Two factor vs Two Step Authentications


By Aris Medical Solutions

HIPAA Username and Password

Sometimes these terms are interchanged which is is not exactly correct. Let us explain the difference!

Two factor authentication is typically a username AND a password. This can also be explained as who you are and something you know.

Two step is using two different types of authentication like a username and password PLUS a one time code that is text to your phone. Some providers permit the use of a fingerprint to authorize the second step.

The use of a security word is also used as a second step type of authentication so you need to be very careful about posting any type of personal information on social media. Aris suggests when the security question asks for your mother’s maiden name, make up a name! Just don’t forget what name you used!

No matter what type of the second step authentication that is offered, it is best to select whatever is offered because although a username and password is the most common type of authentication, it is also easily compromised.

People who work within the Health Care sector are heavily targeted since the type of data they access is very valuable on the dark web. Anyone who works with patient information or for a company that provides services to a medical facility can be targeted. Again, special care must be taken to ensure that patient information is not compromised.

First step in protecting patient data is conducting a HIPAA Security Risk Analysis. Know where your data is and understand how to protect it. Secondly, make sure you have a full set of Privacy and Security Policies and Procedures. Members of your staff need to know how important protecting patient data is and understand what they need to do to accomplish this.

For more information on how Aris Medical Solutions can help your organization with HIPAA Compliance and Protecting your Data call 877.659.2467 or click here to contact us.

“Protecting Organizations through Partnership, Education, and Support”

About Suze Shaffer

Suze Shaffer is the owner and president of Aris Medical Solutions. She specializes in HIPAA compliance, risk management, and cyber security. She believes that by educating her clients in understanding why and what needs to be done to protect their practice they have a better outcome.

Suze has been instrumental in helping clients nationwide with risk management, implementing privacy and security rule policies and procedures, and ultimately protecting patient data. She includes state and federal regulatory requirements to ensure clients are protected in all areas.

She has spoken at numerous conferences and functions. She continues to educate organizations how to minimize the risks of data breaches. HIPAA compliance is not an option, it is mandatory for every organization that comes in contact with protected health information to have reasonable and appropriate security measures in place. Unfortunately, most organizations don’t realize they are not compliant until they suffer a data breach or they are faced with an audit or investigation.

Did you know that the Office for Civil Rights (OCR) is the agency that investigates data breaches? Have you seen the heavy fines that have been imposed for non-compliance?

All 50 states now have their own set of privacy laws and the State's Attorney General may also investigate privacy violations!

Share This HIPAA Blog

MIPS, MACRA, and Risk Assessments

December 16, 2017

Healthcare Cyber Attacks went up almost 90% in 2017

February 15, 2018
©2022 Aris Medical Solutions – HIPAA Risk Management | HIPAA Compliance Consultants | All Rights Reserved | Terms and Conditions | Privacy Policy
The content and images on this website is owned by Aris Medical Solutions and their owners. Do not copy any content or images without our consent.
Powered by Bandwise LLC