HIPAA TIP: The Importance of Multi-Factor Authentication

Multi-Factor Authentication (MFA) is an account login process that requires multiple methods of authentication to verify a user’s identity. MFA combines two or more independent credentials: what the user knows, such as a password, what the user has, such as a security token sent to a cell phone or email account, and what the user is, such as a biometric verification (fingerprint, retinal scan).

The goal of MFA is to create a layered defense that makes it more difficult for a threat actor or unauthorized person to access computers, networks or databases.

Implementing MFA creates challenges for cyber criminals attempting to gain access to information systems such as remote access technology, email, and billing systems, even if passwords are compromised through phishing attacks or other means. The more protected your data is, the more likely thieves will choose someone else as their target.

Healthcare organizations’ data is more desirable to perpetrators than that of any other industry; take the extra security measure and enable MFA whenever possible.

Do not use the excuse “it’s too much effort to sign into my device/system”. Just imagine if you had to go through a breach, along with a Corrective Action Plan (CAP) with HHS/OCR.

HIPAA compliance isn’t a one-time checklist. It’s ongoing, programmatic in nature, and requires demonstrated reasonable diligence to stay in good standing with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). Anatomy IT can provide you peace of mind with our expert HIPAA compliance services. To learn more, contact us here.