To enhance account security, users will now be automatically logged out after a prolonged period of inactivity. This update empowers agencies to enforce security on their users while customising session management based on their compliance requirements or security policies.
What’s new?
Default Timeout for HIPAA-Compliant Agencies: Agencies adhering to HIPAA standards will have the session timeout value automatically set to 1 day to align with strict security requirements.
Flexible Options for Non-HIPAA-Compliant Agencies: Agencies not bound by HIPAA regulations can now select “Never” as a session timeout value, offering greater flexibility based on their operational needs. Default is set to “Never”.
This configuration is available under Agency Settings > Company page.
Why It Matters
Ensures Compliance: Ensures HIPAA-compliant agencies adhere to mandatory security practices.
Flexibile security options: Gives flexibility to Non-HIPAA-compliant agencies to customize session timeout settings to suit their security policies.