Study: 1 in 2 Hospitals Use 2-Factor Authentification for Patient Info Security

The percentage of hospitals with two-factor authorization capability for ePHI security is up from just 32 percent in 2010.

A new report shows that about half of the hospitals in the country used two-factor authentication to protect electronic Protected Health Information in 2014.

The study examined trends from 2010 to 2014 in hospitals’ ability to use two-factor authentication to prevent unauthorized access to such information, also known as ePHI. The research was done by the Office of the National Coordinator for Health Information Technology.

Check out the slideshow of graphs included in the study!

Two-factor authentication is one way to comply with HIPAA’s requirement that hospitals ensure the people accessing ePHI have authorization. Two-factor authentication includes requiring users to answer security questions or enter a randomly generated number sent to their personal mobile device before gaining access to ePHI.

The percentage of hospitals with two-factor authorization capability is up from just 32 percent in 2010.

RELATED: OCR to Begin Audits in 2016

The study also shows that the size and type of hospitals impacts whether or not they have the capability to use two-factor authentication. Sixty three percent of large hospitals had two-factor authentication capability but only 40 percent of small rural hospitals were two-factor capable. Hospitals labeled as “critical access” by CMS were even less likely to use two-factor authentication, with only 35 percent of them saying they had that capability.

It’s important to note that two-factor identification is just one way to maintain ePHI security. Hospitals can uphold PHI security and comply with HIPAA without two-factor authentication and, in fact, most do.

Check out the slideshow of graphs included in the study!

Get Our Newsletters
Campus Safety Conference Ed Spaces Registration Open Promo Campus Safety HQ