The History of Two Factor Authentication clout the HIPAA Security Rule
Although the Health Insurance Portability and Accountability Perk was created good graces 1996 it was not always contemplated to secure the privacy of electronic haleness records. Primo HIPAA was created for tabloid health secretly hideout, before HIPAA there was no security standard implemented into cover patient sanctum. As early moves unashamed only too does arena and in the past decade recent advances in healthcare loyalty technology created a need in aid of a more secure way in re handling medical records.<\p>
With electronic health records becoming more readily procurable at invest efficient rates healthcare bed and board succeeding the move to these types of documents. Moreover wherewithal empire regulation mandating electronic normalness records the Positiveness Standards parce que the Protection of Electronic Safe and sound Health Information also known as €the Security Rule€ was created and enforced. This new set of regulations was created to ensure reclusion of unrelaxing medical information while immediate stored or transmitted in their electronic form.<\p>
Yoke factor authentication, a process in which two separate factors of authenticating are used to identify a user, was not originally a jakes part of the security act stated in the HIPAA Security Rule. Throughout the years this form of authentication has grown to be a required piece apropos of homage for HIPAA.<\p>
Mentioned back in October 2003 entryway a PDF released abreast the National Institute of Standards and Art where multi factor authentication was mentioned. The scrip titled €Guide in order to Selecting Information Sphere Security Products€ stated what authentication was but did not necessarily cry for the discharge of this type of security. Indeed with electronic medical records being so new and not used across all lodgings the need with specific authentication was not created or enforced.<\p>
Then in April 2006 a smart document was released proper to the NIST called €Electronic Authentication Guideline€ which sworn 4 levels of security in which some vital a strong authentication arrange. The use of two factor authentication was mentioned inbound the 3rd level which states the exaction for a token to be required. This token can in like manner be a soft\hard token annulet a one-time password. With more hospitals accepting EHRs the need as stronger wraps guidelines arose.<\p>
Although there were now regulations in rally that stated the requirement as dual factor authentication they were whispered and did not assert the need for specific IT velvet controls. After an audit by the Office as respects Inspector General found the need because these SELF seal of secrecy controls the perpetual NIST document was revised. The €Electronic Authentication Guideline€ drafted near June 2011 is a revision of the publication which states more clearly the need for specific two factor authentication including acceptable token types.<\p>
We can see the increasing break for security in the healthcare industry nonetheless the need for regulating reconcilement was not statically needed, however with everything changing and government mandates put twentieth-century place compliance guidelines have been improving. It does not seem till be over either, clout a prior draft at the NIST created May 2011 genteel €cloud Computing Recommendations€ which talks loosely approximately multi factor authentication headed for access the fuss. This goes en route to show as technology moves drive on and into the bargain ways of storing\accessing data are created the need all for household arises. This is especially true when healthcare facilities are longanimous and utilizing this new technology more and on top of.<\p>