Email Address: You will use you email address to login to your account. The email address is not case-sensitive.
Password: The password is case-sensitive, so if you used capital letters when creating the password then you must enter the same. As part of the security of the site you will be required to change your password every 120 days.
We are continuously striving to provide a secure environment for your use of our software. As part of this ongoing commitment, we’re excited to announce the newly implemented additional security measure- Multifactor Authentications (MFA)
What is Multi-Factor Authentication?
Multifactor Authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify a user’s identity. In simpler terms, it acts as a second layer of security to ensure that even if someone knows your password, they won't be able to access your account.
How does it work?
When you sign in to your account, after inputting your password, you will be prompted to verify your identity through a second method. This second method will be through an authenticator app. Examples of popular phone authenticator apps are DUO Mobile, Twilio Authy Authenticator and Microsoft Authenticator. For desktop MFA applications, KeePassXC can be utilized.
How do I enable multifactor authentication?
What authenticator apps can I use?
Any authenticator apps that support time-based one time passwords (TOTP) will work. Some popular
authenticator apps are listed below.
Example Authenticator Apps (Mobile)
Example Authenticator Apps (Desktop)
Can we skip Multifactor Authentication?
No, all users of the portal will need to utilize an MFA. MedInform has put in place MFA for the security of the requesters, our portal, and the clients. Multiple entities have updated to require MFA authorization and have requested MedInform to follow the same protocols and security. We understand that some requesters only utilize personal cellphones or office desk phones, therefore we have the additional option to download an MFA application to your computer. Please work with your company’s IT department to find the best solution for you.
What if I do not want to download a Multifactor Authentication app to my cell phone?
If you are unable to utilize a cell phone for MFA, desktop application options are available. When you sign in, there are examples of both mobile apps and desktop apps with associated set up instructions. Please work with your company’s IT department to find the best solution. Your company IT administrator may be the individual to assist/review/add the application to your desktop due to security permissions.
What if I need to reset my Multifactor Authentication?
Once signed into Itemizedstatements.com, you will be prompted to enter a verification code. On this same page, there is also a link to reset your Multifactor Authentication method. Click the option: Lost MFA Device. You will then be asked to submit your security question response that you chose upon initial account set up. Once answered, click continue. You will be directed to sign in once again, and a new QR code will appear for your use.
Can we utilize just one user for our whole company/staff?
All requestors must have their own sign-on. If you are not authorized, you will not be able to access our system to make requests for billing records. Additionally, the web application is HIPAA/HITECH compliant and will not allow anyone who is not authorized to make a request, nor can you see each other's requests, even if you are in the same firm. If you are a paralegal or legal assistant and make requests for an attorney or several attorneys, then you should sign up as the requestor to view the progress and receive all the communication for that request. You will not be able to view any submitted requests other than your own.
Please visit https://my.itemizedstatements.com/register to sign up.
I do not wish to have each staff member have access to the credit card information on file for our firm. How can we pay for our requests in this instance?
Many organizations have opted to do the following for payment purposes: You, the bookkeeper/Office Manager, can sign up to be authorized as well, only for the purpose of adding the payment information. You can authorize all members of your group to be able to access this payment option. The individual members in your group will only see the last four digits of the detailed payment method on file, but they will have the ability to choose that option when paying.
Why is my Multifactor Authentication Application not giving a code?
Open the MFA application on your device that you created using the QR code provided on the Itemizedstatements.com portal. Once you open the application on your device, a six-digit code will appear for you to input in the verification section of the Itemizedstatements.com portal log in page.
Why doesn’t the code work?
The MFA on your device may not have synched correctly. To ensure you have the correct time:
On the next screen, the MFA will confirm that the time has been synched. This should enable your code to generate properly.
This can also be resolved by setting your Android or iPhone to automatically update its time. For iPhone: Setting > General, Date and Time>Automatically correct time.
Why doesn’t the QR code scan?
Try restarting your mobile device and begin again. You can also remove the authenticator application and reinstall another MFA. Example: if you originally installed Google Authenticator on your mobile device, uninstall and try installing Duo, Authy or Microsoft Authenticator.
If you do not remember your password you click on the "Forgot Password?" link below the login form. You will be asked to fill in your email address. The email address is not case-sensitive. Once you submit the form an email will be sent to you with a unique one-time use URL to reset your password.
If you do not see the emails from Itemized Statements in your Inbox, the emails may have mistakenly been sent to your spam folder. Please open your spam folder and if you find an email from Itemized Statements open it and mark it as "Not spam". Then continue below to whitelist the domain or email to ensure it will be delivered.
Note: To ensure that the password reset email and other email notifications reach your inbox please whitelist the following email addresses:
You can find specific whitelist instructions for different common email providers below. If your email provider is not below, please contact your email administrator to have them whitelist the emails.