Remove a Two-factor Authentication Credential

System Administrator Help

Two-Factor Authentication Credentials for ePCS

According to the Drug Enforcement Administration (DEA) regulations, providers who want to send Electronic Prescriptions of Controlled Substances (ePCS) must be identity-proofed by appropriate persons within a practice. As a step in this process, the NextGen Healthcare administrator must associate a two-factor authentication (TFA) credential with the provider’s NextGen Healthcare user ID and activate that credential. The credential works only with NextGen® Enterprise applications. You can activate a provider's token to enable TFA. The token can be either an issued VIP or IndenTrust hard token or a software token that was downloaded onto a smartphone. Because at least one ePCS registrar must have TFA to grant user ePCS prescriber rights, non-ePCS prescribers can also have TFA tokens activated. The user must be present for the activation. Although users can have multiple credentials, only one is necessary. Note: If you do not set up a credential for a provider, the provider can send the p

System Administrator Help

Set Up the ePCS Authentication Method

You can set up the Electronic Prescriptions of Controlled Substances (ePCS) authentication method to apply to an enterprise. Note: You can set the user preference for ePCS authentication method to be different from the universal preference. In the System Administrator application, from the View menu, select Universal Preferences. The NextGen Preferences window opens. Select ePrescribing, and then double-click EPCS Authentication Method. The EPCS Authentication Method window opens. Do one of the following: For Symantec VIP, leave the default value that is VIP For IdenTrust Mobile Authentication Service, enter IdenTrustMAS. For Imprivata Confirm ID for EPCS, enter ImprivataConfirmID. Ensure that you entered the correct method name. Select OK. Parent topic: ePCS Setup

NextGen® Enterprise EHR Help

Remove a Two-factor Authentication Credential

You can remove a credential if a token or registered device can no longer be used, for example if a provider leaves the practice, a token or device is broken or replaced. Removing a credential for IdenTrust or Imprivata removes the IdenTrust or Imprivata mapping from the NextGen Healthcare provider account. Removing a credential for Symantec VIP disassociates the token from the provider. Select a provider, and then on the General tab, select ePCS. The ePCS Authentication and Authorization Setup window displays the Credentials tab. In the Two-Factor Credentialing section, do one of the following: For IdenTrust or Imprivata, select Remove. For Symantec VIP, select a token from the Symantec VIP Tokens list, and then do the following: Select Remove. In the Select Credential window, select the token serial number you want to remove. Select Select. Parent topic: Two-Factor Authentication Credentials for ePCS

NextGen® Enterprise EHR Help

Add Two-factor Authentication Credentials for Symantec VIP

Select a provider, and then on the General tab, select ePCS. The ePCS Authentication and Authorization Setup window displays the Credentials tab. If the provider has active credentials, those credentials appear under Symantec VIP Tokens. Under Token Actions, select Add. The User Login window opens. The provider enters NextGen Healthcare login credentials and then selects Login. The Activate Credential window opens. In the Security Key Serial Number field, the provider enters the serial number from the token. In the Security Code #1 field, the provider enters the security code from the token. In the Security Code #2 field, the provider enters the next sequential security code from the token. Select Activate before the second security code changes. A confirmation message appears. Select OK. The credentials appear on the Registrar and Credentials tabs. Close the ePCS Authentication and Authorization Setup window. Actions for Symantec VIP ePCS Authentication Method Parent topic: Two-Factor

System Administrator Help

Add Two-factor Authentication Credentials for Symantec VIP

Select a provider, and then on the General tab, select ePCS. The ePCS Authentication and Authorization Setup window displays the Credentials tab. If the provider has active credentials, those credentials appear under Symantec VIP Tokens. Under Token Actions, select Add. The User Login window opens. The provider enters NextGen Healthcare login credentials and then selects Login. The Activate Credential window opens. In the Security Key Serial Number field, the provider enters the serial number from the token. In the Security Code #1 field, the provider enters the security code from the token. In the Security Code #2 field, the provider enters the next sequential security code from the token. Select Activate before the second security code changes. A confirmation message appears. Select OK. The credentials appear on the Registrar and Credentials tabs. Close the ePCS Authentication and Authorization Setup window. Actions for Symantec VIP ePCS Authentication Method Parent topic: Two-Factor

NextGen® Enterprise EHR Help

Grant ePCS Prescriber Access

Select a provider, and then on the General tab, select ePCS. The ePCS Authentication and Authorization Setup window opens. Select the Access tab. In the ePCS Prescriber Authentication section, select Authenticate next to the Registrar A (Pwd-Only) field. The User Login window opens. The first registrar enters NextGen Healthcare login credentials and then selects Login. The Registrar A (Pwd-Only) field displays the NextGen Healthcare username of the first registrar. Select Authenticate next to the Registrar B (TFA) field. The provider enters NextGen Healthcare login credentials and then selects Login. The provider completes the two-factor authentication (TFA) process based on the ePCS authentication method set up for the provider. For Symantec VIP, the Enter Password window opens, and the provider enters the number from token and then selects Login. For IdenTrust MAS, the IdenTrustMAS Authentication window displays the provider’s username in the IdenTrustMAS Username field and prompts t

Remove a Two-factor Authentication Credential

Recommendations

Two-Factor Authentication Credentials for ePCS

Set Up the ePCS Authentication Method

Remove a Two-factor Authentication Credential

Add Two-factor Authentication Credentials for Symantec VIP

Add Two-factor Authentication Credentials for Symantec VIP

Grant ePCS Prescriber Access

Two-Factor Authentication Credentials for ePCS

Set Up the ePCS Authentication Method

Remove a Two-factor Authentication Credential

Add Two-factor Authentication Credentials for Symantec VIP

Add Two-factor Authentication Credentials for Symantec VIP

Grant ePCS Prescriber Access