Require password change every certain number of days
Prompt users and clients to change their passwords after a certain number of days to minimize security risks.
-
Amanda Boniello commented
Require staff to change passwords every 90-days to ensure a higher level of confidentiality and security - especially with the rising popularity of Telehealth services.
-
Ann Marie McHenry commented
To keep up with HIPAA standards of privacy and security, it's recommended that we use "strong" passwords for any systems that touch PHI. Can we please make this a requirement for our users to create "strong" passwords? Thank you.
-
Brandon Cole commented
Theranest should support require users to change their passwords every 180 days and prevent the "re-use" of old passwords up to the last 10 passwords used.
-
Tiffany Derrick commented
I agree. Isn't it a HIPAA requirement that the password is changed?
-
Brandon Cole commented
I agree. Also password complexity rules and password age need to be taken into account. There is way too much data here available for exfil with simple login and password.
Two-Factor should also be a recommended option.
-
Jeffrey Goodman commented
It would be good to require password changes every 30-45 days, due to all the information (client data, e.g. SSN, DOB, credit card info, etc.) held within TheraNest