Salesforce

EPCS Access Controls Guide

Printable View
« Go Back
Information
EPCS Access Controls Guide

Recommended Reading

Review the EPCS Sign Up Process Guide first before proceeding with this article. There are a few crucial steps you must take to Sign Up for EPCS before you can set up Access Control Permissions.

 

Contents

 

Introduction

Important Note: The DEA requires that two users, a Provider Level User and a second Provider Level User or an Admin Level Staff User, are present in order to enable EPCS within Elation. This is a checks and balances system to ensure that any provider who is given EPCS permissions can legally prescribe controlled substance medications.
  1. Multi-provider practices
    • If you work in a practice that has multiple providers, best practice is to have the second person assisting with sign up be another Provider Level User in your practice. You will need to assign them "Admin" level privileges but this action can be one-time only for purposes of completing EPCS sign up and you can revoke the "Admin" level privileges once you have completed EPCS sign up.
  2. Single provider practices
    • If you are the only provider in your practice, we recommend one of the following:
      1. Using an existing staff user in your office as the second person. You will need to assign them "Admin" level privileges but this action can be one-time only for purposes of completing EPCS sign up and you can revoke the "Admin" level privileges once you have completed EPCS sign up.
      2. If you do not have any existing Staff Level Users in your office, ask a trusted friend or family member to be the second person. You will need to invite them to register for an Elation account and assign them "Admin" level privileges but this will only be temporary and you can disable their account (and access) immediately after you have completed EPCS sign up.
 

Setting up Access Controls for the first time as the first provider

The steps in this section apply to you (the provider) if your entire practice is new to Elation and this is the first time a provider in the practice is signing up for EPCS. Each provider should always complete steps 1 to 3 in the EPCS Sign Up Process Guide first before setting up their Access Control Permissions. 


 

Multi-Provider Practice

Important Note: Please note the user definitions for the workflow detailed in this section. 
  • First user = Provider signing up for EPCS
  • Second user = Provider Level User who is assisting with sign up 
    • Must be an Admin Level User at the practice 
    • Will become an Access Control Manager by assisting with sign up  
  1. Assign "Admin" level privileges to the second user (Provider Level User assisting with sign up) in your practice if they do not already have this permission
    • Go to "Manage Accounts" and then click "Make Admin" next to the second user's name
  2. Ask the second user to login to their Elation account
  3. Ask the second user to click on their email at the top of their Elation account & click "Settings"
  4. Ask the second user to click into the "ePrescribing Controlled Substance (EPCS)” settings section and click on "Access Controls"
  5. The second user will then be brought to a page called "EPCS Permissions- Logical Access Control Setup"
  6. Under Grant Permissions, ask the second user to check off all of the following boxes next to your name: 
    • Access Control Manager?
    • Authorization Verifier?
    • Can Approve EPCS?
    • Can Sign & Send?
  7. Under Grant Permissions, ask the second user to check off the following boxes next to their name: 
    • Access Control Manager?
    • Authorization Verifier?
  8. If the second user plans on signing up for EPCS at a later time, have them check off the following boxes next to their own name as well:
    • Can Approve EPCS?
    • Can Sign & Send?
  9. Under Signoff & Save Permissions:
  • Important Note: Please note the following definitions for the Signoff & Save Permissions fields on the "EPCS Permissions- Logical Access Control Setup" page.
    1. First User (Prescriber w/ Token) = Provider signing up for EPCS
      • Ask the second user to select your own name in the dropdown for this field
    2. Second User (Prescriber or Admin) = Access Control Manager (who is an Admin Level User) assisting with sign up
      • The second user's name should already be filled in in the dropdown for this field
  1. Have the second user click "Save" and a new box will appear under the Second User (Prescriber or Admin) field that prompts the second user to enter their email address
  2. Have the second user enter their email address & click "Save". A box will pop up with a message that says "Second User approval code has been sent to their email...."
  3. Have the second user check their email inbox for an email with the subject line "EPCS Permission Request" from the email address "noreply@mdnotification.net". The body of the email will contain a 7 digit approval code
  4. Have the second user enter the 7 digit code in the "Approval Code" box that now appears under the Second User (Prescriber or Admin) field
  5. Have the second user click "Save" to save the approval code
  6. A box will pop up asking you (First User/the provider completing EPCS Sign Up) to enter your EPCS Token Password and Security Code. Enter this information and click "Sign and Authorize" to complete the final step of this process.

 

Congratulations on completing EPCS Sign Up! You can now close the MDToolbox tab in your web browser. 

To ensure that everything has been setup properly, go to a patient’s chart and click "Rx" >> "Controlled Substance Form"- if the blue button now says “ePrescribe”, you’re good to go! Click here to view our how to e-Prescribe controlled substance guide

 

Single Provider Practice 

  1. If you have a staff member with a Staff Level Elation account, assign them "Admin" level privileges if they do not already have this permission
    • Go to "Manage Accounts" and then click "Make Admin" next to the user's name
  2. If you do not have any staff, ask a trusted friend or family member to assist you
    • Invite them to Elation by going to "Manage Accounts" >> "+ Invite Staff"
    • Enter their name and email and then click "Invite"
    • Ask them to find the invitation in their email inbox and click "Click here to complete your Registration"
      • The invitation email will come from "support@elationemr.com" and will have the subject line 'Your Elation Account is Ready!'
    • Supply them with your practice's fax number to complete registration
  3. After registration, ask them to click on their email at to top of their account and click "Settings"
  4. Ask them to click into the "ePrescribing Controlled Substance (EPCS)" section and click "Access Controls"
  5. The Admin Level Staff User will then be brought to a page called "EPCS Permissions- Logical Access Control Setup". 
  6. Under Grant Permissions, ask the Admin Level Staff User to check off all of the following boxes next to your name:
    • Access Control Manager?
    • Authorization Verifier?
    • Can Approve EPCS?
    • Can Sign & Send?
  7. Under Grant Permissions, ask the Admin Level Staff User to check off all of the following boxes next to their own name:
    • Access Control Manager?
    • Authorization Verifier?
  8. Under Signoff & Save Permissions:
  • Important Note: Please note the following definitions for the Signoff & Save Permissions fields on the "EPCS Permissions- Logical Access Control Setup" page. 
    1. First User (Prescriber w/ Token) = Provider signing up for EPCS
      • Ask the second user to select your own name in the dropdown for this field
    2. Second User (Prescriber or Admin) = Admin Level Staff User assisting with sign up
      • The second user's name should already be filled in in the dropdown for this field
  1. Click "Save" and a new box will appear under the Second User (Prescriber or Admin) field that prompts the Admin Level Staff User to enter their email address
  2. Have the Admin Level Staff User enter their email address & click "Save". A box will pop up with a message that says "Second User approval code has been sent to their email...."
  3. Have the Admin Level Staff User check their email inbox for an email with the subject line "EPCS Permission Request" from the email address "noreply@mdnotification.net". The body of the email will contain a 7 digit approval code
  4. Have the Admin Level Staff User enter the 7 digit code in the "Approval Code" box that now appears under the Second User (Prescriber or Admin) field
  5. Have the Admin Level Staff User click "Save" to save the approval code
  6. A box will pop up asking you (the provider completing EPCS Sign Up / First User) to enter your EPCS Token Password and Security Code. Enter this information and click "Sign and Authorize" to complete the final step of this process

Congratulations on completing EPCS Sign Up! You can now close the MDToolbox tab in your web browser. 

To ensure that everything has been setup properly, go to a patient’s chart and click "Rx" >> "Controlled Substance Form"- if the blue button now says “ePrescribe”, you’re good to go! Click here to view our how to e-Prescribe controlled substance guide


 

Setting up Access Controls after the first provider

The steps in this section apply to you (the provider) if another Provider Lever User in the practice has already completed EPCS Sign Up. Each provider should always complete steps 1 to 3 in the EPCS Sign Up Process Guide first before setting up their Access Control Permissions. 

There are three options available for necessary users present when setting up Access Controls when there are already two established Access Control Managers at a practice (one being a Provider Level User):
 

Option 1Option 2Option 3
  • One Provider Level User/established Access Control Manager
  • One Staff Level User/established Access Control Manager 
  • Two Provider Level Users/established Access Control Managers
  • Provider Level User signing up for EPCS
  • Provider or Staff Level User/established Access Control Manager
*Please utilize the steps detailed below*Please utilize the steps detailed below*Please utilize the steps detailed for setting up a Provider Level User for the first time in a multi-provider practice if only these users are present
 

 
  1. Ask any established Access Control Manager to login to their Elation account
  2. Ask the Access Control Manager to click on their email at the top of their Elation account & click "Settings"
  3. Ask the Access Control Manager to click into the "ePrescribing Controlled Substance (EPCS)” settings section and click on "Access Controls"
  4. The Access Control Manager will then be brought to a page called "EPCS Permissions- Logical Access Control Setup"
  5. Under Grant Permissions, ask the Access Control Manager to check off all the boxes for the fields listed below that apply next to your name. (At a minimum, Provider Level Users must have 'Can Approve EPCS?' and ‘Can Sign & Send' checked off in order to send electronic controlled substance medications via Elation):
    • Access Control Manager?
    • Authorization Verifier?
    • Can Approve EPCS?
    • Can Sign & Send?
  6. Under Signoff & Save Permissions:
    • For the First User (Prescriber w/ Token) field, ask the Access Control Manager to select the name of the other Access Control Manager (must be a Provider Level User, usually already signed up for EPCS) 
    • For the Second User (Prescriber or Admin) field, the original Access Control Manager's own name should already be filled in
  7. Have the Access Control Manager click "Save" and a prompt will appear asking the Access Control Manager to approve their own changes. Have the Access Control Manager click "OK" to continue
  8. A box will pop up for the First User (the other Access Control Manager/Provider Level User) to enter their EPCS Token Password and Security Code. Have the First User enter this information and click "Sign and Authorize" to complete the final step of this process

 

Congratulations on completing EPCS Sign Up! You and the Access Control Manager can now close the MDToolbox tab in your web browser. 

To ensure that everything has been setup properly, go to a patient’s chart and click "Rx" >> "Controlled Substance Form"- if the blue button now says “ePrescribe”, you’re good to go! Click here to view our how to e-Prescribe controlled substance guide

 

 

Adjust Access Control Permissions after Initial Sign Up

The steps in this section are outlined for Provider Level Users who need their existing Access Control Permissions updated. Established EPCS Providers need to have two established Access Control Managers available to assist with updating their permissions.

There are two options available for necessary users present for Access Controls adjustment:
 
Option 1Option 2
  • One Provider Level User/established Access Control Manager
  • One Staff Level User/established Access Control Manager 
  • Two Provider Level Users/established Access Control Managers
 
  1. Ask any established Access Control Manager to login to their Elation account
  2. Ask the Access Control Manager to click on their email at the top of their Elation account & click "Settings"
  3. Ask the Access Control Manager to click into the "ePrescribing Controlled Substance (EPCS) settings section and click on "Access Controls"
  4. The Access Control Manager will then be brought to a page called "EPCS Permissions- Logical Access Control Setup". 
  5. Under Grant Permissions, ask the Access Control Manager to check off all the boxes for the fields listed below that apply next to the Provider Level User’s name that needs their Access Control Permissions adjusted. (At a minimum, Provider Level Users must have 'Can Approve EPCS?' and "Can Sign & Send' checked off in order to send electronic controlled substance medications via Elation):
    • Access Control Manager?
    • Authorization Verifier?
    • Can Approve EPCS?
    • Can Sign & Send?
  6. Under Signoff & Save Permissions:
    • For the First User (Prescriber w/ Token) field, ask the Access Control Manager to select the name of the other Access Control Manager (must be a Provider Level User, usually already signed up for EPCS). 
    • For the Second User (Prescriber or Admin) field, the original Access Control Manager's own name should already be filled in
  1. Have the Access Control Manager click "Save" and a prompt will appear asking the Access Control Manager to approve their own changes. Have the Access Control Manager click "OK" to continue
  2. A box will pop up the First User (another provider who is an Access Control Manager) to enter their EPCS Token Password and Security Code. Have the First User Provider enter this information and click "Sign and Authorize" to complete the final step of this process
 

Frequently Asked Questions

What if all of the Access Control Managers have left my practice? 

Please reach out to the Elation Team if all of the Access Control Managers have left your practice. We will work with MDToolbox to reset your practice’s ability to manage EPCS Access Controls to ensure you can set up new Provider Level Users in the future. 
 



 
Next Step

Send a controlled substance prescription electronically using the Controlled Substance Form in your Patient's chart! Learn How to e-Prescribe Controlled Substances.
 

 

Related Articles

 
Properties
how-to-set-up-epcs-access-controls
Powered by