Keeping your account secure is critical, especially when dealing with sensitive data or compliance requirements. To strengthen account protection, customizable automatic logout settings have been introduced, allowing agencies to tailor session management according to their needs.

Here’s everything you need to know about this new feature and how to make the most of it.

Key Features of the Update

1. Default Timeout for HIPAA-Compliant Agencies

• For agencies that need to follow HIPAA compliance, session timeouts are automatically set to one day.

• This ensures strict adherence to high-security standards without requiring additional configuration.

2. Flexible Timeout Options for Non-HIPAA Agencies

• Non-HIPAA-compliant agencies now have the option to set the session timeout value to "Never."

• This allows greater flexibility for agencies that don’t require strict timeouts but still want to customize session settings.

• By default, the session timeout for these agencies is set to "Never."

Where to Find This Setting

You can configure the session timeout by following these simple steps:

1. Navigate to Agency Settings.

2. Go to the Company page.

3. Adjust the session timeout setting according to your compliance requirements or operational needs.

Why This Matters

1. Ensures Compliance

Agencies dealing with sensitive information can rely on this feature to align with strict security standards, particularly HIPAA requirements.

2. Offers Flexibility

Non-HIPAA-compliant agencies benefit from a customizable approach, enabling them to align session timeouts with their specific security policies.

How to Get Started

Implementing these settings is easy:

• Review your agency’s security policies to determine the appropriate session timeout value.

• Update the configuration through the Agency Settings menu.

This small but powerful change can help protect user accounts while ensuring the right balance between security and usability.