NOTE: Make sure to select all the boxes for the Provider
Overview
The EPCS Access Control screen allows you to set up the security settings for EPCS.
Per the DEA rule for Controlled Substance Access Control, two users are required in order to save changes to this screen. You must get a second user that will authorize the changes. One of the users must be a Prescriber who has signed up for EPCS and can sign off on the changes with their Two Factor Credentials. The other user can be any user that has been added to the account that has Admin permissions. This does not need to be a prescriber; it can be a nurse, office manager, etc.
The steps to complete Access Control vary slightly depending on whether a prescriber with an EPCS token or another user is signed in.
During the E-Prescription setup, make sure to log on to TDO with a username other than the username used by the Doctor to logon to TDO. Please have a staff member who has "Full Permission" in eRX (adjusted in Administrative > Add/Edit Usernames and Passwords) to log on in order for Doctor to finish the Controlled Substance setup.
1. Go to Prescription
2. Click on “eRx” button
3. Click on the two right brackets
4. Go to Setup & Tools, click Practice Setup.
5. Go to the Settings Tab and click Open Access Control
Setup & Tools -> Practice Setup -> Settings
6. Select the Prescriber who will Approve Changes/Sign off from the drop-down. Please select the
Provider.
7. Select the Second User (Staff with full permission for eRx)
8. In the grid at the lower section, check the box for each user that will have permissions or help
with managing EPCS.
A. Has Validated Token: This column is read-only and indicates which users have a registered EPCS token.
B. Access Control Managers: Designate at least two users who will be in charge of managing access control (who can edit this screen) (at least one user must be a Prescriber who has signed up for EPCS).
C. Authorization Verifier: Select which Access Control Manager(s) will be in charge of verifying DEA registration and State Authorization(s) as needed. This user must sign off that they have verified each Prescriber allowed to sign as having current good standing controlled substance registrations. This user is legally responsible for continually verifying that Prescribers are in good standing and will immediately revoke privileges if:
i. The Prescriber’s token or password is lost, stolen or compromised.
ii. DEA registration expires.
iii. DEA registration is revoked, terminated or suspended
iv. no longer authorized e.g. leaves the practice
D. Allowed to mark Ready to Sign EPCS: Select which Users are allowed to mark controlled substances "ready to sign". Only users with Full RX permissions and prescribers are allowed to mark CS prescriptions.
E. Allowed to Sign and Send EPCS: Select which Prescribers are currently authorized send EPCS prescriptions (if they have signed up for EPCS Two Factor credentials using the Sign-up in the Setup menu).
5. Press Save to save the changes. This will pop-up the 2 Factor Credentials Sign off for the provider selected at the top to approve the changes. The provider will need to open their mobile app or use their key fob and enter the password for final approval of the permissions.
A. The sign password is the password created during EPCS sign-up.
B. The VIP Security code is the code generated by your key fob or software token app.
C. Once those are entered, click Sign + Authorize
Need more information?
For more information, please refer to https://live.mdtoolbox.net/rx/help/index.htm (external link)
Article ID: 373
Created: March 20, 2016
Last Updated: November 18, 2025
Author: TDO KB [web_admin@tdo4endo.com]
Online URL: https://kb.tdo4endo.com/article.php?id=373
