Free Download     |     Customer Login
1.877.No.Token (1.877.668.6536)
Live Chat

Health Insurance Portability and Accountability Act (HIPAA)

Administrative Simplification (AS) provisions of Title II of HIPAA require that national standards for electronic health care transactions be established. The Administration Simplification provisions also address the security and privacy of health data.

The Role of User Authentication in HIPAA Compliance

The Technical Safeguards section requires covered entities to control access to computer systems and to protect communications containing Electronic Protected Health Information (EPHI) transmitted electronically over open networks (i.e. remote access) from being intercepted by anyone other than the intended recipient.

Accessing Electronic Protected Health Information (EPHI)
Covered entities must develop and implement policies and procedures for authorizing EPHI access in accordance with the HIPAA Security Rule at §164.308(a)(4) and the HIPAA Privacy Rule at §164.508. It is important that only those workforce members who have been trained and have proper authorization are granted access to EPHI.

Risks Possible Risk Management Strategies
Log-on/password information is lost or stolen resulting in potential unauthorized or improper access to or inappropriate viewing or modification of EPHI. Implement two-factor authentication for granting remote access to systems that contain EPHI. This process requires factors beyond general usernames and passwords to gain access to systems (e.g., requiring users to answer a security question such as “Favorite Pet’s Name”);

It is generally recognized that strong authentication is required for remote access to systems and networks containing health data. PhoneFactor is easy to for IT departments to deploy, and easy for health care professionals to use. So, it can be quick and cost effective to setup and maintain.

PhoneFactor is trusted by leading healthcare organizations like OhioHealth, MetroHealth, Nationwide Children’s Hospital Research Institute, SUNY Upstate Medical University, and Firelands Regional Medical Center to meet HIPAA and other industry regulatory requirement for two-factor authentication.

 

 

Solutions

   Legal  |  Sitemap  |  Support  |  Contact               

PhoneFactor, Inc provides secure two-factor authentication services to leading companies worldwide. PhoneFactor's multifactor out-of-band authentication software is a cost effective, user friendly alternative to tokens, security fobs, certificates, and other 2 factor authentication methods.
Secure User Authentication including: SSL VPN Authentication | Citrix Authentication | Web Authentication | Terminal Services Authentication | OWA Authentication
Two-Factor Authentication for Regulatory Compliance: Payment Card Industry Data Security Standards(PCI DSS) Compliance | FFIEC Compliance | HIPAA Compliance | NIST 800-63
Compare Phone Authentication to: Security Tokens | SMS Authentication | Biometric Authentication | Soft Tokens | Smart Cards | Certificates