Healthcare organisations have long been a target for cyber criminals as a rich source of valuable data and beacuse their defences are weak. Vulnerabilities span dynamic complexity with multiple connected end-points, interconnected systems and the increasing digitisation of patient data in a time-pressurised environment where treating patients is the primary concern.

To overcome the many challenges, PANACEA is developing a multi-faceted toolkit covering dynamic risk assessment, secure information sharing, security by design support and compliance and an identity managament platform (human-to-machine and machine-to-machine), alongside a risk governance model, a cyber training and education package and secure behaviour nudging tool. 

At the EAB RPC 2020 virtual conferenorganised by the European Association for Biometrics and Joint Research Centre (DG JRC), partners from IDEMIA and FORTH presentated Biometrics in the PANACEA Project highlighting the human-to-machine aspects of the Identity Management Platform and best practices for biometrics in healthcare. Insights came from Claude Bauzou,  Aghiles Adjaz (IDEMIA) and Emmanouil Spanakis (FORTH). 

In PANACEA, H2M focuses on access control within a hospital and for hospital staff, computers and medical devices, which will be validated in diverse end-user settings: 

  • Access to work stations used in a very busy Laboratory, at the Gemelli Hospital (Italy).
  • Access to Medical Device used in a clinical ward by many nurses, at the Gemelli Hospital. 
  • Access to an application used to share data between staff located in different Hospitals, such as Local Diagnostic Centers and General Practitioners, in the 7th Heath Region of Crete and between staff located in Gemelli Hospital (Italy) and in South South West Hospital Group (Ireland). 

The IMP-H2M solution is designed to:

  • Resolve credential sharing issues in hospitals.
  • Guarantee two authentication factors (what I have, e.g. smart phone and who I am, biometry).
  • Ensure a frictionless and user-friendly experience through biometry and BLE.
  • Manage authentication through a decentralised biometric database, where users have full control over their biometry (GDPR compliant).
  • Ensure usability  also for facial recognition of people wearing masks.


PANACEA Best Practices: Contributions to standardisation (IDEMIA and FORTH), playing a key role in re-animating standardisation work in ISO SC 37 TR 21419 "Information technology - cross jurisdictional and societal aspects of biometric technologies - use of biometrics for identity management in healthcare". PANACEA contributions span the following prioritised actions:

  • “Universal” Identity management of healthcare related personnel
  • Access to medical records must be shared AND protected
  • Safe home care / telecare emergency care
  • Easy checking of patient identity
  • Identity theft to access medical treatment
  • Ensure medical staff’s identity and qualification at the point of care
  • Correlation of medical files for research purpose


The downloadable presentation also includes a short video on the IDEMIA IMP-H2M solution.