Touch/Face ID and healthcare/HIPAA


This is more of a "putting out feelers" sort of question, but does anyone in healthcare with HIPAA restrictions have any insights on use cases for or against Face ID and Touch ID?

We disable biometrics on iPads and Macs as a blanket measure because it hasn't been vetted by our compliance officers. I'm investigating if other organizations have any similar prohibitions and if not, is there a case to be made for allowing end users to enable it?


Contributor II

I've tapped our Security Manager to see what our stance is, and I'll let you know the response. But I would also be interested to see what other responses there are.

I've disabled it by default, but only because we have haven't given it the time or the resources to find out how it would work in our environment.