HIPAA Compliance and Strong Authentication
As the HIPAA Security Rule goes into effect, healthcare companies are coalescing around strong authentication as a best practice for remote access users. It is increasingly clear that passwords won't cut it for a number of reasons. WiKID provides benefits beyond just two-factor authentication for remote users, however.
Here are the HIPAA rule sections WiKID's Strong Authentication can help address:
|164.308(b)(1)Business Associate Contracts and Other Arrangements||Required||If protected health information is shared with a business associate, assurances must be made that the information will be safe guarded.||Only WiKID can provide cost-effective two-factor authentication to non-employees. WiKID's software approach means you don't have to ship a key fob to a contract radiologist, for example. Our token client supports all the major operating systems, wired and wireless. Moreover, we can manage sophisticated cross-enterprise automated credentialling.|
|164.312(d) - Person or Entity Authentication||Required||Best practices are strong passwords for internal access and two factor authentication for remote access. WiFi and other types of wireless access should be considered remote access, even if they are inside the facility.||Only WiKID includes a LAN password reset tool coupled with strong authentication. Going to strong authentication for internal users will have a big impact on your helpdesk calls. With WiKID's wireless strong authentication tokens, you can reset an Active Directory password.|
|164.312 (a)(1)(i) - Unique User Identification||Required||Each user needs a Unique Identifier.||Most entities probably already have this covered (though credential sharing can be an issue. WiKID is unique in that we can support multiple token clients for a single username, each with a unique WiKID identifier. Thus a user might have a WiKID token running on a PC and one on their Palm Treo - two separately identifiable tokens, one unique Username.|
|164.308(a)(3)(B) - Access Management||Addressable||Policies and procedures for access management must be in place||WiKID's domain-based system helps organize access by roles, making sure that users have access only to those network assets that are appropriate|
WiKID can take the pain and hassle out of two-factor authentication. Only WiKID can completely automate the initial validation and credentialling process. Further, WiKID can reduce your password-reset costs and is perfectly suited to non-employee strong authentication.
For more information, please contact us!