Safeguarding Electronic Prescriptions for all Medications
Being able to prescribe medicine online—that is, have the prescription go straight from your doctor to the pharmacy to be filled—is a great advantage of electronic health records. Studies have shown that electronic prescribing reduces the risk of medicine mix-ups, prescription abuse, fraud, and theft. The DEA has issued additional requirements for the electronic prescription of controlled substances to ensure that the practitioner is correctly licensed to prescribe schedule 3 narcotics. Specifically, Section 1311.105 of the DEA Guidelines says that an individual provider must obtain a credential via a credential service provider that has been approved by the GSA Office of Technology. The credential shows that identity proofing and verification of DEA number and state license have been done.
Ensuring that each doctor is correctly licensed before they prescribe electronically is critically important, but how do you prove the identity and verify the credentials of every provider in the network? Is it feasible to have every doctor come into a central location to show paper copies of their IDs and certifications?
There are many ways to handle identity proofing and verification to issue a credential. For an organization that is issuing credentials to thousands of doctors, using a credential service provider and remote identity proofing is the most convenient and cost-effective. Remote IDP must meet the requirements of NIST Assurance Level 3 or above as described in Section 1311.08 of the DEA guidelines.
The practitioner first submits identity information to the credential service provider or certification authority. A practitioner may remotely prove that he is who he says he is by answering a series of “out-of-wallet” questions. The identity proofing questions should be developed from a variety of outside sources, such as past residences, motor vehicle registration, or credit information, to maximize the ability to uniquely identify an individual and to prevent fraud.
Once the practitioner’s identity has been established, his certifications need to be checked by matching his identity against a state license to practice medicine and DEA Number. Additional certifications such as degrees, associations, or other qualifications may also be connected to the practitioner’s electronic identity and credential once it’s established. License renewals and other periodic updates can easily be appended to the electronic credential. Along with renewals, checkpoints and a process for revoking a credential must be in place.
Doing all of this remotely through electronic checks of state and federal documents means the process is faster and decreases the risk of falsified paper records and fake IDs. The electronic ID, with verified credentials, can allow trusted access to secure systems, sensitive healthcare records, and electronic prescribing.
For more information about setting up credentials for electronic prescription of controlled substances, click here to contact a specialist.
Recommended For You
Authentication Strategies for Today’s Digital Age Carefully orchestrated authentication and identification strategies are critical in today’s digital era, especially since […]
The CERCA Spring Conference, held on May 16, capped a broadly successful 2018 filing season that saw tax identity theft reduced by […]
Fraudulent account activity and identity fraud are both significant drains to today’s business resources. In the era of online and mobile commerce, […]
Fraudsters are a smart group. With each fraud prevention method that’s introduced, they figure out ways to work around it. […]