Skip to main content
Send Us Your Form, and  We’ll Convert It Into an Online Form  For Free.
phone icon(210) 809-6809
phone iconLog In

Security

Overview

The Security section in your profile settings lets you control authentication and session behavior for your HIPAAtizer account.

We strongly recommend enabling the options below to reduce the risk of unauthorized access.

Multi-Factor Authentication (MFA)

Multi-Factor Authentication adds an extra layer of security by requiring a one-time code from an authenticator app each time you sign in.

Supported authenticator apps

You can use any standard TOTP-compatible authenticator, including:

  • Google Authenticator
  • Duo Mobile
  • Authy

These apps can be installed on a mobile device or desktop.

How MFA works

When MFA is enabled:

  • You enter your email and password as usual
  • You are then prompted to enter a time-based code generated by your authenticator app
  • Login is completed only after the code is verified

Enable MFA

  1. Open your HIPAAtizer dashboard.
  2. Navigate to: My Profile → Profile Settings → Security
  3. Enable Assign MFA device.
  4. For MFA Device, select Authenticator App.
  5. A QR code will be displayed.
  6. Scan the QR code using your authenticator app.
  7. Enter the verification code generated by the app.
  8. Click Confirm Code.

Once confirmed, MFA will be required for all future logins.

Auto-logout after inactivity

Auto-logout protects your account by ending your session after a period of inactivity.

Administrator setting

The Auto-logout after inactivity setting is available only to account administrators and applies to all users in the account.

This is especially useful when:

  • Accessing HIPAAtizer from shared or clinical workstations
  • Working in environments where sessions may be left unattended

Enable auto-logout

  1. Go to: My Profile → Profile Settings → Security
  2. Enable Auto-logout after inactivity.
  3. Select an inactivity timeout from the list:
    • Minimum: 15 minutes
    • Maximum: 8 hours

If no activity is detected during the selected interval, you will be automatically logged out and required to sign in again.

Recommendations

For improved account security, we recommend:

  • Enabling MFA for all users
  • Using a shorter inactivity timeout on shared or clinical devices
  • Logging out manually when finished, even if auto-logout is enabled
ON THIS PAGE