EPCS Setup

Version 20.13

About

EPCS requires certain areas in OP to be set up before electronic prescribing of controlled substances can be enabled. These areas are described below.

Provider Setup 

To enable EPCS for a provider, the provider's Federal DEA number must be entered in the Staff/Provider Directory in the Federal DEA# field.  This is a required field.  In addition, OP includes the NADEAN # field in the Staff Directory (under the Provider Info tab). If providers in your practice have been issued a Narcotics DEA (NADEAN) number, you must add their NADEAN number to the NADEAN # field in their profile in the Staff Directory.

Note: OP has made changes to accommodate providers who prescribe in OP in multiple states. We have the ability to store provider DEA numbers per location when sending prescriptions to the pharmacy. If your practice has providers that prescribe in multiple states, please contact OP Support so that we can add the other DEA numbers. Based on the location you are logged into within OP, OP will send the appropriate DEA number to the pharmacy so that prescriptions do not get rejected.

Path: Practice Management tab > Staff/Providers button > Provider Info tab

Warning: The provider's name must be entered into the Staff Directory exactly as it appears in the NPI registry. All applicable fields, First Name, Middle Name, Last name and Suffix must be displayed in their own fields. If unsure of how the name appears in the NPI Registry you may go to https://nppes.cms.hhs.gov.

Logical Access Control (LAC) 

Path: Admin tab > EPCS Access Control button

The LAC is configuring providers, who have completed the IDP process in OP, as either active or inactive. This is a two-step process which requires a user with System Administrator permissions, this cannot be the provider being activated or deactivated, to open the LAC. Any provider with EPCS credentials may perform the second step by entering the passphrase and the PIN number from their token.  

User Permission: A user must be a System Administrator or have the following individual permissions: AA_AccessSecurity.mi and AA_SystemAdmin.mi to access the LAC.

  1. Login with the System Administrator User Name and Password.
  2. Click the Admin tab and select EPCS Access Control.

Note: Both the System Administrator and the Provider, who is being activated, must complete the remaining steps in this section together on the same computer. The logged in System Administrator is the administrator that grants permission.

  1. The EPCSGold web page opens in a separate browser window. Enter the System Administrator's name in the Administrator field.

  1. Select a provider to activate from the Prescriber list.
  2. In the Authorizing Prescriber field, enter the NPI Number for the provider who will be entering their passphrase and PIN from their token. This can be any provider with credentials, including the provider being activated/deactived.
  3. Click the Validate button to validate the provider's NPI Number.
  4. Have the provider enter the token they will be using for EPCS prescriptions.

  1. Have the provider enter their Passphrase and PIN from the token.
  2. Click the Authorize button.

Provider Dashboard

Path: Admin tab > EPCS Provider Dashboard button

The Provider Dashboard allows providers to manage their Passphrase and the authentication tokens assigned to them. Tokens include:

  • Hard token -- a device that generates authentication codes regularly and is associated with the EPCS prescriber's account.
  • Soft token -- similar to a hard token but rather than use an external token it is an application that runs on a device, such as a mobile phone or tablet.
  • Biometric authentication -- physical data that is unique to the provider, such as a fingerprint.
  1. Select the EPCS Provider Dashboard using the above path.

  1. The EPCSGold web page opens in a separate browser window. The NPI Number is pre-populated, enter your Passphrase and click the Next button.


  1. The EPCSGold web page displays the Token and One Time Password (OTP) fields.
  2. Click the Submit button.

  • To manage your Passphrase:
  1. Select the Profile tab.
  2. Click Change EPCS Passphrase.
  3. Select token and enter your PIN.
  4. Enter your old Passphrase and then enter a new Passphrase to replace the old one. 
  • To manage your token(s):
  1. Select the Tokens tab.
  2. Select your token, this is only necessary if you have more than one token, such as a hard token and a soft token. The system defaults to the last token you selected.
  3. Enter the PIN that your selected token is currently displaying in the OTP field. The EPCSGold web site displays a list of tokens associated with the user.
  4. Activate, deactivate, add, or remove tokens as necessary.  
Version 20.12

Overview

EPCS requires certain areas in OP to be set up before electronic prescribing of controlled substances can be enabled.  These areas are described below.

Provider Set-up 

To enable EPCS for a provider, the provider's Federal DEA number must be entered in the Staff/Provider Directory in the Federal DEA# field.  This is a required field.  In addition OP includes the NADEAN # field in the Staff Directory (under the Provider Info tab).  If providers in your practice have been issued a Narcotics DEA (NADEAN) number, you must add their NADEAN number to the NADEAN # field in their profile in the Staff Directory.

Path: Practice Management tab > Staff/Provider Directory

Warning: The provider's name must be entered into the Staff/Provider Directory exactly as it appears in the NPI registry. All applicable fields, First Name, Middle Name, Last name and Suffix must be displayed in their own fields. If unsure of how the name appears in the NPI Registry you may go to https://nppes.cms.hhs.gov.

Logical Access Control (LAC) 

Path: Admin tab > EPCS Access Control

The LAC is configuring providers, who have completed the IDP process in OP, as either active or inactive. This is a two-step process which requires a user with System Administrator permissions, this cannot be the provider being activated or deactivated, to open the LAC. Any provider with EPCS credentials may perform the second step by entering the passphrase and the PIN number from their token.  

User Permission: A user must be a System Administrator or have the following individual permissions: AA_AccessSecurity.mi and AA_SystemAdmin.mi to access the LAC.

  1. Login with the System Administrator User Name and Password.
  2. Click the Admin tab and select EPCS Access Control.

Note: Both the System Administrator and the Provider, who is being activated, must complete the remaining steps in this section together on the same computer. The logged in System Administrator is the administrator that grants permission.

  1. The EPCSGold web page opens in a separate browser window. Enter the System Administrator's name in the Administrator field.

  1. Select a provider to activate from the Prescriber list.
  2. In the Authorizing Prescriber field, enter the NPI Number for the provider who will be entering their passphrase and PIN from their token. This can be any provider with credentials, including the provider being activated/deactived.
  3. Click the Validate button to validate the provider's NPI Number.
  4. Have the provider enter the token they will be using for EPCS prescriptions.

  1. Have the provider enter their Passphrase and PIN from the token.
  2. Click the Authorize button.

Provider Dashboard

Path: Admin tab > EPCS Provider Dashboard

The Provider Dashboard allows providers to manage their Passphrase and the authentication tokens assigned to them. Tokens include:

  • Hard token -- a device that generates authentication codes regularly and is associated with the EPCS prescriber's account.
  • Soft token -- similar to a hard token but rather than use an external token it is an application that runs on a device, such as a mobile phone or tablet.
  • Biometric authentication -- physical data that is unique to the provider, such as a fingerprint.
  1. Select the EPCS Provider Dashboard using the above path.

  1. The EPCSGold web page opens in a separate browser window. The NPI Number is pre-populated, enter your Passphrase and click the Next button.


  1. The EPCSGold web page displays the Token and One Time Password (OTP) fields.
  2. Click the Submit button.

  • To manage your Passphrase:
  1. Select the Profile tab.
  2. Click Change EPCS Passphrase.
  3. Select token and enter your PIN.
  4. Enter your old Passphrase and then enter a new Passphrase to replace the old one. 
  • To manage your token(s):
  1. Select the Tokens tab.
  2. Select your token, this is only necessary if you have more than one token, such as a hard token and a soft token. The system defaults to the last token you selected.
  3. Enter the PIN that your selected token is currently displaying in the OTP field. The EPCSGold web site displays a list of tokens associated with the user.
  4. Activate, deactivate, add, or remove tokens as necessary.