ID.me biometric identity proofing selected for healthcare EPCS compliance by Allscripts
Allscripts has selected ID.me to provide identity proofing and multifactor authentication for healthcare providers using its electronic health record platforms to meet electronically prescribed controlled substances (EPCS) requirements.
All healthcare providers will be required to issue controlled substances only through electronic prescriptions from January 1, 2021, and follow Drug Enforcement Administration (DEA) rules requiring compliance with NIST 800-63-3 digital credential standards.
ID.me’s ID document and selfie technology verifies the identity of healthcare providers, and validates their credentials, including DEA and NPI records, the company says. Its EPCS Identity Proofing technology is compliant with the new NIST 800-63-3 Identity Assurance Level (IAL) 2 and Authenticator Assurance Level (AAL) 2 standards mandated by the DEA for healthcare providers prescribing drugs like opioids. The same standards are also being recommended in the Trusted Exchange Framework and Common Agreement interoperability standards to be published by the U.S. Department of Health and Human Services (HHS).
“With secure digital identity, malicious actors will have a much more difficult time perpetrating opioid abuse,” ID.me Founder and CEO Blake Hall says. “Our solution conforms to rigorous federal requirements for prescribing controlled substances, yet we have taken great care to ensure the process is also accessible for providers so they can spend as much time as possible caring for patients.”
ID.me has provided credentials for hundreds of thousands of military veterans accessing healthcare through VA.gov, and recently added to its executive team after doubling its user base.