Skip to content
  • There are no suggestions because the search field is empty.

Security & Two-Factor Authentication (2FA)

An extra layer of security to protect your patient portal access

Portal Security & Two-Factor Authentication

Keeping your patient portal account secure is important for protecting your health information. This page explains how to use features like Two-Factor Authentication (2FA), PIN login, and security notifications to keep your account safe.

 

Two-Factor Authentication (2FA)

Two-Factor Authentication adds an extra layer of protection to your portal account. Even if someone knows your password, they cannot access your account without the security code sent to your email.

How to set it up

  • Go to login.vensa.com
  • Log in with your email address and password.
  • Head to SETTINGS > SECURITY > ONE TIME PASSWORD

Once enabled, every time you log in, a newly generated security code will be sent to your email address. You must enter this code to complete sign-in. If you do not receive the code, check your spam or junk folder and make sure the email address entered when loggin in is correct.

Is 2FA mandatory?

In some cases, your medical centre may choose to enforce 2FA as mandatory for accounts with full online access. If this applies to your practice, you will need to use 2FA to continue accessing online services and your health information in the portal.

How to check 2FA settings

To review your 2FA status, navigate to SETTINGS > SECURITY > ONE TIME PASSWORD. From here you can enable or disable this feature if your practice allows it. Please note that if your medical centre enforces 2FA for all verified portal users, you may not be able to change these settings.

 

2 Step Sign-In (PIN)

You can add an extra layer of security by setting up a PIN. This works alongside your email and password when logging in.

You can choose either a 4 digit or 6 digit PIN. If this feature is turned on, you will need to enter your PIN every time you log in to your account. If you do not want this extra level of security, you can switch the toggle off at any time under SETTINGS > SECURITY > PIN CODE

 

Failed Attempts & Account Suspension

If you have entered your password incorrectly 5 times, your account will be temporarily suspended.

You can also turn on a failed attempt notification if you would like to receive a security alert when someone has correctly entered the password, but enters an incorrect PIN five times.

You can also enable the 'Suspend Account' option. If a PIN is entered incorrectly ten times, your account will be suspended for your safety.

 

Portal Security FAQ

Where is my clinical health record kept?
Your clinical health record remains stored and governed within your medical practice’s clinical system. This system is the record of truth for all your medical information.

Does the patient portal store my full medical record?
No. Vensa, the patient portal used by your practice, does not replace the clinical system or operate as a centralised medical record. Vensa provides a secure way for you to access services, communicate with your practice, and manage requests such as bookings or prescriptions, without changing how your clinical record is held or governed.
Depending on your privacy settings, some categories of information may be accessed in real time from the practice system, and some information may be stored to support portal features. You remain in control of these settings and can update them at any time.

What information does the portal use? Do I have control over what information is available to me?
Vensa is designed using data-minimisation principles. It only processes — and where enabled by your practice and your own privacy settings, stores — the minimum information required to deliver portal services. Your privacy settings allow you to enable or disable access to different categories of information, and these settings can be changed at any time.

What privacy and security obligations apply?
Vensa operates under New Zealand’s Privacy Act 2020 and the Health Information Privacy Code, and applies safeguards appropriate for healthcare environments to protect patient information.
Security is treated as an ongoing operational responsibility, supporting the confidentiality, integrity, and availability of information used in delivering services.

Who can I contact if I have questions?
If you have any questions, please don’t hesitate to contact patients@vensa.com or your practice team.

 

To read more about data privacy, click here.