Single Sign On... Single Factor?

Fairfield Medical Center announced its adoption of a single sign on (SSO) solution... but no mention of anything more than management of passwords. While SSO is a great tool, and something that makes a lot of sense for most organizations, it still leaves Fairfield vulnerable if any of those passwords are compromised. HIPAA compliance is probably at the top of their list, so I hope they're considering how to implement multi-factor authentication of some sort, particularly for remote log-on to their systems. Otherwise, anyone can impersonate an authorized doctor or staff member simply by guessing/buying/stealing their password(s). Outfitting each staffer with a physical "key" of some sort ensures that their login is protected, and the integrity of the system can be maintained.