Turn on MFA for every clinical login
Stolen passwords drive most healthcare breaches. Require multifactor authentication on the EHR, email, and any portal that touches patient data. It is the cheapest control that stops the most damage, and it satisfies your Security Risk Analysis.
