EPCS IdenTrust Mobile Authentication Setup

The IdenTrust Mobile Authentication process allows a provider to use their mobile device to electronically approve controlled substance prescriptions.

In order to configure this, you will need to follow a series of steps to fully implement this.  In general, these steps include:

1. Register and setup an IdenTrust Mobile account: Create IdenTrust Account
   1. First Time users will need to go through an identity proofing process.
   2. Users that have already completed this process and just need to purchase a certification to  complete the Mobile process can skip that step.
2. Access your Mobile IdenTrust Account information: My IdenTrust Account
3. Setup the HID Approve Mobile Application from IdenTrust.
4. Add your mobile certificate to your user account in OfficeEMR.

The first step in EPCS is registering with IdenTrust.  IdenTrust is the organization that will perform a background check on the user registering and supply the required mobile certification for that user.  This mobile certification acts as the second form of authentication in the "Two Factor Authentication" process.

Things to know before you start:

• The Mobile Cert will ONLY work in Google Chrome.  If you use Internet Explorer as your primary browser, consider setting up the USB Token instead.
• Please be aware that IdenTrust charges for their services.  Be sure to have a Credit Card ready to pay for this service.
• IdenTrust requires a Credit Card and other personal information for the person applying for the token - this is used in the Background Check process.  
• The pricing in the screenshots below is reflective of IdenTrust's pricing at the time of this article, and may change in the future.

Steps to Register

1. Click the following link to be taken to iSalus' partner page on IdenTrust's website: https://www.identrust.com/partners/isalus-healthcare
   
   
2. Click Buy Now to get started.
   
3. For a Mobile Certificate, selected the following option:  IGC EPCS Basic Assurance Unaffiliated Software - EPCS Prescribing with Mobile Authentication. Then, click Next.
   
   
4. Select the option of 2 Year period and Browser for the storage device. Then, click Next.
   
5. Verify your selection and click Buy Now.
   
   
6. On the IdenTrust Application process, select iSalus Healthcare from the Program Affiliation list.  Then, click Next.
   
   
7. Enter your information and click Next
   
   

8. WARNING:
    Be sure to save your account password as you will need this later!

9. NOTE:
   The Credit Card information entered on this screen is used only for Identity Proofing.  A separate credit ard will be asked for later to purchase the services selected.

10. Enter the payment information for the services requested. Click Next.
    
    
11. Your registration is now complete and has been sent to IdenTrust.  You should receive an email to continue the process. Click Finish.

Once you register for an IdenTrust account, you should receive an email to retrieve and install your certificate on your computer. 

Things to Know Before You Start

• This process will require you to supply or create various passwords.  Be sure to keep track of these.
• A critical step in the process is to backup your certificate to your PC.  Be sure you do this as this will be  required inf future steps.

Steps to Setup IdenTrust EPCS Token on your personal computer

1. You should receive an e-mail to install your certificate.  Follow the link in the email to begin the process:  www.identrust.com/install

1. Click I'm Read - Please Check if my System is Ready >>
   
   
   
2. Enter the Activation Code and Account Password, then click Next.  The activation code can be found in your email and the account password was setup in an earlier step.
   
   
3. If you are completing the Identity Proofing process, there will be a few day delay while this is completed:
   
   
4. Click the Download button to download the  IdenTrust Retrieval Application.
   
   
5. Click to run the application
   
   
6. Drag the 'Key' from your browser to the 'Lock' on the application that was opened:
   
   
7. Once successful, you will be notified then prompted to import your encryption certificate.  Click Next.
   
8. Choose a security level:
   1. High - You will be prompted to approve the medication on your phone AND enter a password.
   2. Medium - You will be prompted to approve the prescription on your phone:
      
9. Confirm your security preferences and click Next.
10. When prompted, enter a password for your device.  This will be the password you use each time you approve a prescription.  Click Next.
11. Click OK on the following screen
    
    
12. Your certificate will be installed.  Please allow a few moments for this to take place.

13. CRITICAL STEP:

    Once completed, you will be asked to back-up your certificate. Click Yes.  YOU MUST DO THIS.  
    

14. Click Next to begin the Certificate Export
    
15. Set the export settings as seen below and click Next
    
    
16. Enter a password and click Next
    
17. Select a location to save this backup file on your computer.   You will need this later, so remember where it is saved.
    
    
    
18. Click Finish
    
    
19. You may be prompted to enter your password for your key.
    
    
20. Your certificate backup will be created in the location chosen.  Click Done on the certificate installation window.
    
    
21. You are now ready to associated your certificate with your user in OfficeEMR.

Once you have retrieved your mobile certificate, you are now ready to configure IdenTrust's mobile application.  This process will explain how to create a mobile user name, download the application, and connect your credential to your mobile application.

Steps

1. You should receive an e-mail from IdenTrust with steps to setup your Mobile User ID. Follow the link in the e-mail to start that process: https://secure.identrust.com/tscmc
2. You should be prompted to select the credentials you setup in prior steps. You must be on the same computer that you originally setup your credential.
3. You should be prompted to enter the credential password you setup in prior steps. Enter the password and click Allow.
   
   
4. Click Create to create your mobile user name.
   
   
5. Enter your desired user name.  Click Next.
   
   
6. You can use the camera on your mobile phone to scan the barcode - this will take you to the app store to download the necessary application.  Or, navigate to the app store on your mobile phone and search the app store for HID Approve.  Download/Install the application.
   • IOS: https://apps.apple.com/us/app/hid-approve/id1128736638
     
     
   • Android: https://play.google.com/store/apps/details?id=com.hidglobal.ia.trustops
     
     
7. With the app installed, click Yes, I have my device now.  Then, click Next.
   
   
   
8. Open the app that you just download and click the Key+ icon in the upper right.
   
   
9. Use the camera on your device to scan the barcode on the screen.
   
   
10. Create a password. This will be used every time you approve or deny a prescription.
11. Name your device. This is helpful if you plan on setting up multiple devices to approve prescriptions with.
    
    
    

Once you have installed and backed-up the IdenTrust Mobile certificate on your computer, you will added it to your OfficeEMR user account.

Steps

1. Login to OfficeEMR using Google Chrome.
   
2. Navigate to Setup > Users
   
   
   
3. Be sure your username is selected
   
4. Click to open the User Credential setup window
   
5. Set the Type to be IdenTrust(M) using: Mobile Device
   
   
   
6. Drag or select your backed up .pfk IdenTrust certificate into the area shown.  You saved this to your computer in a previous step.
   
7. Enter the password, Account Number and Username, then click Upload. Your cert will now be associated with your user.