Password security for electronic protected health information is a fundamental part of any HIPAA compliance program, but there is no one right way. HIPAA allows a great deal of choice in how to secure data with passwords, but one must choose carefully to ensure the information is protected from both casual snooping and sophisticated hacking.
HIPAA REGULATORY ALERT
HIPAA Allows Choice in Password Security, But Use Caution
March 1, 2018