There should be a last login time stamp available as a quick and easy extra security measure for providers to ensure that their account has not been accessed without authorization. Not a robust security measure but adds a bit more peace of mind about data security.