ePCS Reports

NextGen® Enterprise EHR Help

ePCS Setup

The Drug Enforcement Administration (DEA) allows DEA registrants to write Electronic Prescriptions of Controlled Substances (ePCS). To control who can send these electronic prescriptions, the System Administrator application meets the DEA regulations that determine how applications and practices are to restrict eRx access rights. These measures rely on identity-proofing to prevent fraud. To comply with the DEA regulations, NextGen Healthcare providers can use any of the following ePCS authentication methods: Symantec™ VIP Token IdenTrust Mobile Authentication Service Imprivata Confirm ID™ for EPCS Note: You can prevent a specific medication (controlled substance) from being electronically prescribed by selecting the Do not allow eRX option from the Medication Tasks master file in File Maintenance. The ePCS setup process involves the following procedures in the System Administrator application: Set up the ePCS authentication method. Authorize ePCS registrar access. ePCS registrars give

NextGen® Enterprise EHR Help

DEA Provider Requirements

To send Electronic Prescriptions of Controlled Substances (ePCS), a provider must meet the following Drug Enforcement Administration (DEA) requirements: The provider's relationship with user is set up as self. The provider's retail service level is set up for ePCS. A valid DEA number is assigned to the provider. If a provider is exempted from the DEA registration, a link to the institutional practitioner’s DEA number must exist. Two-factor authentication credentials are added for the provider. Something you know, for example a password or PIN Something you have, for example a token that generates one-time password or a push notification to registered devices Something you are, for example a biometric test NextGen® Enterprise EHR uses the something you know (user password), something you have (token generating a one-time access password or a push notification to registered devices), and something you are (biometric test) authentications for ePCS. The provider is authenticated by two reg

NextGen® Enterprise EHR Help

ePCS Message Handling Processes

To handle Electronic Prescriptions of Controlled Substances (ePCS) messages, NextGen Healthcare has the following processes in place: NextGen® Enterprise EHR uses RSA to digitally sign the ePCS message and SHA1 algorithm to hash ePCS messages. The application includes a time stamp within five minutes of National Institute of Standards and Technology (NIST) time source. NextGen® Enterprise EHR uses time server provided by Symantec® VIP service, which is Drug Enforcement Administration (DEA) compliant. The application displays the following information to the provider prior to dispensation of the controlled substance: Date of issuance Full name of the patient Medication name Dosage strength of medication Form of medication Quantity of medication Directions for use of medication Number of refills authorized Earliest fill date of the medication Name, address, and DEA number of the provider Attestation statement Indication that each controlled substance is ready for signing NextGen® Enterpr

NextGen® Enterprise EHR Help

ePCS Reports

To transmit electronic prescriptions for controlled substances (ePCS) according to the Drug Enforcement Administration (DEA) mandates, providers and system administrators can run ePCS reports to view and monitor the activities related to these transmissions for security and auditing purposes. The ePCS reports are described below: ePCS Prescriptions Report enables the provider to view and monitor the prescriptions for controlled substances sent electronically for their patients. The provider must ensure that the prescriptions are legitimate, and no suspicious activity has occurred. The recommended viewing of these reports is daily. ePCS Auditable Events Report enables the system administrator to track ePCS actions and events for one or more users to determine if any of these actions indicate signs of improper usage or abuse. The recommended viewing of this report is daily. Examples of auditable events include: Provider does not have ePCS access Provider did not prescribe the medication

NextGen® Enterprise EHR Help

ePCS Setup

The Drug Enforcement Administration (DEA) allows DEA registrants to write Electronic Prescriptions of Controlled Substances (ePCS). To control who can send these electronic prescriptions, the System Administrator application meets the DEA regulations that determine how applications and practices are to restrict eRx access rights. These measures rely on identity-proofing to prevent fraud. To comply with the DEA regulations, NextGen Healthcare providers can use any of the following ePCS authentication methods: Symantec™ VIP Token IdenTrust Mobile Authentication Service Imprivata Confirm ID™ for EPCS Note: You can prevent a specific medication (controlled substance) from being electronically prescribed by selecting the Do not allow eRX option from the Medication Tasks master file in File Maintenance. The ePCS setup process involves the following procedures in the System Administrator application: Set up the ePCS authentication method. Authorize ePCS registrar access. ePCS registrars give

System Administrator Help

ePCS Setup

The Drug Enforcement Administration (DEA) allows DEA registrants to write Electronic Prescriptions of Controlled Substances (ePCS). To control who can send these electronic prescriptions, the System Administrator application meets the DEA regulations that determine how applications and practices are to restrict eRx access rights. These measures rely on identity-proofing to prevent fraud. To comply with the DEA regulations, NextGen Healthcare providers can use any of the following ePCS authentication methods: Symantec™ VIP Token IdenTrust Mobile Authentication Service Imprivata Confirm ID™ for EPCS Note: You can prevent a specific medication (controlled substance) from being electronically prescribed by selecting the Do not allow eRX option from the Medication Tasks master file in File Maintenance. The ePCS setup process involves the following procedures in the System Administrator application: Set up the ePCS authentication method. Authorize ePCS registrar access. ePCS registrars give

ePCS Reports

Recommendations

ePCS Setup

DEA Provider Requirements

ePCS Message Handling Processes

ePCS Reports

ePCS Setup

ePCS Setup

ePCS Reports

ePCS Setup

DEA Provider Requirements

ePCS Message Handling Processes

ePCS Reports

ePCS Setup

ePCS Setup