Two-Factor Authentication Credentials for ePCS

System Administrator Help

ePCS Registrar Access

ePCS registrars provide the authentication necessary to grant other NextGen Healthcare providers the right to send Electronic Prescriptions of Controlled Substances (ePCS). ePCS registrars can grant ePCS rights across all enterprises. You must set up at least two ePCS registrars before you can grant ePCS prescriber access to a user. The user acting as Registrar B must have a DEA number and must have a relationship of self with the provider. Granting registrar access is logged as part of the ePCS audit trail and is available as a report in NextGen® Enterprise EHR. For information about the ePCS Auditable Events report, go to NextGen Healthcare Success Community and download the latest Reports Guide for NextGen® Enterprise EHR . Grant ePCS Registrar Access You can grant ePCS registrar access to a user. Parent topic: ePCS Setup

System Administrator Help

Remove a Two-factor Authentication Credential

You can remove a credential if a token or registered device can no longer be used, for example if a provider leaves the practice, a token or device is broken or replaced. Removing a credential for IdenTrust or Imprivata removes the IdenTrust or Imprivata mapping from the NextGen Healthcare provider account. Removing a credential for Symantec VIP disassociates the token from the provider. Select a provider, and then on the General tab, select ePCS. The ePCS Authentication and Authorization Setup window displays the Credentials tab. In the Two-Factor Credentialing section, do one of the following: For IdenTrust or Imprivata, select Remove. For Symantec VIP, select a token from the Symantec VIP Tokens list, and then do the following: Select Remove. In the Select Credential window, select the token serial number you want to remove. Select Select. Parent topic: ePCS Setup

System Administrator Help

ePCS Prescriber Access

ePCS prescribers can digitally sign and send Electronic Prescriptions of Controlled Substances (ePCS). Access to the ePCS prescriber role is restricted. Two ePCS registrars are required to grant or remove a provider's ePCS prescriber access, and one of these registrars must use two-factor authentication as part of the process. The ePCS prescriber access authorization process involves steps by both the system administrator and the two ePCS registrars. Granting ePCS prescriber access is logged as part of the ePCS audit trail, which is available as a report in NextGen® Enterprise. For information about the ePCS Auditable Events report, go to NextGen Healthcare Success Community and download the latest Reports Guide for NextGen® Enterprise EHR . Before you can grant ePCS prescriber access to a provider, the following setups must be completed on the General tab for a provider: Assigned provider has retail service level of ePCS. Provider's relationship with the user is set up as self. If the

NextGen® Enterprise EHR Help

Two-Factor Authentication Credentials for ePCS

According to the Drug Enforcement Administration (DEA) regulations, providers who want to send Electronic Prescriptions of Controlled Substances (ePCS) must be identity-proofed by appropriate persons within a practice. As a step in this process, you, as an administrator, must associate a two-factor authentication (TFA) credential with the provider’s NextGen Healthcare user ID and activate that credential. The credential works only with NextGen Enterprise applications. You can activate a provider's token or devices to enable TFA. The token can be an issued Symantec VIP, software token that was downloaded to a device, or a push notification to a device. Because at least one ePCS registrar must have TFA to grant ePCS prescriber rights to a provider, non-ePCS prescribers can also have TFA credentials activated. For activation, the provider must be present with you. Although providers can have multiple credentials, only one credential is necessary. Note: If you do not set up a credential fo

System Administrator Help

ePCS Setup

The Drug Enforcement Administration (DEA) allows DEA registrants to write Electronic Prescriptions of Controlled Substances (ePCS). To control who can send these electronic prescriptions, the System Administrator application meets the DEA regulations that determine how applications and practices are to restrict eRx access rights. These measures rely on identity-proofing to prevent fraud. To comply with the DEA regulations, NextGen Healthcare providers can use any of the following ePCS authentication methods: Symantec™ VIP Token IdenTrust Mobile Authentication Service Imprivata Confirm ID™ for EPCS Note: You can prevent a specific medication (controlled substance) from being electronically prescribed by selecting the Do not allow eRX option from the Medication Tasks master file in File Maintenance. The ePCS setup process involves the following procedures in the System Administrator application: Set up the ePCS authentication method. Authorize ePCS registrar access. ePCS registrars give

System Administrator Help

Add Two-factor Authentication Credentials for Symantec VIP

Select a provider, and then on the General tab, select ePCS. The ePCS Authentication and Authorization Setup window displays the Credentials tab. If the provider has active credentials, those credentials appear under Symantec VIP Tokens. Under Token Actions, select Add. The User Login window opens. The provider enters NextGen Healthcare login credentials and then selects Login. The Activate Credential window opens. In the Security Key Serial Number field, the provider enters the serial number from the token. In the Security Code #1 field, the provider enters the security code from the token. In the Security Code #2 field, the provider enters the next sequential security code from the token. Select Activate before the second security code changes. A confirmation message appears. Select OK. The credentials appear on the Registrar and Credentials tabs. Close the ePCS Authentication and Authorization Setup window. Actions for Symantec VIP ePCS Authentication Method Parent topic: Two-Factor

Two-Factor Authentication Credentials for ePCS

Recommendations

ePCS Registrar Access

Remove a Two-factor Authentication Credential

ePCS Prescriber Access

Two-Factor Authentication Credentials for ePCS

ePCS Setup

Add Two-factor Authentication Credentials for Symantec VIP

ePCS Registrar Access

Remove a Two-factor Authentication Credential

ePCS Prescriber Access

Two-Factor Authentication Credentials for ePCS

ePCS Setup

Add Two-factor Authentication Credentials for Symantec VIP