Electronic prescribing of controlled substances (EPCS) is a critical step in the transformation of the healthcare industry from manual to automated processes. It also improves patient safety and the accuracy of prescriptions. A recent study from the Journal of General Internal Medicine concluded that the percentage of prescription errors drops from 37 percent to 7 percent when prescribers use electronic prescribing versus paper prescriptions. In addition, EPCS streamlines workflows for prescribers and pharmacies, and it has the potential to reduce healthcare costs over the next decade through improvements in productivity and cost efficiency based on the volume of prescriptions being managed.
When the Drug Enforcement Administration (DEA) finalized its rule allowing controlled substances to be prescribed electronically in 2010, it established certain criteria that must be met before a prescriber can implement EPCS. As a result, despite the potentially significant advantages, EPCS has not yet been widely adopted by prescribers.
Today, however, the technology and regulatory barriers to enabling EPCS have been addressed. For instance, since the DEA final rule was adopted, the boards of pharmacy in 44 states have since passed regulations allowing EPCS.
The DEA also requires that both the electronic medical records (EMR) system and the pharmacy be certified for EPCS. Today, Epic, Cerner and several other EMR vendors are certified, and there are more than 12,000 pharmacies across the U.S. certified to accept prescriptions for controlled substances that were ordered electronically.
The final piece to satisfying the DEA requirements and enabling EPCS is the need for two-factor authentication technology. The DEA’s rule stipulates that any EPCS workflow requires two-factor authentication at the time an order for a controlled substance is placed. This can include a combination of something only the clinician knows (such as a password), a security scan (such as the clinician’s fingerprint or biometric data) and/or something the clinician has (such as a token).
While this is an important requirement to ensure patient safety and the accuracy of the prescription, this added layer of security has the potential to introduce complexity and decrease the efficiency of clinical workflows. Healthcare CIOs and CMIOs are tasked with complying with HIPAA regulations and keeping information safe, while at the same time giving physicians the fast access they need to deliver high-quality patient care.
Striking this balance when implementing EPCS can be a challenge, but there are readily available multi-factor authentication solutions available today that integrate with certified EMR systems without disrupting workflow. The most robust of these technologies support all of the authentication modalities allowed by the DEA for EPCS, which gives IT administrators more flexibility to implement a solution that best fits their clinical workflow requirements.
Given its state law mandating that all prescriptions for controlled substances be submitted electronically by the end of 2014, New York will serve as a bellwether that will indicate the long-term patient safety and clinical workflow benefits of EPCS. However, now that the technology and regulatory barriers to adoption have been addressed, healthcare organizations across the U.S. have the ability to satisfy demand from providers to enable EPCS. In the long run, this will help to better control prescription fraud and streamline the workflow of prescription management and administration for care providers, which allows clinicians more time to focus on what matters most – patient care.
About the author
John Clark, Senior Product Manager, Imprivata.
For more on Imprivata: click here