Add Another Layer of Security to Thwart the Bad Guys Two-Factor Authentication

| June 18, 2020

client directed, outcome informed, international centre for clinical excellence, measuring outcomesAs if we didn’t have enough to contend with these days, cyber experts are reporting that the bad players…hackers, purveyors of viruses, e.g. as ransomware, and so forth…have upped their game. Whether it is state-sponsored theft of personal information or individual attempts to wreak havoc, the core motivation is the same…to cause harm. Regardless of the reasons behind this increased activity, it is necessary to do what we have always had to do to increase security where we can.

Just as it is impossible to completely protect your home from thieves and scoundrels, it is an equal challenge to keep electronic thieves out of your computer. The best that you can do is to decrease the cost of any break-in attempts, as well as increase the chance of detection.

As MyOutcomes customers already know, we engage in security strategies at levels much higher than most companies of comparable or even larger size. We expend the money and energy because we believe that protecting your clients’ data is one of our core responsibilities.

That is why we have recently added an additional security feature: Two-Factor Authentication. 


Two-Factor Authentication adds an extra layer of security

It requires you to register the device and browser that you are using. This registration uses a system-generated security code that is sent via a text message to the phone number associated with your account. Once you enter the code, your device will be registered. You shouldn’t need to re-register unless some major upgrade of your operating system or browser occurs.

For MyOutcomes Standalone Mobile, this feature will be turned on for all such accounts. Registration will be required during your first login attempt after Two-Factor has been turned on.

For MyOutcomes Pro accounts, this security function is optional. Turning it on requires logging in at the owner level and clicking the Options link. On the page that opens, check the box next to Enable Two Factor Authentication.

To require your staff to use the Two-Factor Authentication when logging in, you will need to enter a phone number for their account. For existing staff accounts, you can use the update function for administrators, supervisors and providers. If you are creating a new user account, you can enter a phone number at that time.

When the staff member logs into their account on a device that has been registered, they should be able to log in as usual. If the staff member has yet to register their device or browser, they will be requested to do so at the time of login. As already mentioned, they will receive a text message containing a security code that they will need to enter in order to register their device.

Both the web app and the mobile app will each need to be registered separately.

If you are using a telehealth model with your MyOutcomes Pro account, you have the option of providing your clients with Two-Factor Authentication as well. To do so, log in as the owner and click the Options link at the top of the console. On the page that opens, check the box next to Demographics. If you have existing clients that you wish to provide Two-Factor to, navigate to their Update Client page. Enter their phone number on the page that opens. Likewise, when creating a new client account, you will be able to enter their phone number at that time.

When they log in with the system-generated user ID and password that you have supplied them, they will need to enter a security code sent them via text message in order to register. As with your staff, your clients’ registrations will be device and software specific.

As I mentioned, we at MyOutcomes take security and privacy seriously. We work diligently to comply with HIPAA, PIPEDA and GDPR regulations. We invest heavily in security protocols because security is the first line of defence in protecting yours and your clients’ privacy.

If you have any questions or comments on any of this functionality, please don’t hesitate to contact us.


Category: HIPAA compliant, New Features, Outcomes Software, Privacy & Security, Uncategorized, Web based outcome management system

Comments are closed.