In March, the HEALTHeCOMMUNITY Portal will be upgraded to a new version that includes significant changes.  While the upgrade is intended to provide a more user-friendly and efficient workflow for logging into applications such as HEALTHeLINK, HEALTHeNET, and Secure Messaging (Mirth Mail), there are also some policy and security driven changes that are taking place.

  1. We are transitioning to a completely self-service password change process. This change will allow any user to change their password without the assistance of the Help Desk or their Authorized Contact(AC).  Functionally, the self-service password reset process will work like this:
    1. User will click “forgot password” on log in screen
    2. User will two factor authenticate (TFA) via Duo (also used for access to HEALTHeLINK, Secure Messaging and the Patient Alert Manager)
    3. If a user is not set up with Duo for TFA, the portal will look to reset the password with a link via a confirmed e-mail address.
    4. If the user does not have a confirmed e-mail, then they will need to contact an Authorized Contact or the Help Desk to initiate the e-mail confirmation process. A provided e-mail must be unique to the user.
  2. Users who have not logged into an application for 180 days will have access to that application removed. This will also occur as we migrate to the new portal.
  3. We will tighten the document requirements for manual identity verification being performed by an AC.  This is needed to better align with SHIN-NY and HITRUST requirements. The specific requirements are listed here.
  4. The account request process has been enhanced to allow an AC to request multiple application accounts for the same user simultaneously.
  5. HEALTHeOUTCOMES access request will now be available for those practices using this population health platform.
  6. Enhancements for Authorized Contacts of multiple practices.
  7. Additional data points will be captured in the AC Activity Log.
  8. Other changes:
    1. Slashes and dashes are now automatically added in applicable fields (e.g., DOB).
    2. Date of last access becomes more apparent on user lists.