CRM & Client Engagement
Front Office Operations
Clinical Documentation
Clinical Care Tools
Workforce Management
Operations & Productivity
Revenue Cycle Management
Outcomes & Integrations
Reporting & Analytics
AI & Automation
Community & Outpatient
Residential & Inpatient
About Us
CareersMulti-Factor Authentication Use Cases
170.315(d)(13) MULTI-FACTOR AUTHENTICATION
Supported Use Cases for Multi-Factor Authentication (MFA)
EHRYourWay supports multi-factor authentication (MFA) in alignment with the Office of the National Coordinator for Health IT’s (ONC) certification criterion at 45 CFR 170.315(d)(13) for the following workflows:
User Login
- Login to the EHRYourWay platform
- Login from new or unrecognized devices
Users can enable MFA for every login or configure device-based MFA that triggers authentication when accessing the system from a new device.
System Administration
- Changes to system-level settings and configurations
Administrative actions that affect system-wide settings require MFA to prevent unauthorized modifications.
Electronic Prescribing of Controlled Substances (EPCS)
- Prescribing of Schedule II–V controlled substances
Independent of login MFA settings, providers must complete MFA verification when electronically prescribing controlled substances, in compliance with DEA requirements under 21 CFR Part 1311.
Implementation Options
EHRYourWay supports MFA through built-in functionality using mobile app-based and SMS-based verification methods. Organizations can also enforce MFA through their own identity provider using SAML-based single sign-on (SSO), allowing integration with existing enterprise authentication systems.