The Benefits of EPCS Beyond Compliance August 15, 2016

Transcription

1 The Trusted Source for Secure Identity Solutions The Benefits of EPCS Beyond Compliance August 15, 2016

2 Presenters Sheila Loy Director Healthcare Solutions HID Global Joe Summanen Technical Architect Nemours Children s Health System Charisse Geslani Associate Analyst Nemours Children s Health System

3 Electronic Prescriptions for Controlled Substances Why offer it? Prescription Drug Monitoring Programs (PDMP) State Legislation Investigations/ Reporting Compliance It s not IF, it s WHEN

4 Electronic Prescriptions for Controlled Substances Why offer it? Provider Challenges with Paper Prescriptions Secure paper and storage process expense Inconvenient for the prescriber Negative patient experience Lost patients revenue reduction Telemedicine/ Tele Health

5 Electronic Prescriptions for Controlled Substances Requirements User experience Insert + Pin OTP Bio Electronic Prescriptions for Controlled Substance EPCS EMR (PKI) (OTP) (BIO) NIST SP compliant Identity proofing at level of assurance 3 with secure credential binding DEA Compliance using FIPS140-2 validated credential Must present two factors of authentication within a certified EPCS module in an EMR platform Interim Final Ruling The authentication method must be separate from the device used to write the narcotic prescription

6 Nemours Children s Health System EPCS and Two-Factor Case Study Founded in 1936 Press Ganey s 2015 Guardians of Excellence Award Nemours Website KidsHealth.org is the most visited website devoted to Children s Health in the world HIMSS Stage 7 Certified

7 Nemours Children s Health System EPCS and Two-Factor Case Study Telemedicine Initiative Innovative and Enhanced Experiences Be Prepared for Legislation Trusted Partner

8 Nemours Children s Health System EPCS and Two-Factor Case Study Credential Management System Authentication Server Epic Plug-In HSM

9 HID EPCS Credential Provisioning Process Activation letter is mailed to address on file to complete LOA3 START Parallel process creates checks & balance Fill online forms on PKI registration website LOA3 check is performed based in information provided If LOA3 identity proofing is successful Activation Letter Local issuance/remote issuance station Credential issued Provision Credential Launch Logical Access in Epic

10 Successful Solution Deployment Agents

11 Nemours Children s Health System Project Oversight Use Case Discussions Proof of Concept Scope Documentation Pilot Test Group include physicians Feedback Cycles Deployment Success

12 Nemours Children s Health System Leverage the Investment Elevate Security and Privacy throughout the organization Invest once for myriad use cases Remote Access deploy soft/ mobile tokens or fobs VPN Access deploy soft/ mobile tokens or fobs Privileged User, Security Admin PKI security Simple to train Simple to use

13 Nemours Children s Health System Keys to Success Bring internal teams and partners together early One project management point of contact (owner) Proper internal education Proliferation of solution availability

14 Yes! Security and Convenience

15 Summary of Benefits DEA Compliance Improved patient/ patient family experience More secure and efficient workflow for prescribers Digital audit trail Cost effective ability to institute additional two-factor authentication use cases Increased HIPAA privacy Elevated security, without friction

16 Why HID Global for Identity Assurance? Over 25 years in the user authentication and digital identity business Integration with over 30 different emr/ ehr platforms Over 50 million credentials issued by Department of Defense and Civilian Agencies using our identity management solutions GSA Approved Certification Authority cross-certified with the U.S. Federal Government Bridge Certificate Authority FIPS Validated Credential offerings GSA Approved SP Level of Assurance 3 Identity Proofing Widest variety of authentication methods

17 QUESTIONS? Trusted Advisor Sheila Loy Identity & Access Management, Healthcare HID Global M: E: