Multi-Factor Authentication

Multi-Factor Authentication

Multi-factor Authentication (MFA), is the process of using multiple forms of authentication to verify an individual’s identity during the logon sequence. MFA ensures only authorized users can access confidential information.

Multi-Factor Authentication is a means of protecting the systems and Electronic Personal Health Information (ePHI) from unauthorized access. Requiring users to verify their identity through multiple forms of authentication adds an additional layer of protection.  HIPAA Technical Safeguard section §164.312 requires an assigned, unique name and/or number for identifying and tracking a user’s identity.

IntelliData uses unique usernames and complex passwords, along with MFA to allow only authorized access to secure data stored within the system.

What makes the MFA system effective is that the MFA random code is not known or stored anywhere. The random code is generated on the fly and only exists long enough to type into the password field. The MFA random code becomes “useless”.

The best way to protect the data is to ensure that the minimum access is granted over an encrypted connection. Protecting sensitive data such as PHI or PCI data, requires careful planning to ensure the data is protected from any data breaches.

To ensure maximum security, the network is designed to minimize public access. Only absolutely necessary ports are opened to the public. Public ports such as HTTP are then protected by firewall and network traffic monitoring on the HTTP traffic and blocks any suspicious activity.