Integrate your EMR Application

You need to configure the integration between Imprivata Confirm ID and your Electronic Medical Record (EMR) application to support Imprivata Confirm ID authentication during supported signing workflows.

NOTE: Before you begin, see Imprivata Confirm ID Supported Components for the supported versions of each EMR application.

Integration

In the Imprivata Admin Console, go to Applications > EPCS and clinical workflows integrations. Complete the steps for your EMR application:

To enable integration with Allscripts, in the Imprivata Admin Console, go to Applications > EPCS and clinical workflows integrations:

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select Allscripts Clinical Workflow Integration.
  3. Select whether This application authenticates users via LDAP (Active Directory) or This application does not use LDAP.
  4. Click OK.

  5. Your EMR application is listed with the expiration date of the certificate. You can update or remove the certificate directly on this page.

  6. NOTE: To complete this activation, the Imprivata appliance must have access to the Internet via HTTPS.

Install the Imprivata Signed Certificate

When your enterprise was licensed for Imprivata Confirm ID, Imprivata Services sent an email to your enterprise with a Certificate Voucher File (.IMPCVF) attached. This file is required to upload the Imprivata signed certificate and complete the integration.

CAUTION: Uploading of a Certificate Voucher File to the Imprivata appliance will provision your appliance with a new Imprivata signed certificate. To ensure the service provided by Allscripts is not interrupted: after the certificate is installed, click Download certificate and upload the new Imprivata signed certificate to your Allscripts application.

To enable integration with Allscripts, in the Imprivata Admin Console, go to Applications > EPCS and clinical workflows integrations::

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select Allscripts Security Platform.
  3. If the Imprivata signed certificate for the enterprise is already installed, click OK.
  4. If the Imprivata signed certificate for the enterprise is not installed, browse to locate the IMPCVF file.
  5. Select whether This application authenticates users via LDAP (Active Directory) or This application does not use LDAP.
  6. Click OK.

    7. Your EMR application is listed with the expiration date of the certificate. You can update or remove the certificate directly on this page.

    NOTE: To complete this activation, the Imprivata appliance must have access to the Internet via HTTPS.

Configure and Enroll Imprivata Confirm ID Users

Before users enroll their Allscripts accounts:

  • Associate the providers' user policy with the Imprivata Confirm ID EPCS Access Control workflow. See Configuring the Workflow Policy.
  • To enable prescribing medications, you will also need to associate the providers' user policy with at least one signing workflow, but this does not need to be done before enrolling their Allscripts accounts with Imprivata Confirm ID.
  • Users must enroll their authentication methods with Imprivata Confirm ID. See Enrolling Authentication Methods for Imprivata Confirm ID Workflows.

Enroll Users with Allscripts® TouchWorks® EHR

To enable Allscripts TouchWorks EHR enrollment with Imprivata Confirm ID authentication:

  • The Imprivata agent must be installed on the endpoint computer with Allscripts TouchWorks EHR.
  • The Imprivata agent must be online with the Imprivata appliance.
  1. Create an Allscripts Security Account task for your Allscripts providers. To complete the task, the providers will:
    • Enter their EHR password;
    • Create a Security Account password; and
    • Link to their Imprivata Account using their Imprivata Confirm ID credentials (the EPCS Access Control workflow).
  2. After the provider completes this task, an account with SHIELD is created and the provider's Allscripts account is connected with their Imprivata Confirm ID account.
  3. You can confirm this connection for specific users in the Imprivata Admin Console: Go to Users > Users, select a user, and see the Associated Usernames section.
  4. Before the provider can e-prescribe controlled substances, the provider must be approved twice per DEA regulations:
    • An Allscripts EPCS Admin must Grant EPCS to each provider; and
    • A different Allscripts EPCS Admin must Approve EPCS for each provider.

Install the Imprivata Signed Certificate

When your enterprise was licensed for Imprivata Confirm ID, Imprivata Services sent an email to your enterprise with a Certificate Voucher File (.IMPCVF) attached. This file is required to upload the Imprivata signed certificate and complete the integration.

CAUTION: Uploading of a Certificate Voucher File to the Imprivata appliance will provision your appliance with a new Imprivata signed certificate. To ensure the service provided by Bravado Health ScriptRx is not interrupted: after the certificate is installed, click Download certificate and upload the new Imprivata signed certificate to your Bravado Health ScriptRx application.

To enable integration with Bravado Health ScriptRx, in the Imprivata Admin Console, go to Applications > EPCS and clinical workflows integrations::

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select Bravado Health ScriptRx.
  3. If the Imprivata signed certificate for the enterprise is already installed, click OK.
  4. If the Imprivata signed certificate for the enterprise is not installed, browse to locate the IMPCVF file.
  5. Select whether This application authenticates users via LDAP (Active Directory) or This application does not use LDAP.
  6. Click OK.

    7. Your EMR application is listed with the expiration date of the certificate. You can update or remove the certificate directly on this page.

    NOTE: To complete this activation, the Imprivata appliance must have access to the Internet via HTTPS.

Configure and Enroll Imprivata Confirm ID Users

Before users enroll their Bravado Health ScriptRx accounts:

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select Cerner Millennium Alt.
  3. Do not edit the default value in the Issuer name field.
  4. Default: www.cerner.com/issuer/CMALT
  5. Select whether This application authenticates users via LDAP (Active Directory) or This application does not use LDAP.
  6. Click OK.
  7. On the Confirm ID integrations page, click Download certificate.
  8. Download the certificate file.
  9. Arrange to have the Imprivata certificate file uploaded to the server.
  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select Cerner Millennium.
  3. Do not edit the default value in the Issuer name field.
  4. Default: www.cerner.com/issuer/CM
  5. Select whether This application authenticates users via LDAP (Active Directory) or This application does not use LDAP.
  6. Click OK.
  7. On the Confirm ID integrations page, click Download certificate.
  8. Download the certificate file.
  9. Arrange to have the Imprivata certificate file uploaded to the server.
  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select ChipSoft HiX.
  3. Click OK.
  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select Cistec KISIM.
  3. Click OK.

To enable DrFirst EPCS Gold, or any EMR application that uses DrFirst, complete the following tasks:

  • Your providers must enroll their authentication methods with Imprivata Confirm ID before you instruct them to log into the DrFirst dashboard to complete DrFirst identity proofing. See Enrolling Authentication Methods for Imprivata Confirm ID
  • You also must complete the configuration process below, including uploading the DigiCert signed certificate if necessary, before you instruct your providers to log into the DrFirst dashboard to complete DrFirst identity proofing.
  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select DrFirst EPCS Gold.

  3. If the DigiCert signed certificate for the enterprise is already installed, click OK.

  4. If the DigiCert signed certificate for the enterprise is not installed, enter your Organization ID and click Verify. Your Organization ID is provided by Imprivata when you are licensed for Confirm ID signing.
  5. Select Test when testing your integration, or Production for your production environment.
  6. Add up to 10 domains of users who will be signing orders or completing clinical workflows.

  7. Click OK.

  8. You can now download the DigiCert certificate from the Imprivata appliance, and send to DrFirst if needed to complete setup.

    9. Your EMR application is listed with the expiration date of the certificate. You can update or remove the certificate directly on this page.

    NOTE: To complete this activation, the Imprivata appliance must have access to the Internet via HTTPS.

  9. On the Settings page, go the Imprivata agent discovery section and ensure that the appropriate URLs have been entered. Depending on the URL format, the URL may need an asterisk at both the beginning and ending of the URL. The URL for the EMR app using DrFirst must be included here as well.

When the Imprivata Connector for Epic Hyperdrive license is installed, Epic (requires Imprivata Connector) is listed automatically. No action is required on this page.

Imprivata Confirm ID supports two-factor authentication for Mobile EPCS with Epic Haiku and Canto. Before you begin, an Imprivata Mobile EPCS license is required. See Mobile EPCS with Epic Haiku and Canto

Two-Factor Authentication Methods

Users must authenticate with two of three possible methods for two-factor authentication: a password, their Onespan (VASCO) token, or their facial biometric. These authentication methods are shown in the table row called E-prescribe controlled substances — mobile authentication methods in Configure Workflows. Note the two footnotes that appear for that table row.

For complete details on managing VASCO tokens, see Managing OneSpan (VASCO) OTP Tokens and Managing an Individual OneSpan (VASCO) OTP Token.

Communication Ports

Imprivata Confirm ID for Mobile EPCS needs to contact the Imprivata Cloud at the host *.cloud.imprivata.com

For a complete list of ports required for Imprivata Confirm ID, see About Outbound Communications.

Set Up Cloud Connection

If you have already set up your Imprivata Cloud Connection, skip this section and proceed to Contact Imprivata Support.

Cloud Connection

Imprivata Services will enter the Enterprise ID and one-time cloud provisioning code required to establish trust between your Imprivata enterprise and the Imprivata cloud:

  1. If you're not on the Cloud Connection page already: In the Imprivata Admin Console, click the gear icon > Cloud connection.
  2. Services will enter your Enterprise ID and cloud provisioning code.
  3. Click Establish trust.
BEST PRACTICE:

The cloud connection must be established by Imprivata Services.

Cloud Connection Status

You can review the status of your enterprise's connection to the Imprivata cloud at any time. Status notifications are displayed on the Imprivata Admin Console, and the cloud connection status of every appliance at every site is also available:

  1. In the Imprivata Admin Console, go to the gear iconCloud connection.

  2. Every appliance host is listed with its status. If there are problems with a connection, recommendations for resolving the problem are displayed here.

Contact Imprivata Support

After your Imprivata Cloud Connection is set up, you must contact Imprivata Support to have your enterprise Tenant ID generated.

Epic Haiku and Canto EMR Integration

Install the Imprivata Signed Certificate

When your enterprise was licensed for Imprivata Confirm ID, Imprivata Services sent an email to your enterprise with a Certificate Voucher File (.IMPCVF) attached. This file is required to upload the Imprivata signed certificate and complete the integration.

CAUTION: Uploading a Certificate Voucher File to the Imprivata appliance will provision your appliance with a new Imprivata signed certificate. To ensure the service provided by Epic Haiku and Canto is not interrupted: after the certificate is installed, click Download certificate and upload the new Imprivata signed certificate to your Epic Haiku and Canto application.

The Imprivata Integration URL and your enterprise's unique Tenant ID are also listed. Epic Haiku and Canto require this information when uploading your Imprivata signed certificate (also see the NOTE below).

To enable integration with Epic Haiku and Canto, in the Imprivata Admin Console, go to Applications > EPCS and clinical workflows integrations:

  1. On the Confirm ID Integrations page, go to the Applications section and click Add an application.

  2. Select Epic Haiku and Canto.

  3. If the Imprivata signed certificate for the enterprise is already installed, click OK.

  4. If the Imprivata signed certificate for the enterprise is not installed, browse to locate the IMPCVF file.

  5. Click OK.

  6. Your EMR application is listed with the expiration date of the certificate. You can update or remove the certificate directly on this page.

  7. NOTE: To complete this activation, the Imprivata appliance must have access to the Internet via HTTPS, and the connection to the Imprivata cloud must be completed. See Set Up Enterprise.

    After you have configured the Epic Haiku and Canto integration, then in the Imprivata Admin Console, on the Confirm ID Integrations page, the row for Epic Haiku and Canto lists the Imprivata Integration URL, the Imprivata cloud unique Tenant ID for your enterprise, and a SAML Issuer URL. You will need these values to configure mobile EPCS in Epic.

Workflow Policy

Any users already enabled for EPCS are now enabled for Mobile EPCS with Epic Haiku and Canto. If you need to associate more users, do so now.

Configure and Enroll Imprivata Confirm ID Users

The following steps can be done in parallel to users enrolling their Epic Haiku and Canto accounts:

FDB MedsTracker

Configure Imprivata Confirm ID Integration

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select FDB MedsTracker.
  3. If you have not edited the FDB server's Distinguished Name, do not edit the default value in the Issuer name field.
  4. The Issuer name field is pre-populated with the Distinguished Name by which the FDB server can be identified by Imprivata Confirm ID. Wildcards (*) are used in this default value to ensure Imprivata Confirm ID can identify the FDB server. If you change the server's Distinguished Name from the default value, edit this field to match the new name.
  5. Default: CN=FDB MedsTracker, OU=*, O=*, C=US
  6. Click OK.
  7. On the Confirm ID integrations page, click Download certificate.
  8. Download the certificate file.
  9. Deliver the Imprivata certificate file to your FDB Administrator, who will arrange to have it uploaded to the FDB MedsTracker server.

Configure Imprivata Confirm ID Users

Users must be identity proofed and enrolled with Imprivata Confirm ID before users enroll their FDB MedsTracker accounts. In the Imprivata Admin Console, go to Users > Workflow policy:

  • Associate the user policy with the Imprivata Confirm ID E-prescribe controlled substances workflow. This workflow enables FDB MedsTracker users for E-prescribing controlled substances.
  • Also associate the user policy with the Imprivata Confirm ID EPCS access control workflow. This workflow enables FDB MedsTracker users to complete EPCS Token Activation within FDB MedsTracker.
  • For complete details of Imprivata Confirm ID workflow policies, see Configuring the Workflow Policy
  • Users must enroll their authentication methods with Imprivata Confirm ID. See Enrolling Authentication Methods for Imprivata Confirm ID Workflows.

Configure FDB MedsTracker

Administration of the FDB MedsTracker enterprise, including enabling Imprivata authentication for EPCS signing, and importing the Imprivata certificate, will be completed by FDB.

During Prescriber EPCS Token Activation, the user must complete Imprivata Confirm ID EPCS access control authentication.

 

When your enterprise was licensed for Imprivata Confirm ID, Imprivata Services sent an email to your enterprise with a Certificate Voucher File (.IMPCVF) attached. This file is required to upload the Imprivata signed certificate and complete the integration.

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select GE Healthcare Centricity EMR.
  3. If the Imprivata signed certificate for the enterprise is already installed, click OK.
  4. If the Imprivata signed certificate for the enterprise is not installed, browse to locate the IMPCVF file.
  5. Select whether This application authenticates users via LDAP (Active Directory) or This application does not use LDAP.
  6. Click OK.

    7. Your EMR application is listed with the expiration date of the certificate. You can update or remove the certificate directly on this page.

    NOTE: To complete this activation, the Imprivata appliance must have access to the Internet via HTTPS.

When your enterprise was licensed for Imprivata Confirm ID, Imprivata Services sent an email to your enterprise with a Certificate Voucher File (.IMPCVF) attached. This file is required to upload the Imprivata signed certificate and complete the integration.

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select GE Healthcare Centricity Practice Solution.
  3. If the Imprivata signed certificate for the enterprise is already installed, click OK.
  4. If the Imprivata signed certificate for the enterprise is not installed, browse to locate the IMPCVF file.
  5. Select whether This application authenticates users via LDAP (Active Directory) or This application does not use LDAP.
  6. Click OK.

    7. Your EMR application is listed with the expiration date of the certificate. You can update or remove the certificate directly on this page.

    NOTE: To complete this activation, the Imprivata appliance must have access to the Internet via HTTPS.

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select Howard Medical Med Display.
  3. Click OK.
  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select InterSystems TrakCare.
  3. Select whether This application authenticates users via LDAP (Active Directory) or This application does not use LDAP.
  4. Click OK.
  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select McKesson Horizon Enterprise Prescription Writer.

  3. If the DigiCert signed certificate for the enterprise is already installed, click OK.

  4. If the DigiCert signed certificate for the enterprise is not installed, enter your Organization ID and click Verify. Your Organization ID is provided by Imprivata when you are licensed for Confirm ID signing.
  5. Select Test when testing your integration, or Production for your production environment.
  6. Add up to 10 domains of users who will be signing orders or completing clinical workflows.

  7. Click OK.

  8. You can now download the DigiCert certificate from the Imprivata appliance, and send to DrFirst if needed to complete setup.

    9. Your EMR application is listed with the expiration date of the certificate. You can update or remove the certificate directly on this page.

    NOTE: To complete this activation, the Imprivata appliance must have access to the Internet via HTTPS.

  9. On the Settings page, go the Imprivata agent discovery section and ensure that the appropriate URLs have been entered. Depending on the URL format, the URL may need an asterisk at both the beginning and ending of the URL. The URL for the EMR app using DrFirst must be included here as well.

Configure Imprivata Confirm ID Users

Users must be enrolled with Imprivata Confirm IDbefore users enroll their McKesson Paragon accounts. In the Imprivata Admin Console, go to Users > Workflow policy:

Configure Imprivata Confirm ID Integration

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select McKesson Paragon Prescription Writer.

  3. If the DigiCert signed certificate for the enterprise is already installed, click OK.

  4. If the DigiCert signed certificate for the enterprise is not installed, enter your Organization ID and click Verify. Your Organization ID is provided by Imprivata when you are licensed for Confirm ID signing.
  5. Select Test when testing your integration, or Production for your production environment.
  6. Add up to 10 domains of users who will be signing orders or completing clinical workflows.

  7. Click OK.

  8. You can now download the DigiCert certificate from the Imprivata appliance, and send to DrFirst if needed to complete setup.

    9. Your EMR application is listed with the expiration date of the certificate. You can update or remove the certificate directly on this page.

    NOTE: To complete this activation, the Imprivata appliance must have access to the Internet via HTTPS.

  9. On the Settings page, go the Imprivata agent discovery section and ensure that the appropriate URLs have been entered. Depending on the URL format, the URL may need an asterisk at both the beginning and ending of the URL. The URL for the EMR app using DrFirst must be included here as well.

Configure Med Recon and CPOE

To enable Imprivata Confirm ID authentication for Med Recon and CPOE (computerized provider order entry):

  1. Go to Paragon Reference Masters > Common > System Parameters.

  2. On the System Parameters Maintenance screen, enable these System Default Parameter values:

    • AUTH_CONFIRM_ID enables Imprivata Confirm ID.
    • RX_ONLY_STRONG_AUTH enables Imprivata Confirm ID for Rx orders only. Imprivata Confirm ID is not used for Order Management.
    • STRONG_AUTH enables Imprivata Confirm ID for Rx orders and Order Management.

Paragon Pharmacy Management

To enable Imprivata Confirm ID authentication for Paragon Pharmacy Management:

  1. In Paragon Pharmacy Management, go to List > References > Specifications.

  2. In the Specification Master Reference > Configuration tab > System, select Use Strong Authentication.

  3. Click Save.

Paragon Medication Administration

To enable Imprivata Confirm ID for Paragon Medication Administration:

  1. In Paragon Medication Administration, Go to List > References > Specifications.

  2. In Medication Administration Specifications > MedAdmin Options tab > Staff Identification section, select Use Strong Authentication.

  3. Click Save.

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select MEDHOST EDIS.
  3. Click OK.

Configure and Enroll Imprivata Confirm ID Users

Before users enroll their Medhost accounts:

  • Associate the providers' user policy with the Imprivata Confirm ID EPCS workflow.
  • Associate the DEA registrants' user policy with the Imprivata Confirm ID EPCS Access Control workflow only.
  • To enable prescribing medications, you will also need to associate the providers' user policy with at least one signing workflow, but this does not need to be done before enrolling their Medhost accounts with Imprivata Confirm ID.
  • Users must enroll their authentication methods with Imprivata Confirm ID. See Enrolling Authentication Methods for Imprivata Confirm ID Workflows.

Configure the Connection to Imprivata Confirm ID

To enable the Medhost Enterprise connection to Imprivata Confirm ID, make the following settings in two places:

  1. Go to File Maintenance > System Maintenance > General Maintenance > Integration
  2. Set the Integration Type to Imprivata.
  3. Set Enterprise Authentication Type: DEFAULT
  4. Set User Directory Type: Active Directory

In the RX System Control File Maintenance panel, Program Security section:

  1. Enable Positive ID Authentication
  2. Enter the domain of the Imprivata appliance

When your enterprise was licensed for Imprivata Confirm ID, Imprivata Services sent an email to your enterprise with a Certificate Voucher File (.IMPCVF) attached. This file is required to upload the Imprivata signed certificate and complete the integration.

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select MEDHOST ENTERPRISE.
  3. If the Imprivata signed certificate for the enterprise is already installed, click OK.
  4. If the Imprivata signed certificate for the enterprise is not installed, browse to locate the IMPCVF file.
  5. Select whether This application authenticates users via LDAP (Active Directory) or This application does not use LDAP.
  6. Click OK.

    7. Your EMR application is listed with the expiration date of the certificate. You can update or remove the certificate directly on this page.

    NOTE: To complete this activation, the Imprivata appliance must have access to the Internet via HTTPS.

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select MEDITECH.

  3. If the DigiCert signed certificate for the enterprise is already installed, click OK.

  4. If the DigiCert signed certificate for the enterprise is not installed, enter your Organization ID and click Verify. Your Organization ID is provided by Imprivata when you are licensed for Confirm ID signing.
  5. Select Test when testing your integration, or Production for your production environment.
  6. Add up to 10 domains of users who will be signing orders or completing clinical workflows.

  7. Click OK.

  8. You can now download the DigiCert certificate from the Imprivata appliance, and send to DrFirst if needed to complete setup.

    9. Your EMR application is listed with the expiration date of the certificate. You can update or remove the certificate directly on this page.

    NOTE: To complete this activation, the Imprivata appliance must have access to the Internet via HTTPS.

  9. On the Settings page, go the Imprivata agent discovery section and ensure that the appropriate URLs have been entered. Depending on the URL format, the URL may need an asterisk at both the beginning and ending of the URL. The URL for the EMR app using DrFirst must be included here as well.

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select Modeus HS8.
  3. Click OK.

Modeus HS8 Configuration

Modeus HS8 2019.1.0.60 and later integrates its DualSignOff and UserVerification workflows with Imprivata Confirm ID. To enable the integration with Imprivata Confirm ID, go to the Modeus HS8 configuration screen and select Imprivata Signoff Enabled.

Configure Imprivata Confirm ID Integration

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select NextGen EHR.
  3. If you have not edited the NextGen server's URL, do not edit the default value in the Issuer name field.
  4. The Issuer name field is pre-populated with the NextGen URL by which your NextGen server can be identified by Imprivata Confirm ID. Default: nextgen.com
  5. Click OK.
  6. On the Confirm ID integrations page, click Download certificate.
  7. Download the certificate file.
  8. Upload the Imprivata certificate file to your server.

Configure Imprivata Confirm ID Users

The same users designated as prescribers and registrars in the NextGen System Administrator must also be configured and enrolled with Imprivata Confirm ID before users enroll their NextGen accounts.

In the Imprivata Admin Console, go to Users > Workflow policy:

Configure the NextGen System Administrator

When registrars authorize access to EPCS in the NextGen System Administrator, they authenticate with the Imprivata Confirm ID E-prescribe controlled substances workflow, so they must be configured and enrolled with Imprivata Confirm ID before giving rights to e-prescribe controlled substances in the NextGen System Administrator. In the NextGen System Administrator, be sure to:

  • Set the EPCS Authentication Method Value to ImprivataConfirmID (all one word, no spaces).
  • Authorize EPCS registrar access. EPCS registrars give other NextGen users the rights to e-prescribe controlled substances. Two registrars are required: one must authenticate with password; the other must complete two-factor authentication.
  • Set up EPCS prescriber access. EPCS prescribers can digitally sign and electronically send controlled substance prescriptions.
  • Manage two-factor authentication credentials like tokens for EPCS registrars and prescribers.
  • Assign system-wide and provider-based digital signing certificates to users.

For complete details of the NextGen configuration, see ePrescribing Guide for NextGen Ambulatory EHR.

  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select Siemens Invision.
  3. If you have not edited the Siemens server's Distinguished Name, do not edit the default value in the Issuer name field.
  4. The Issuer name field is pre-populated with the Distinguished Name by which the Siemens server can be identified by Imprivata Confirm ID. Wildcards (*) are used in this default value to ensure Imprivata Confirm ID can identify the Siemens server. If you change the server's Distinguished Name from the default value, edit this field to match the new name.
  5. Default: CN=OAS Gold, OU=INVISION, OU=*, O=*, C=US
  6. Click OK.
  7. On the Confirm ID integrations page, click Download certificate.
  8. Download the certificate file.
  9. Send the Imprivata certificate file to your Cerner ATSG Consultant, who will arrange to have it uploaded to the server.
  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select Siemens Soarian.
  3. If you have not edited the Siemens server's Distinguished Name, do not edit the default value in the Issuer name field.
  4. The Issuer name field is pre-populated with the Distinguished Name by which your Siemens server can be identified by Imprivata Confirm ID. Wildcards (*) are used in this default value to ensure Imprivata Confirm ID can identify your Siemens server. If you change your server's Distinguished Name from the default value, edit this field to match the new name.
  5. Default: CN=Soarian Clinicals, OU=Soarian, OU=*, O=*, C=US
  6. Click OK.
  7. On the Confirm ID EMR partner applications page, click Download certificate.
  8. Download the certificate file.
  9. Send the Imprivata certificate file to your Cerner ATSG Consultant, who will arrange to have it uploaded to the server.
  1. On the Confirm ID integrations page, go to the Applications section and click Add an application.
  2. Select T-System EV.
  3. If you have not edited the T-System server's URL, do not edit the default value in the Issuer name field.
  4. The Issuer name field is pre-populated with the T-System URL by which your T-System server can be identified by Imprivata Confirm ID. Default: http://www.tsystem.com
  5. Click OK.
  6. On the Confirm ID EMR partner applications page, click Download certificate.
  7. Download the certificate file.
  8. In the T-System EV, go to the Site Property Editor > Dual Authentication.
  9. Select SAML Certificate YES to select the Imprivata certificate file.
  10. Browse to the certificate file and click Open.
  11. In the Site Property Editor, click OK.

NOTE: When an EMR application calls DrFirst EPCS Gold for signing, DrFirst EPCS Gold is listed in the Workflow column of the Imprivata Confirm ID Signing Activity Report instead of the EMR application.