Privacy & Security

Two-factor authentication on the rise, small hospitals fall short, ONC says

Only half of small urban hospitals have two-factor authentication capability
By Jessica Davis
December 03, 2015
10:29 AM

Fewer than half of U.S. hospitals support an infrastructure capable of two-factor authentication, The Office of the National Coordinator for Health IT reported in November, while 35 percent of critical access hospitals and 40 percent of small rural hospitals report the lowest levels of capability.

Two-factor authentication requires users to give at least one other form of identification beyond username and password to get access to electronically protected information, such as a PIN and fingerprint or voice recognition.

The process is a low-cost, effective way to meet HIPAA standards, but not enough hospitals have implemented it into their cybersecurity plans, the ONC said.

[Also: Reinforcing security shields]

"As electronic health information becomes more widely available, proper security measures must be implemented to ensure the information is only accessible to those with the rights to access it," the report said.

The report stresses that hospital support for two-factor authentication has increased by 53 percent since 2010. Meanwhile, cybersecurity experts assert reported levels of adoption are still drastically low, given the steady rise in healthcare data breaches and the increase in hackers targeting the healthcare industry.

Only half of small urban hospitals have two-factor authentication capability, while 59 percent of medium and 63 percent of large institutions were capable. And reporting of two-factor authentication is much higher in these larger provider systems.

[Also: Message to vendors: think security]

"HIPAA offers two-factor authentication as a possible method to provide security to electronically protected health information," the report states. It "requires covered entities to verify that a person seeking access to electronic protected health information has authorization."

Some states are above the bar on establishing two-factor authentication. Ohio raked at the top with 93 percent adoption, while Vermont, with 83 percent, and Delaware, with 81 percent, followed closely behind.

On the other hand, Montana, with 19 percent, North Dakota, with 23 percent, and Maine, with 26 percent, saw the lowest percentages in terms of implementing a two-factor authentication system.

Topics: 
Electronic Health Records (EHR, EMR), Network Infrastructure, Privacy & Security, Workforce, Workflow

More regional news

Ravi Teja Karri of Froedtert ThedaCare Health on AI

Using AI and ML in predictive analytics for bed demand forecasting

By
Bill Siwicki
December 17, 2024
Abstract image of AI brain and technology

ASTP updates HHS AI Use Case Inventory for 2024

By
Mike Miliard
December 17, 2024
Female doctor on laptop smiles at patient in foreground who is taking notes

Report shows overwhelming doctor support for virtual care

By
Andrea Fox
December 17, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Ravi Teja Karri of Froedtert ThedaCare Health on AI
Using AI and ML in predictive analytics for bed demand forecasting

Most Read

Sunway Medical to test surgical robots and more robotics briefs
Encryption experts say providers should look to PETs for safer analytics
My Health Record sharing law eyed and more briefs
Epic asks court to throw out 'baseless' Particle Health lawsuit
CHAI: Look for healthcare AI model 'nutrition labels' soon
New DiMe platform validates digital health software

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

Cindy Henry at ZeOmega_Five star review slider Photo by Lemon_tm/iStock/Getty Images Plus
Medicare Advantage star ratings' 'new normal'
Rami Karjian at LeanTaaS_Team of surgeons Photo by Hispanolistic/E+/Getty Images
Addressing OR disruption with predictive analytics
Lee Kim at HIMSS_Healthcare Cybersecurity Forum 2024
Governance remains a significant cybersecurity weak point
Cliff Steinhauer at the National Cybersecurity Alliance_Laptop with American flag and binary code Photo by Smederevac/iStock/Getty Images Plus
Cybersecurity fortitude expected to persist in 2025

More Stories

Lee Kim at HIMSS_Healthcare Cybersecurity Forum 2024
Governance remains a significant cybersecurity weak point
Michael Meucci of Arcadia on AI
AI is shifting from novelty to a critical resource, embedded in healthcare
Nursing executives huddle with staff and discuss data on a tablet.
Roundup: New tools aim to give clinicians what they need with AI
Healthcare worker with tablet looking at data displays
Create a center of excellence to maximize the ROI of AI investments
Cliff Steinhauer at the National Cybersecurity Alliance_Laptop with American flag and binary code Photo by Smederevac/iStock/Getty Images Plus
Cybersecurity fortitude expected to persist in 2025
Adam Greene at Davis Wright Tremaine_Healthcare Cybersecurity Forum 2024
When it comes to M&A cybersecurity risks, caveat emptor
Map of U.S. shows health information data exchange points in blue fiber optic light
Sequoia Project identifies priority interoperability use cases
Robert Crowe at Matchwell_Medical staff in OR photo by Aja Koska/iStock/Getty Images Plus
Flexibility a key goal for and more clinicians