EPCS Certification

Drummond Group's Electronic Prescriptions for Controlled Substances

On March 31, 2010, the Drug Enforcement Administration (DEA) published the Interim Final Rule allowing e-prescribing applications to transmit Electronic Prescriptions for Controlled Substances (EPCS) to pharmacies.

The regulations require that before any electronic prescription or pharmacy application may be used to transmit or receive prescriptions, the application must be reviewed for compliance with the requirements of 21 CFR parts 1311.

On Aug. 1, 2012, Drummond Group's certification review process was approved by the DEA. Our EPCS program includes:

  • Reviewing EPCS applications for compliance to 21 CFR part 1311
  • Reviewing processing integrity for both Installed and ASP type of applications
  • Reviewing physical security for software vendors who host ASP Applications

Please note that review of security practices for software that is installed at practices or pharmacies is not required as part of the EPCS Review.

Our process starts with a thorough review of the DEA regulations so your team has a firm understanding of the requirements. Next, we guide you through establishing a gap analysis of your applications' current functionality so you can develop a development roadmap before embarking on making the necessary the modifications to bring your application into compliance. Finally, the completed EPCS application must undergo a rigorous review process where we carefully review your application for compliance to 21 CFR part 1311 before it is put into use. The end result is a report which certifies that your application meets the EPCS requirements.

During this process, we rely on our deep experience in software testing and certification, including experience in EPCS application certifications. Drummond Group's skilled software testing, auditing and security personnel have developed review procedures which we make available to guide you from day one.

Where the EPCS software application is an ASP-based hosted solution (such as a cloud-based solution accessed through your web browser), Drummond Group works with the software vendor to ensure that security is addressed at the Data Center where the software application is hosted. And for pharmacies, practitioners or hospitals using an "Installed Application," the security assessment is not required as part of the review.

The ultimate goal of the EPCS certification program is to provide trust that the application is compliant to the DEA regulations, and can do so in a manner that addresses the processing integrity requirement (and security for ASP applications).

Drummond Group's EPCS program is just one of our healthcare programs. We also certify electronic health records (EHR) and Controlled Substance Ordering Systems (CSOS) –  making us the only third-party organization to act as a certifier or auditor for all three of these healthcare initiatives.

View or download our EPCS Certification brochure

Registration and FAQs

To register for EPCS Certification, visit: EPCS Registration

Do you have additional questions about our EPCS testing services?

Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Phone: (479) 372-1284

 

Copyright © 2016 Drummond Group  Follow DrummondGrpTest on Twitter