Atención de la salud

DIGIPASS Authentication for Epic Hyperspace

DIGIPASS Authentication for Epic Hyperspace satisfies the DEA’s Two-Factor Authentication Requirements for Electronic Prescription of Controlled Substances (EPCS)

Why you need two-factor authentication for your Epic system

DEA regulations mandate the use of two-factor authentication when a prescription for a controlled substance is submitted electronically. That means that all EPCS enabled electronic prescribing systems must support such technology and all authorized prescribers (such as physicians and nurse practitioners) must be equipped with appropriate security tools.

In practical terms, all users of Epic Hyperspace that wish to prescribe controlled substances electronically need to possess one of the two-factor authentication tools/devices as required by the DEA.

What is two-factor authentication?

Two-Factor Authentication is a method of verifying a user’s identity electronically that requires at least two elements: something they know (a PIN) and something they have (a hard or soft authentication “token”). The latter must be stored separately from the computer being used to access the e-prescribing application, according to DEA. The hard token, if used, must be a cryptographic device or a one-time password device that meets FIPS (Federal Information Processing Standard) 140-2 Security Level 1.
Download the DIGIPASS Authentication for EPIC Health Systems Admin Guide.

VASCO DIGIPASS Plug-In for Epic Hyperspace

DIGIPASS Authentication for Epic Hyperspace is a software module that integrates with your Epic System to provide FIPS Compliant and DEA approved two-factor authentication for your users authorized to issue prescriptions for controlled substances.

How it works

The two-factor authentication technology replaces insecure static passwords with strong, constantly changing passwords in accordance with DEA’s requirements. You easily generate a one-time password by pressing the button on your DIGIPASS hardware token or launching the DIGIPASS for Mobile app on your phone. A one-time password is valid for a limited time. At each login you will create a new DIGIPASS password.

VASCO’s DIGIPASS Authentication for Epic Hyperspace solution is comprised of three components:

  • IDENTIKEY Authentication Server -- A Server-side software
  • VASCO Epic Plug-in (client-side .NET module that integrates with Epic Hyperspace)
  • VASCO DIGIPASS client-side authentication devices (hardware or mobile tokens); 

PKI devices and biometric options are also supported. Please note that these modalities are the only ones allowed by DEA for EPCS.

Why choose VASCO?

  • Guaranteed Compliance – VASCO offers the only one-time password hardware token that is FIPS 140-2 Level 2 Certified and satisfies the DEA requirements for EPCS. 

  • No additional development work - take advantage of the VASCO Epic Hyperspace Plug-in. VASCO has done all development work so you don’t have to, drastically reducing the cost and complexity of implementation and support. With no need for additional databases or servers, you can get up and running quickly, and with minimal resources. 

  • Easier Audit Process - VASCO's FIPS 140-2 Level 2 Certified authenticator fulfills EPCS and Stage 3 meaningful use requirements, and the robust reporting capabilities of our backend IDENTIKEY platform deliver a comprehensive audit trail that can ease the third-party audit process. 

  • Remote Identity Proofing – In addition to FIPS compliant two-factor authentication, VASCO offers NIST compliant identity proofing service as required by DEA for EPCS. 

  • One Authenticator, Many Apps - No one wants to carry 2, 3 or 10 tokens. With VASCO’s solutions healthcare providers can equip staff with a single hard or mobile token that can be used to conveniently and securely access all applications throughout the healthcare organization. 

  • Multiple Authentication Modalities - VASCO offers the most comprehensive portfolio of DEA-approved authentication modalities, including hardware, mobile and PKI authenticators; all supported on a single authentication platform. 

  • Long-term Savings – VASCO’s FIPS Compliant DIGIPASS GO 7 token has an average life span of 10+ years and no artificial expiration date. 

  • Branding, Packaging and Fulfillment Services – All hardware and mobile authenticator can be customized with your logo and colors; custom packaging with user instructions can also be developed. Full service inventory control and fulfillment is offered by VASCO to ease the distribution process. 


Información de la solución

VASCO Solutions for HIT Vendors Overview (US)

Today, HIT vendors face mounting pressure to offer secure, intuitive systems and applications that comply with strict government regulations and meet growing demands for protection of identities and control over sensitive data. But ensuring the security and compliance of data can’t disrupt fast access to healthcare applications and patient information.
Información de la solución

Compliant Digital Identity Management Solutions for Healthcare

The proliferation of digital patient information and a surge in government regulations are forcing a shift in the healthcare industry. As the entire healthcare community adopts digital processes and web-based systems for patient data, the need for stronger security and compliance measures grows exponentially.

Este sitio web usa cookies para mejorar la experiencia del usuario, la funcionalidad y el rendimiento. Si continúa navegando en este sitio, usted acepta el uso de cookies en este sitio web. Tenga en cuenta que usted puede cambiar las configuraciones de su navegador o de las cookies en cualquier momento. Para obtener más información sobre el uso de cookies y cómo ajustar sus configuraciones, lea nuestra política de cookies.