Skip to main content

The HIPAA Security rules go into effect April 2005. Best practices will dictate strong authentication for remote users.

HIPAA Compliance and Strong Authentication

As the HIPAA Security Rule goes into effect, healthcare companies are coalescing around strong authentication as a best practice for remote access users. It is increasingly clear that passwords won't cut it for a number of reasons. WiKID provides benefits beyond just two-factor authentication for remote users, however.

Here are the HIPAA rule sections WiKID's Strong Authentication can help address:

164.308(b)(1)Business Associate Contracts and Other Arrangements Required If protected health information is shared with a business associate, assurances must be made that the information will be safe guarded. Only WiKID can provide cost-effective two-factor authentication to non-employees. WiKID's software approach means you don't have to ship a key fob to a contract radiologist, for example. Our token client supports all the major operating systems, wired and wireless. Moreover, we can manage sophisticated cross-enterprise automated credentialling.
164.312(d) - Person or Entity Authentication Required Best practices are strong passwords for internal access and two factor authentication for remote access. WiFi and other types of wireless access should be considered remote access, even if they are inside the facility. Only WiKID includes a LAN password reset tool coupled with strong authentication. Going to strong authentication for internal users will have a big impact on your helpdesk calls. With WiKID's wireless strong authentication tokens, you can reset an Active Directory password.
164.312 (a)(1)(i) - Unique User Identification Required Each user needs a Unique Identifier. Most entities probably already have this covered (though credential sharing can be an issue. WiKID is unique in that we can support multiple token clients for a single username, each with a unique WiKID identifier. Thus a user might have a WiKID token running on a PC and one on their Palm Treo - two separately identifiable tokens, one unique Username.
164.308(a)(3)(B) - Access Management Addressable Policies and procedures for access management must be in place WiKID's domain-based system helps organize access by roles, making sure that users have access only to those network assets that are appropriate

WiKID can take the pain and hassle out of two-factor authentication. Only WiKID can completely automate the initial validation and credentialling process. Further, WiKID can reduce your password-reset costs and is perfectly suited to non-employee strong authentication.

For more information, please contact us!


Copyright © WiKID Systems, Inc. 2022 | Two-factor Authentication