What is the NaviNet password expiration policy?

Health Plans: 

  • Security Officers

Workflow: 

  • Manage My Profile

NaviNet requires users to change their passwords periodically in accordance with HIPAA security standards.

The following is a brief summary of the NaviNet password lifetime. It is does not attempt to present the NaviNet password policy in its entirety, nor is it a comprehensive listing of all NaviNet user statuses.

Status Meaning
No Initial Login A temporary password is generated at random when a new user is created in NaviNet or when a user's password is reset. Users have 60 days to log in and select a permanent password.
Active After creating a permanent password, users are in an Active status for a period of 120 days. Users can change their password at any time during this period, by clicking Manage My Profile on the Welcome menu, and then clicking My Security. For a two-week period before the Active period ends, users will receive a notice upon logging in to NaviNet reminding them that their password is about to expire.
Expired Users have a 90-day grace period after their permanent password expires, in which they can reset their password by clicking Forgot Your Password? on the NaviNet login page.
Disabled If users do not select a permanent password within 60 days after receiving their temporary password, or if they do not reset their permanent password within 90 days after it expires, they will not be able to log in to NaviNet. Users having a status of Disabled must contact their NaviNet Security Officer to have their password reset.

For more information about managing passwords and user statuses, see Managing Users.

Rate this topic: 

Average: 5 (1 vote)