Additional forms of identification beyond user name and password include security question answers or the entrance of randomly generated number sets for staff seeking access through a personal mobile device, according to the data brief. Although the use of two-factor authentication has grown, hospital capability varies significantly by type. Critical access and small rural hospitals report the lowest levels of capability, 35 percent and 40 percent respectively.
“HIPAA offers two-factor authentication as a possible method to provide security to ePHI,” the brief reads. “In addition, two-factor authentication is an essential capability for providers who e-prescribe controlled substances. In 2010, the Drug Enforcement Administration added the requirement of two-factor authentication for electronic prescribing to the interim final rule, Electronic Prescription for Controlled Substances. This rule gives practitioners the option to electronically prescribe prescriptions with several options for obtaining authentication credential. Additionally, the increased use of two-factor authentication by practitioners may help support the Secretary’s initiative to decrease opioid related deaths and morbidity.”
More articles on health IT:
MD Anderson pilot tests breast cancer outcomes using Apple Watch
Health IT in 2015: 10 CIOs on the highs and lows
CMS extends deadline to submit electronic clinical quality measures
