DIGIPASS Authentication for Epic Hyperspace

DIGIPASS Authentication for Epic Hyperspace satisfies the DEA’s Two-Factor Authentication Requirements for Electronic Prescription of Controlled Substances (EPCS)

Why you need two-factor authentication for your Epic system

DEA regulations mandate the use of two-factor authentication when a prescription for a controlled substance is submitted electronically. That means that all EPCS enabled electronic prescribing systems must support such technology and all authorized prescribers (such as physicians and nurse practitioners) must be equipped with appropriate security tools.

In practical terms, all users of Epic Hyperspace that wish to prescribe controlled substances electronically need to possess one of the two-factor authentication tools/devices as required by the DEA.

What is two-factor authentication?

Two-Factor Authentication is a method of verifying a user’s identity electronically that requires at least two elements: something they know (a PIN) and something they have (a hard or soft authentication “token”). The latter must be stored separately from the computer being used to access the e-prescribing application, according to DEA. The hard token, if used, must be a cryptographic device or a one-time password device that meets FIPS (Federal Information Processing Standard) 140-2 Security Level 1.
Download the DIGIPASS Authentication for EPIC Health Systems Admin Guide.

VASCO DIGIPASS Plug-In for Epic Hyperspace

DIGIPASS Authentication for Epic Hyperspace is a software module that integrates with your Epic System to provide FIPS Compliant and DEA approved two-factor authentication for your users authorized to issue prescriptions for controlled substances.

How it works

The two-factor authentication technology replaces insecure static passwords with strong, constantly changing passwords in accordance with DEA’s requirements. You easily generate a one-time password by pressing the button on your DIGIPASS hardware token or launching the DIGIPASS for Mobile app on your phone. A one-time password is valid for a limited time. At each login you will create a new DIGIPASS password.

VASCO’s DIGIPASS Authentication for Epic Hyperspace solution is comprised of three components:

  • IDENTIKEY Authentication Server -- A Server-side software
  • VASCO Epic Plug-in (client-side .NET module that integrates with Epic Hyperspace)
  • VASCO DIGIPASS client-side authentication devices (hardware or mobile tokens); 

PKI devices and biometric options are also supported. Please note that these modalities are the only ones allowed by DEA for EPCS.

Why choose VASCO?

  • Guaranteed Compliance – VASCO offers the only one-time password hardware token that is FIPS 140-2 Level 2 Certified and satisfies the DEA requirements for EPCS. 

  • No additional development work - take advantage of the VASCO Epic Hyperspace Plug-in. VASCO has done all development work so you don’t have to, drastically reducing the cost and complexity of implementation and support. With no need for additional databases or servers, you can get up and running quickly, and with minimal resources. 

  • Easier Audit Process - VASCO's FIPS 140-2 Level 2 Certified authenticator fulfills EPCS and Stage 3 meaningful use requirements, and the robust reporting capabilities of our backend IDENTIKEY platform deliver a comprehensive audit trail that can ease the third-party audit process. 

  • Remote Identity Proofing – In addition to FIPS compliant two-factor authentication, VASCO offers NIST compliant identity proofing service as required by DEA for EPCS. 

  • One Authenticator, Many Apps - No one wants to carry 2, 3 or 10 tokens. With VASCO’s solutions healthcare providers can equip staff with a single hard or mobile token that can be used to conveniently and securely access all applications throughout the healthcare organization. 

  • Multiple Authentication Modalities - VASCO offers the most comprehensive portfolio of DEA-approved authentication modalities, including hardware, mobile and PKI authenticators; all supported on a single authentication platform. 

  • Long-term Savings – VASCO’s FIPS Compliant DIGIPASS GO 7 token has an average life span of 10+ years and no artificial expiration date. 

  • Branding, Packaging and Fulfillment Services – All hardware and mobile authenticator can be customized with your logo and colors; custom packaging with user instructions can also be developed. Full service inventory control and fulfillment is offered by VASCO to ease the distribution process. 




DIGIPASS GO 7 is a FIPS 140-2 Level 2 Certified one-time password (OTP) hardware token – a convenient single-button authentication device that boosts security while providing unmatched user acceptance. DIGIPASS GO 7 also supports VASCO’s Multi OTP technology, offering enhanced security for organizations who need to secure multiple applications with a single DIGIPASS.

EPCS Compliance for Cerner Millennium

DEA regulations mandate the use of two-factor authentication when a prescription for a controlled substance is submitted electronically.

This website uses cookies to improve user experience, functionality and performance. If you continue browsing the site, you consent to the use of cookies on this website. Note that you can change your browser/cookie settings at any time. To learn more about the use of cookies and how to adjust your settings, please read our cookie policy.