Skip to main content


Kareo Help Center

Set Security Policy

Updated: 11/19/2022
Views: 1912

The Security Policy section lets you to set various password and login rules that apply to all users in your practice. These settings are important for proper compliance with the patient privacy regulations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Kareo automatically applies a basic set of defaults that meet the needs of most companies, however, System Administrators can change settings to fit the needs of the practice:

Access Security Policy

  1. Hover over the User icon and click on Practice Settings. The Practice Settings page opens.
  2. Click Kareo. Additional setting options expands.
  3. Click Security Policy. The Security Policy page opens.

Set Security Policy

  1. Minimum password length: Select 8–15 from the drop-down menu to set the minimum number of characters required for a password.
  2. Character Requirements: Click to select one or more to specify which character classes are required for passwords.
  3. Password expiration: Select 30, 60, 90, or 120 from the drop-down menu to specify the number of days a password will be valid. Upon expiration, a user will be prompted to set a new password.
  4. Password reuse: Choose 5, 10, or 15 from the drop-down menu to set the number of unique passwords that must be created before a password can be reused.
  5. Login attempts: Select 3, 4, 5, or 6 from the drop-down menu to set the amount of times a user can fail to log in before they are prompted to reset their password.
  6. Click Save when finished.
  • Was this article helpful?