Article Detail - Portal Guide

Did you know that the Noridian Medicare Portal has security protocols it is required to follow per Federal Regulations? The following security protocols will ensure the security and integrity of data.

• Inactivity of 30 minutes or more will automatically time user out
• Always sign out when finished, user will have to wait 3 hours before logging back in
• Accounts disable after 60 days of inactivity, user will need to contact user security to get back into account Contact and Support - Portal Guide - Noridian (noridianmedicare.com)
• Accounts are deleted after 90 days of inactivity, after that the user will need to register for a new account Registration Guide - Portal Guide - Noridian (noridianmedicare.com)
• NMP passwords need to be changed every 60 days

Each portal user is responsible for their individual account registration, passwords, activity, and security awareness training. Portal users must complete Security Awareness training upon their login and annually based on their registration date. Training must be completed within the 45 day window in order to continue use of portal. If not completed the user’s account will be disabled and will need to contact NMP Support to unlock it. Contact and Support - Portal Guide - Noridian (noridianmedicare.com)

The Multi-Factor Authentication (MFA) is a second layer of security to the NMP. Using the MFA helps prevent anyone other than the user from logging in. When users log into NMP, the username and password and the one-time MFA passcode is also required for all portal users. The user can choose email, text, or voice for the one-time passcode delivery. Multi-Factor Authentication (MFA) - Portal Guide - Noridian (noridianmedicare.com)

Resources: Medicare Administrative Contractor (MAC) Provider Portal Handbook (cms.gov)