Here's a very good article concerning the various types of strong identity management, multifactor and two-factor authentication solutions that are necessary for healthcare system and process identity enforcement - recently written by John D. Halamka MD, a self-described Healthcare CIO. Strong Identity Management In this article, Dr. Halamka states that he's had a wide range of experience with many of these token-based and tokenless two-factor authentication methods, including security tokens, smart cards, biometrics, certificates, soft tokens, and cell phone-based approaches. His summarized findings include: Security Tokens - many challenges and prohibitive expenses. Smart cards - a good consideration, though requires installation of many readers. Biometrics - great results, but still requires major technology upgrade for existing PC/LAN infrastructure (this is especially challenging in government and healthcare institutions with extremely diverse and aged personal computer...