Physician Practice

ONC releases brief on two-factor authentication

Physician Practice Insider, December 15, 2015

The adoption of two-factor authentication to access health records receives a boost from ONC. The agency’s recent brief, “State and National Trends for Two-Factor Authentication for Non-Federal Acute Care Hospitals,” says that two-factor authentication offers a strong method to protect PHI. The brief breaks the use of two-factor authentication down by size and type of facility and region. In 2014, 49% of non-federal acute care hospitals had the capability for two-factor authentication, according to the brief. This has increased by 11% per year since 2010, when 32% of surveyed acute care hospitals said their IT department had the infrastructure for two-factor authentication in place.

However, these numbers are lower for small and rural hospitals. Only 35% of critical access hospitals reported that they could support these systems, and 40% of small rural hospitals. This is in contrast to the 63% of large urban hospitals with the capability for two-factor authentication. These numbers also showed significant variance based on region, from a low of 19% in Montana to a high of 93% in Ohio. Twenty states reported that roughly half their hospitals could support two-factor authentication.

The Drug Enforcement Administration added two-factor authentication to the Electronic Prescription for Controlled Substances interim final rule in 2010. ONC’s brief references HHS’ report on the use of two-factor authentication to reduce the abuse of opiods.

This article was originally published in HIM-HIPAA Insider.

Most Popular