EHR Access Security
What are EHRs? EHRs are real-time, patient-centered records systems that make information available to authorized users that need to access, update and maintain them frequently for patient care - but making sure only authorized users are allowed access is part of the health IT security battle.
Only 16 percent of healthcare organizations are using one-time passwords with two-factor authentication, according to Healthcare Information Security Today’s survey, 2013 Outlook: Survey Offers Update on Safeguarding Patient Information (PDF). The report quoted Mark Combs, CISO survey participant from WVU Healthcare:
Designing for App Security with Two-Factor Authentication
Securing EHR applications with a two-factor authentication method that doesn’t impact provider workflows can strengthen access security. Using a two-factor method tied to a mobile app on your smartphone provides an easy way to authenticate using a device you already have, while push notifications give you fast access with just one tap to gain access.
And under federal regulations permitting the e-prescription of controlled substances, the regulations require the use of two-factor authentication, according to HealthIT.gov. Health app developers should pay attention to security requirements of the industry to provide marketable apps and modules that will actually work for their clients.
Integrating two-factor with existing applications or platforms is easy with Duo’s APIs for Developers. Focusing on building access controls into health IT applications with two-factor authentication can help prevent healthcare data breaches.