Protect patient privacy with two-factor authentication

Protect patient privacy with two-factor authentication


One of the easiest and simplest things you can do to protect patient privacy is to add two-factor authentication (2FA) to your account logins. Our friends at CERT NZ explain that 2FA “verifies you are who you say you are, by asking for a second piece of information (often a code) as well as a password.”   

Patients all around New Zealand put their trust in health professionals and the health system every day. This is an important reminder that the Health Information Privacy Code includes a rule for health agencies to “ensure that there are reasonable safeguards in place to prevent loss, misuse or disclosure of health information.” 

The harsh reality is that cyber-attacks are becoming more frequent and anyone can be a target. Imagine the damage that could be done if a hacker accessed your system and read confidential patient information. Not only could the hacker have access to the patient’s home address, phone number or email address, they could also read deeply personal and private details about the patient’s health situation. 

CERT NZ makes a strong case for enabling two-factor authentication because it:  

  • Strengthens login security  
  • Meets customer security expectations  
  • Reduces the risk of identity theft  
  • Can protect risky access methods, like remote access. 

So even if someone figured out your password, they still couldn’t get access to your account – and confidential patient information – unless they also had access to your authenticator code (which is usually accessed on your mobile device). 

It’s worth taking a few minutes to enable 2FA on your apps and accounts. You’ll usually find the option to turn it on in the privacy settings of the app or account, but your IT support team can also help if you’re not sure. 

Read related guide: Why you need to enable MFA for your Microsoft 365 account