The existing security paradigm just doesn't work in a multi-user world.
Hospitals are the perfect example of an area where computer systems as they are now completely fail. The problem isn't one that will be solved by having biometrics or key fobs (tokens) available because those ignore the issue.
The issue is that there is a large number of mobile workers (nurses, doctors, etc) that are moving around from room to room who need access to information immediately. Logging in and out of that rooms computer systems simple isn't feasible.
So, how do you fix it? You start by getting rid of logins. Having someone log out and log back into Windows or even the application that's running on the computer is dumb. A much better approach is to just RFID tag all the people in the hospital (doctors, nurses, patients, visitors) and have detectors in each of the rooms.
Change the applications so they don't require logins. Instead just record who was present in the room at the time anything happened. A medical record needs pulled up? System verifies that a medical professional is in a room and records who is there (including visitors) quietly, in the background. Someone needs that monitoring machine turned on? Is a medical pro in the room? yes, then do it and log who was present.
How do you give everyone an RFID tag? well, they already have badges. Even visitors should have a visitors badge.... If a doctor doesn't have their badge then they aren't on duty. Multiple RFID sensors in a given room would easily tell you exactly which room they are in.
That is quiet, unobtrusive and would absolutely go along with their workflow. They also wouldn't try to game the system.