For the first time at HIMSS that I recall, EHR vendors, healthcare institutions and patient portal providers, visited our booth with genuine concerns and needs to secure access to their patient portals. Knowing who is accessing PHI, be that the patient or a proxy, is critical and using multi-factor authentication is a genuine need..