Got Drugs? Dispose of Unused RX, DEA

Emergency Disaster Relief, DEA

Alert - Extortion Scam, DEA

Regulations.gov, The voice in Federal decision-making

Good Medicine, Bad Behavior. Drug Diversion in America

To view PDF documents
Get Adobe Reader

External links included in this website should not be construed as an official endorsement of the views contained therein.

 
Electronic Commerce Initiatives > Electronic Prescriptions for Controlled Substances > Third Party Reviews of Prescriber or Pharmacy EPCS Applications
Information and Legal Resources Banner

Electronic Prescriptions for Controlled Substances


Third-party Reviews of Prescriber or Pharmacy EPCS Applications

EPCS, as with paper prescriptions, requires the individual practitioner be responsible for ensuring the prescription conforms to all legal requirements and the pharmacist, acting under the authority of the DEA-registered pharmacy, has a corresponding responsibility to ensure the prescription is valid and meets all legal requirements.  Review of an EPCS application must be thorough in order to provide the prescriber and pharmacist the level of assurance needed in order to use the application.

Before any application may be used for electronic prescriptions for controlled substances, it must be reviewed, tested and determined by a third party to meet all of the requirements of 21 CFR Part 1311.  See 21 CFR 1311.300(a).  There are two alternative processes for review and certification of EPCS applications under the Interim Final Rule:  (1)  A third-party audit conducted by a person qualified to conduct a SysTrust, WebTrust or SAS 70 audit or a Certified Information System Auditor as stated in 21 CFR 1311.300(b), which comports with the requirements of paragraphs (c) and (d) of 21 CFR 1300.300, or (2) A certification by a certifying organization whose certification process has been approved by DEA as stated in 21 CFR 1311.300(e), which certification verifies that the application meets all of the requirements of 21 CFR Part 1311.  Review of processing integrity is required under either type of review.

 

Approved Certification Processes

Certification Process approved as of September 22, 2011:

InfoGard Laboratories, Inc.
709 Fiero Lane
San Luis Obispo, CA 93401
Phone: 805-783-0810
Email: epcs@infogard.com
Web: www.infogard.com

InfoGard is one of six selected Office of the National Coordinator for Health Information Technology (ONC) Authorized Testing and Certification Bodies.  It is also accredited by the National Institute of Standards and Technology (NIST) under its National Voluntary Laboratory Accreditation Program with specialized expertise in technology security, i.e. NIST’s Cryptographic Module Validation Program.  In addition, InfoGard is accredited by both NIST and GSA to validate compliance with Personal Identify Verification (PIV) requirements.  InfoGard is an independent laboratory and offers no hardware, software, system products, contract hardware or software design services that might conflict with being a testing and certification organization.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 
DEA: Drug Enforcement Administration Home