§170.315(d)(13) Multi-Factor Authentication – Supported Use Cases in Axiom
Multi-Factor Authentication (MFA) in Axiom
The Axiom electronic health record supports multi-factor authentication (MFA) for user login in accordance with 45 CFR §170.315(d)(13).
MFA requires a user to authenticate using two factors:
- A username and password
- A secondary verification factor
Supported MFA Methods
Authenticator Application (TOTP)
Users may configure an authenticator application that generates time-based one-time passcodes (TOTP). The system supports standard authenticator applications that implement the TOTP protocol, including Google Authenticator and Microsoft Authenticator.
SMS One-Time Passcode
If a mobile phone number is associated with the user account, the system can send a one-time passcode via SMS text message to complete authentication.
Email One-Time Passcode
If a mobile phone number is not available, the system can send a one-time passcode to the user’s registered email address.
Authentication Process
Multi-factor authentication is required each time a user logs into the system. After entering a valid username and password, the user must complete the configured secondary verification step before access is granted.