Default banner

FDA/DEA Regulatory Compliance: EPCS

Complying with Electronic Prescriptions for Controlled Substances (EPCS) Requirements

FDA/DEA Regulatory Compliance: EPCS

map
Regulation | Active Now

EPCS revises DEA’s regulations to provide practitioners with the option of writing prescriptions for controlled substances electronically as well as receiving, dispensing and archiving electronic prescriptions. The electronic prescription application must incorporate a secure process for practitioner authentication.

Thales can help prepare organizations to meet these regulations through:

  • Two-factor authentication
  • Hardware- and software-based EPCS-compliant tokens
  • Regulation
  • Compliance

The DEA's EPCS Regulation

"Electronic Prescriptions for Controlled Substances" revises DEA's regulations to provide practitioners with the option of writing prescriptions for controlled substances electronically. The regulations will also permit pharmacies to receive, dispense, and archive electronic prescriptions.

EPCS requires medical practitioners to use two-factor authentication to sign prescriptions for medical narcotics issued in digital form.

To comply with EPCS and enable the issuing of e-prescriptions for controlled substances, hospitals and healthcare institutions must instate EPCS-compliant processes certified by an independent third party, including the use of two-factor authentication (2FA) when signing e-prescriptions for controlled substances.

Thales’ SafeNet two-factor authentication solutions let hospitals and Critical Access Hospitals (CAHs) embrace EPCS quickly, without changing their current infrastructure.

Offering both hardware and software-based EPCS-compliant tokens, Thales provides frictionless authentication for practitioners and frictionless management for IT staff through fully automated workflows.

Altre norme fondamentali sulla protezione dei dati e sulla sicurezza

RGPD

REGOLAMENTO
ACTIVA ORA

Forse lo standard sulla privacy dei dati più completo fino ad oggi, il GDPR interessa qualsiasi organizzazione che elabora i dati personali dei cittadini dell'UE, indipendentemente da dove ha sede l'organizzazione.

PCI DSS

MANDATO
ACTIVA ORA

Qualsiasi organizzazione che svolge un ruolo nell'elaborazione dei pagamenti con carta di credito e debito deve rispettare i severi requisiti di conformità PCI DSS per l'elaborazione, l'archiviazione e la trasmissione dei dati dell'account.

Leggi sulla notifica delle violazioni dei dati

REGOLAMENTO
ACTIVA ORA

I requisiti di notifica della violazione dei dati a seguito della perdita di informazioni personali sono stati adottati dalle nazioni in tutto il mondo. Variano in base alla giurisdizione, ma includono quasi universalmente una clausola di "approdo sicuro".