Badge Authentication Can Reduce your Need for Passwords
Under HIPAA, auditable and reportable authentication for each portal of access to your network is a rigid requirement. This means not only do you need passwords for your Practice Management and Imaging software, but you also need authentication just to log in to your PC. Not only do you need to be authenticated when you are actively using the PC, but you must also take steps to ensure the PC will lock when there is no one present for some amount of time.
Under a Domain environment, you can set your employees up with unique usernames and passwords for the PCs on your network – having a Domain in place is a great way to stay compliant. But, for large practices with multiple operatories, it can cause a small headache when staff is moving around from one operatory to another. If your staff is the move constantly and your practice is medium-to-large, the time needed to log out and in to each of your PCs can grow considerably, especially within the security of a domain environment. Unfortunately, the larger the practice, the more of a headache this procedure can cause.
Badge Authentication is a system where your employees carry a security token which communicates with a USB device attached to the individual computers. This system provides a proximity-based authentication for your PCs which comply with HIPAA – each user and device has audit trails of their activity on the computer, and in-depth reportability of activity over time. Many hospitals have already adopted badge authentication as a best practice, and the price-point is currently being reduced making it a more affordable solution for medium-to-large dental practices as well. The largest benefit to badge authentication is that your employees will no longer need to type in a complex password each time they access a different PC on the network.
At dmi Networking, we have partnered with AuthAir. Their system can be customized as to how far away a user has to be from the PC to authenticate, and how long they need to be away until the system logs off. AuthAir can either communicate with your domain server to populate its list of users, or your users can be entered manually. Once the users are logged and have their own badge, their system provides monitoring and reporting of where each user has been, how long they have been there, and provides HIPAA complaint audit trail reporting to meet regulatory requirement needs.
Perhaps the most efficient feature of AuthAir, is that a single shared desktop can be used by all of the individual users. For example, when your hygienist leaves the operatories, the next authorized user that walks into the room can begin right where he or she left off – instead of logging in to a new desktop, and reloading all of the software that is needed for the patient in the room, you have a more seamless solution that doesn’t lengthen the patient’s appointment.
For more information about how AuthAir’s badge authentication system works, and how it can make your HIPAA compliant logins easier and more efficient, then contact us at dmi Networking.