Single Sign On

When it comes to managing patient data, following HIPAA guidelines is an absolute must. ReviewMate takes HIPAA requirements very seriously and is designed with the security of patient data in mind.

Multi-factor authentication is a modern security strategy whereby users must verify their identity in multiple ways before gaining access to a particular system. There are various ways to achieve this, depending on the level of security required. Often, alongside having a username and password, a user might be required to receive an OTP (One-Time Password)  via a text to a phone number they’ve previously established or through an email.

Alongside password and email authentication, ReviewMate also uses the Google Duo service to verify user fidelity further. Google Duo is a video chatting service designed by Google and is available on every app store for mobile devices. It can authenticate users on a per-device policy. Google Duo integration is optional and may be disabled with each user’s settings.

In place of multi-factor authentication, we offer integration with your institution’s SAML/SSO, AD, and LDAP authentication systems.

SAML (Security Assertion Markup Language) / SSO (Single-Sign-On) are authentication protocols that allow users to access resources. SAML is a standard that activates SSO for browser-based applications (like ReviewMate!), allowing users to log in to multiple applications with one account.

How does this work? After configuration with your institution’s SAML, when you go to the ReviewMate login page, you will be redirected to your SSO login page. Upon logging in to SSO, SAML will generate a response to ReviewMate and log you in.

This authentication process ensures security by exchanging user information between the identity (your institution) and the service provider (ReviewMate).