cards include a variety of built-in
hardware and software capabilities that detect and react to tampering attempts and help
counter possible attacks.
The use of secure smart chip technology, encryption and other cryptography measures makes it
extremely difficult for unauthorized users to access or use information on a smart card or to create
duplicate cards. These capabilities help to protect patients from identity theft, protect healthcare
institutions from medical fraud, and help healthcare providers meet HIPAA privacy and security
requirements.
Second, smart cards provide the flexibility for securely adding information to a patient healthcare
card after issuance. For healthcare applications, this can deliver several benefits.
• Patient prescriptions can be written to the card, providing up-to-date information when a
patient is receiving medical care from multiple providers or in an emergency situation.

Smart Card Alliance © 2009

11
• Multiple patient identification or patient record identification numbers can be written to the
smart card, facilitating record exchange and assisting with coordination of care among multiple
healthcare providers.
• Patient healthcare information can be written to and updated on the card by authorized
healthcare providers, with updated information then available for both the patient and other
healthcare providers (if authorized) to access.
Magnetic stripe cards, by contrast, have minimal security and functionality. Because data is very
easily read from and written to a magnetic stripe card, information can be easily stolen and a
duplicate magnetic stripe card can be created. It is straightforward for a thief to "swipe" a magnetic
stripe card and to collect all of the information from the card; the thief simply needs a magnetic
stripe reader that has the ability to capture the information from the card (which all readers do).
The thief can then either use that information directly or create a duplicate magnetic stripe card.
In addition, magnetic stripe cards store only a limited amount of data and are not updated after
issuance, providing no ability to securely update or store additional healthcare information.
Magnetic stripe cards have had a well-established position in the marketplace for over 30 years.
However, many industries and government organizations are becoming more sensitive to the
limitations of magnetic stripe technology. A case is being made for smart card technology to
replace or augment magnetic stripe technology. Smart card technology has the ability to
incorporate a magnetic stripe on a smart patient healthcare card in order to be able to support
legacy applications.
As the costs for smart cards and smart card readers have dropped dramatically, and as the reader
infrastructure is replaced or upgraded, smart card technology is poised to capture market share in
financial services, personal identification and healthcare markets – where security, privacy and
information portability are crucial.

16. Is contactless smart card technology the same as RFID?

No. There is often confusion in discussions of RF-enabled applications, with contactless smart card
technology often incorrectly categorized as 'RFID.' There is a wide range of RF technologies used
for a variety of applications – each with different operational parameters, frequencies, read ranges
and capabilities to support security and privacy features. For example, the RFID technologies that
are used to track objects in inventory operate over long ranges (e.g., 25 feet) and have minimal
built-in support for security and privacy.
Contactless smart cards, on the other hand, use RF technology, but, by design, operate at a short
range (less than 4 inches) and are highly secure. Contactless smart cards are currently being used
for secure identity applications worldwide.

17. Do you need a unique patient ID in order to use a smart card-based

healthcare ID card?
There are a lot of reasons that have led to active discussion of establishing a unique patient ID for
healthcare services. Without a unique personal identifier, it’s challenging to make sure that all of a
person’s relevant medical record information is kept safely across that individual’s experiences over
time with multiple pharmacies, physician offices, hospitals, urgent care centers and other medical
providers. The task grows more complex as individuals change employers, insurance carriers,
insurance plans within a carrier, or last names as their marital status changes. Some countries
have chosen to address this by issuing national health ID cards, with each citizen having a unique
identifier.
Smart cards can be effective in supporting healthcare applications with or without a unique patient
identifier. Smart cards can serve as a secure way to aggregate multiple identifiers across many
different systems or organizations, linking them all on the smart card.

Smart Card Alliance © 2009

12
References

1
http://www.iso.org/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=35168
2
“In-Hospital Deaths From Medical Errors at 195,000 per Year, Health Grades Study Finds”
Health Grades, July 2004
3
“Stanching Hospitals’ Financial Hemorrhage with Information Technology,” J.Pesce, Health
Management Technology, August 2003
4
A Healthcare CFO’s Guide to Smart Card Technology and Applications,” Smart Card Alliance,
February 2009
5
“Identity Crisis”, Robin Hess, For the Record, January 17, 2005
6
Sources: Gemalto and CardLogix
7
http://www.gemalto.com/press/archives/2006/07-04-2006-algeria.pdf.
8
http://www.bellid.com/index.php/content/view/137/73/,
http://www.scc.rhul.ac.uk/public/smart2_final.pdf.
9
Source: Oberthur Technologies, Medicare Australia
(http://www.medicareaustralia.gov.au/public/update/othercards.jsp)
10
Source: Gemalto
11
Sources: Gemalto (http://www.gemalto.com/brochures/download/france_health.pdf), Oberthur
Technologies (http://www.oberthurcs.com/UserFiles/File/id_vitale2_1108.pdf)
12
Source: Oberthur (http://www.oberthurcs.com/UserFiles/File/id_sintia_0808.pdf)
13
Source: Gemalto
14
Source: Oberthur Technologies
15
Source: Oberthur Technologies
16
http://www.gemalto.com/brochures/download/mexico.pdf.
17
http://www.gemalto.com/brochures/download/slovene_eHealthcare.pdf.
18
Source: Gemalto
19
Giesecke & Devrient GmbH – Health Systems Relying on Smart Cards, Dr. Klaus Vedder
http://portal.etsi.org/docbox/workshop/2006/ETSI_CENETEC_May06/Presentaciones/17%20K.
%20Vedder%20-Giesecke%20&%20Devrient-%20%20Seguridad%20en%20Smartcards.ppt.
20
Sources: Gemalto and CardLogix

Smart Card Alliance © 2009

13
Publication Acknowledgements
This report was developed by the Smart Card Alliance’s Healthcare and Identity Councils to answer
questions about how smart cards work and how the technology is used to manage patient identity
and protect a healthcare consumer’s personal information. Publication of this document by the
Smart Card Alliance does not imply the endorsement of any of the member organizations of the
Alliance.
The Smart Card Alliance wishes to thank the Healthcare and Identity Council members for their
contributions including: Gemalto, ID Technology Partners, LifeMed, Inc., Mount Sinai Medical
Center, Oberthur Technologies, PPG Industries, Inc., SCM Microsystems. Special thanks go to the
following individuals who contributed to the development of this document:
• Pamela Campbell, PPG Industries, Inc. • Gilles Lisimaque, ID Technology Partners
• Kathleen Carroll, HID Global • Michael Magrath, Gemalto
• Paul Contino, Mount Sinai Medical Center • Ola Martins, Oberthur Technologies
• Dale Grogan, LifeMed, Inc. • Cathy Medich, Smart Card Alliance
• Patrick Hearn, Oberthur Technologies • Bob Merkert, SCM Microsystems
• Linnaea Knisely, Smart Card Alliance

The Smart Card Alliance would also like to thank Mount Sinai Medical Center, LifeMed, Inc., and
Gemalto for the Figure 1, 2 and 4 graphics.

About the Sm art Card Alliance Healthcare and Identity Councils

The Smart Card Alliance Healthcare Council brings together payers, providers, and technologists to
promote the adoption of smart cards in U.S. healthcare organizations. The Healthcare Council
provides a forum where all stakeholders can collaborate to educate the market on the how smart
cards can be used and to work on issues inhibiting the industry.
The Identity Council is focused on promoting the need for technologies and usage solutions
regarding human identity information to address the challenges of securing identity information and
reducing identity fraud and to help organizations realize the benefits that secure identity information
delivers. The Council engages a broad set of participants and takes an industry perspective,
bringing careful thought, joint planning, and multiple organization resources to bear on addressing
the challenges of securing identity information for proper use.

Smart Card Alliance © 2009

14