As the need to grant access to Electronic Health Records (EHRs) to both providers and patients continues to grow, the need to have safeguards in place protecting that data from unauthorized access becomes equally important. Two-factor authentication (2FA) provides a higher level of security and is HIPAA compliant. With 2FA implemented, you are requiring double verification of the user's identity to protect network access to a patient's EHRs. PortalGuard's all-in-one solution set for Healthcare focuses on fulfilling your need to meet two-factor HIPAA compliance requirements.
Our PortalGuard software provides easy integration by leveraging your existing LDAP and SQL user store and creating a seamless authentication experience.
PortalGuard works as a shield for a networked environment. A network admin still has the role of setting user access controls within that networked environment (i.e doctor, nurse, receptionist, patient, etc.). PortalGuard can be configured to require Two-factor authentication from the user based on those settings to get through the shield. This 2 Step Authentication works by requesting something you know (their user name and password) with something they have (token, cell phone, etc.) which is leveraged by PortalGuard to generate a One Time Password (OTP) as the second factor.
PortalGuard's all-in-one solution set for Healthcare focuses on fulfilling your need to meet two-factor compliance requirements (i.e HIPAA). With a two-factor authentication in place PortalGuard SAML IdP can also provide a seamless single sign-on experience for your Doctors, Nurses and Administrators.
PortalGuard offers not only the traditional 2FA methods (e.g. SMS, Google Authenticator and token-based) but also a unique PortalGuard approach to 2-step verification with a focus on a high degree of usability. This approach is called PassiveKey. After the user's password is entered a transparent time-based one-time passcode is also transmitted on the user's behalf to verify their identity.
While PortalGuard offers the traditional 2FA methods to generate an OTP (e.g. SMS, Google Authenticator and token-based), we also developed and offer as an option a unique solution to 2-step verification that improves the end user’s experience. PortalGuard’s PassiveKey technology generates a transparent, time-based OTP and transmits it on the user's behalf to verify their identity once they have entered their login credentials. PassiveKey is a web plugin that must be installed on the local device where the user is attempting to login from. Trying to access the protected resource from a device without PassiveKey installed will be denied since it won’t be able to provide the necessary OTP to the PortalGuard server. User login can be deactivated remotely should any threats to the security of that actual device arise.
Under the HIPAA Privacy Rule, only Health Providers and the patients may create, save, access, or share ePHI. Providers are also tasked with the responsibility of ensuring that no unauthorized access takes place. PortalGuard helps protect against threats and prepares for audits by maintaining a continuous log of all authentication activities – both successful and unsuccessful attempts. The logging produces SQL-formatted data, which can then be easily exported and transferred to an auditing and reporting tool such as Crystal Reports.
PortalGuard's all-in-one solution set for Healthcare focuses on fulfilling your need for an easy to navigate network. The security requirements of HIPAA can create workflow issues that affect productivity by requiring a new login with two-factor authentication with each of your linked health applications on a network. With Single Sign-On (SSO), PortalGuard can streamline the entire process with a SAML IdP solution by securely providing seamless transitions between apps within your healthcare network.
Support for manual 2FA with 8 different OTP delivery methods via browser and can be paired with web-based SSO PassiveKey for a simplified transparent browser-based 2FA Support for Windows Desktop 2FA Self-service Password Reset secured by 2FA (challenge answers plus an OTP before allowing a password reset to occur) Enable 2FA for Citrix and VPN access Self-Service Password Reset.
PortalGuard offers Self-Service Password Reset (SSPR) for your healthcare or patient portal. This will reduce help desk calls for non-technical support issues and is accomplished by following one of the sets of steps as outlined below.
It is easy to integrate into your current EHR System Eases EHR adoption for your staff Provides a Turn-key solution with it’s out-of-the-box deployment Simplifies identity management PortalGuard is HIPAA-compliant and allows Health Providers to ease the transition on their staff, promoting EHR adoption. The Health Provider can then set their sights on Meaningful Use Attestation and utilize The Center for Medicare and Medicaid Services’ (CMS’) EHR incentive program.