Covered by this topic
Physicians who wish to electronically prescribe controlled medications must employ two-factor authentication as required by the DEA. Medical Informatics Engineering (MIE) works with IdenTrust to provide the required level of identity proofing needed for Electronic Prescribing for Controlled Substances (EPCS). IdenTrust will issue digital certificate tokens that can be used to digitally sign and electronically transmit prescriptions for controlled substances. By providing required information to IdenTrust, physicians can complete identity proofing and establish two-factor authentication for two years. Physicians will receive a USB device that will generate a digital signature.
To obtain a USB Token, physicians must register with IdenTrust, and verify their identity. Only the subscriber of the certificate shall use the token. The digital certificate is solely that of the registering prescriber and should be treated as a form of identification, similar to a passport or driver’s license.
THE APPLICATION AND IDENTITY VERIFICATION PROCESS MUST BE COMPLETED AND SUBMITTED BY THE REGISTRANT AND SUBSCRIBER OF THE CERTIFICATE. THIS CANNOT BE COMPLETED BY PROXY, OR BY ANY OTHER INDIVIDUAL ON BEHALF OF THE PRESCRIBER. FAILURE TO COMPLY COULD RESULT IN REVOCATION OR SUSPENSION OF THE DIGITAL CERTIFICATE.
This step-by-step help guide will walk you through the online application process. Before you begin, have the following ready:
- Credit Card information for address verification only (not used for payment)
- Credit Card information for payment
- Valid Email Address CLICK [ HERE ] TO BEGIN
It’s as Easy as 1 - 2 - 3!
When prescribers are ready to purchase the certificate and/or token, there is a simple 3-step process provided through IdenTrust. Simply fill out the application, verify your information, and receive your certificate and generate its key for use.
There is a recording walking to watch someone walk through all the steps (the video has no sound). If you start at about 3:30 on the normal speed video in this folder: https://drive.google.com/drive/folders/1-0HGtSKwTYpz8oZmQMELkRs9SZEaQzqG?usp=sharing
The first step requires the selection of the certificate. There are 3 types of Certificates that MIE/IdenTrust will offer to prescribers.
- EPCS Prescribing - IGC Basic Assurance Unaffiliated Hardware = $109.00 (Prices subject to change by IdenTrust)
- Select this option if you are a new prescriber to EPCS. This option is for EPCS Two Factor Authentication Certificates and Tokens. During the registration process, you will be presented with hardware storage options for your certificate. If you are a new registrant, please select the USB Token. Otherwise, current EPCS prescribers can use their existing token.
- EPCS Prescribing- IGC Assurance unaffiliated Software- EPCS Prescribing with Mobile Authentication = $197.00 (Pricing subject to change by IdenTrust)
- Select this option if you are a new prescriber to EPCS and wish to use your cell phone or other mobile divide to prescribe.
- Identity Proofing Only (Non-EPCS Prescriber) - IGC Basic Assurance Unaffiliated Software = $99.00
- Every certificate provided through IdenTrust for EPCS has a 2-year validity period. This will automatically be selected.
- Following the Validity Period selection is the selection for the SafeNet USB Token, used to store the digital certificate.
- HID USB Token - $68.00
- This option is for EPCS Two Factor Authentication Certificates and Tokens. If you are a new registrant, please select the USB Token. Otherwise, current EPCS prescribers may use their existing token.
- SafeNet USB Token use existing - $0.00
- HID USB Token - $68.00
- Make your selection, and click the Next button.
- Verify your selections, and click Buy Now.
- When prescribers are ready to purchase the certificate and/or token, there is a simple 3-step process provided through IdenTrust. Simply fill out the application, verify your information, and receive your certificate and generate its key for use. Click Next to begin.
- Continuing to the second step of the application, prescribers will be asked to enter their personal information and a credit card to confirm identity and delivery address for the certificate and token.
- Once the Your Information has been provided, continue to set the Account Password, as well as the Secret Questions and Answers. Utilize the blue help bubbles, as needed.
There are two passwords you will NEED TO REMEMBER:
Next, you will create your Account Password with Secret Questions and Answers. This password will be used to download your certificate after your application is approved. If this Account Password is forgotten, you may reset it using your Secret Questions and Answers.
If you are unable to recall the Answers to your Secret Questions, you will have to start over and apply again.
A passcode is required for the hardware that will store your certificate.You will create the Passcode when you download your certificate. The Token Passcode must be entered when you use your certificate.
If the Token Passcode is forgotten, your certificate is locked and cannot be recovered, so you would need to purchase a new IGC Basic Assurance Unaffiliated Hardware + 2-Year Certificate.
- Click Next to continue. You will be prompted to Confirm Your Information.
- Click Yes to continue.
- Select the form of payment, provide the payment details, and select the preferred shipping for the Activation Letter.
Indicate that you have read and acknowledged the Subscriber Agreement. Click Submit Application to continue.
Congratulations! You have just completed the first phase. Thank you for applying for your IGC Basic Assurance Hardware Unaffiliated Certificate 2 Year. You have completed the application phase, so now IdenTrust will initiate the approval of your application. Remember, there are 3 phases in the process of obtaining your IGC Basic Assurance Hardware Unaffiliated 2 Year Certificate. IdenTrust will now complete the second* phase of your application - Approval. If successful, you will need to complete the* third* and final phase - Retrieval; to obtain your certificate.* Part of the Approval Phase includes verifying your email address and allowing IdenTrust to verify your identity.
Step 1. Go to your email to check for your Verification Code sent from firstname.lastname@example.org Step 2. Follow the directions in the email to verify your email address. If you have not received your Verification Code from email@example.com after a brief period, you may:
- Check your bulk email folder for this email.
- Verify that your spam filters allow you to receive emails from firstname.lastname@example.org ; this may require the assistance of your system administrator.
- Request your Verification Code be sent again by going to: https://secure.identrust.com../app/resendEmailVerification?id=586401176012552
This portion of the second phase (carried out by IdenTrust) consists of validating the information you provided against independent data sources. You will not need to do anything during this stage; you will receive a retrieval kit from IdenTrust in the mail if your application is approved. You will be able to check on the Application Status under Your Account Information:
Your New IGC Token will be mailed to you. Expect arrival between 3-5 days.
You have entered the third and final phase, which consists of obtaining your digital certificate and generating your keys for use of certificate. This phase begins once you have received your retrieval kit in the mail. Included in your kit will be a letter explaining how to do the following:
- Install the SafeNet Authentication Client Software – Use the disc that is included in the retrieval kit. After the software has been installed, reboot your computer. When your computer has restarted, proceed to the next step.
- Change the Passcode for the USB Token – Please note that this passcode reset process is intended for new, unused USB Tokens, or tokens where certificates have not already been installed. If you are using a USB Token that contains previous certificates, you will not see this prompt and can proceed to the next step.
- Insert the USB Token into your computer. You will see a message pop-up that says, “For security reasons, you must change the Token Passcode of your new token.”
- Click Ok.
- Retrieve the Current Token Passcode from the Activation Letter you received, and set the New Token Passcode. 3. Current Token Passcode: (Refer to IdenTrust Letter) 4. New Token Passcode: Enter a personal passcode that you WILL NOT forget.
- Click OK. A confirmation of the passcode change will display. Click OK, again.
- With your USB Token plugged into your computer, browse to www.indentrust.com/install
- Click the I’M READY – PLEASE CHECK IF MY SYSTEM IS READY button.
- Enter your secure Activation Code: (Refer to IdenTrust Letter), and enter the Account Password you created during the Application process. If you have forgotten the Account Password, enter your Activation Code, and then click the “I forgot my Account Password” link next to the Account Password field. Note that this is NOT the Token Passcode set in Step 3.
Carefully follow the prompts to retrieve your IGC Certificate and generate keys, accordingly. Do not close your browser until you see the screen indicating that you have finished the retrieval. Do not press the Back button on your browser at any time. Pressing Back during the retrieval may cause the retrieval system to void your retrieval, closing your application and forcing you to apply again from the beginning.
After the retrieval and key generation is complete, it is important that you test your certificate.
- Click the Test My Cert button.
- Click OK.
You will then be prompted to provide two factor authentication with the token and passcode. When ready, click OK.
You can now begin Electronically Signing Controlled Substances
Once you have finished retrieving and testing the certificate, you are able to Verify the Information in your Certificate. Follow the prompts through verification.