Why hospitals need a dose of online identity verification