Configuring Epic Integration

This document describes how to install the Imprivata PatientSecure® client-side components for Epic Integration.

Before You Begin

Before you begin, have the following information ready:

  • PatientSecure:

    • NOTE: Check with your Imprivata PatientSecure representative to make sure that the server components are installed and that Admin Console is installed and configured.

  • Epic environment. Ensure that the Epic environment is already configured.

    • Epic Configuration ProgID. Take note of the ProgIDs in the Epic database. For more information, see Enabling Palm Scanner for Specific Workstations.

    • External Authentication Setting ID Type. Confirm that the External Authentication Setting ID Type is set to MRN. This is the ID type used field in Epic.

      When Epic passes the identifiers to PatientSecure, they must be in the correct order. The MRN must be the first part passed to PatientSecure.

    • Set up the Authentication buttons on the Epic screens.

To add the Imprivata Login Devices as Category Items in the E0A database:

  1. Log in to Hyperspace as an administrator.

  2. Go to the Epic menu and select Admin > General Admin > Item Editor.

  3. On the Item Editor, select the Service Configurations [E0A] database.

  4. Type 700 in the Item field.

  5. Click Edit Categories. The Category List Maintenance page for E0A 700 opens.

  6. Type a Category ID in the Edit Category section.

    The number must be greater than 10,000 and not already in use by another Login Device.

    For example, type 10006. The Release Range shown (0 to 10000) is reserved for Epic use only.

  7. Select PalmScanner in the Title field.

  8. Type PSEpicIntegration.EpicIntegrator in the Login Device ProgID field.

    This allows the Epic enroll and authentication buttons to reference the PatientSecure Integration component on the Citrix server and local machine (in a thick client installation) in order to directly communicate with the local machine.

    NOTE: The ProgID is not case-sensitive.

  9. Click Accept.

    The new login devices is shown in the Category List.

You only need to complete this task once for your Epic and Imprivata integration for all Patient Authentication.

To create the E0A record and create a link to it from the system definition:

  1. Type d ^E at the Cache prompt for the Epic environment you want to configure, then press Enter.

    Note the space after the "d".

  2. On the Chronicles screen, type E0A for the Database Initials to edit the External Servers database.

  3. On the Chronicles Main Menu, select Enter Data, then select Create Configuration.

  4. On the Open Configuration page, tpe a Configuration ID, then press Enter.

    The Configuration ID number must be greater than 99,999 and not already used for another E0A record. This Configuration ID is not the same one you created for the Category ID in the previous section. The range shown (1 to 99999) is the range reserved for Epic use only.

  5. Type Imprivata for the CONFIG NAME, then click Enter.

  6. Type t (today) for the CONTACT DATE, then click Enter.

  7. On the Service Configuration page, type Authentication for Config Type, then press Enter. Chronicles completes the Authentication Device Settings.

  8. Press the Page Down key to return to the page that requests the Config ID.

  9. Return to a Cache prompt, then type d ^%ZeUSTBL. (Note the space after the "d".) The system definition utility opens.

  10. Select Hyperspace.

  11. On the Hyperspace Settings page, select Miscellaneous Security Settings.

  12. On the Miscellaneous Security Settings page, select Authentication Configuration Record.

  13. On the Authentication Configuration Record page for Configuration, type Palm Scanner.

To enable the Palm Scanner at the Workstation level:

NOTE: The following instructions assume that the local workstation (LWS) records already exist in the Epic database.

  1. Log in to Hyperspace as an administrator.

  2. Click Epic, then select Admin > Access Management > Authentication Administration.

  3. Do one of the following:

    • If Imprivata is the Active authentication record, click Accept.

    • If Imprivata is not the Active authentication record, select Other and then select Imprivata.

    The Authentication Administration page opens.

  4. Click Add/Edit Workstation and search for the specific workstation for which you want to enable the Connector, and then select it from the list.

  5. Click Add/Edit Context for the selected workstation, and set the Context to 'Kiosk Identification (1010)'.

  6. Set the Primary Device to Palm Scanner Welcome.

    For more information, search your Epic documentation for "external patient authentication."

Install the Imprivata PatientSecure client with the appropriate pre-defined group of PatientSecure features for your Epic environment:

  • During setup, select the Client, Hub, Gateway, Epic integration group of features.

For Epic Integration as a published application on the endpoint:

  • On the server, install the Epic Integration group of features.

  • On the endpoint, install the Client, Hub, Gateway group of features.

For more information on the pre-defined groups of features, see Installing the PatientSecure Client.

This section provides recommendations for placing buttons in Epic.

  • Look up window. Authenticate button in lower left corner. Used in multiple workflows.

  • Patient station. Enroll and Authentication buttons on the toolbar.

  • Appointment desk. Enroll and Authentication buttons on the toolbar.

  • ED arrival. Enroll and Authentication buttons on the toolbar.

  • DAR.

    • Enroll and Authentication buttons on the toolbar.

    • Include Enroll and Authentication options from the right-click context menu that appears when you select the patient from the DAR.

Configure the external system and patient identifiers with the appropriate information for your Epic Integration system.

For more information, see Setting Up External Systems.

User Can Only Authenticate Once

Symptom

A User can only authenticate one time in Epic; on the second attempt, nothing happens.

Reason

This is a known issue in Epic.

Solution

  • Back out of the patient record, re-enter the record and authenticate.

Epic Attempts to Authenticate Patients Below the Minimum Age

Symptom

Epic attempts to authenticate a patient that is younger than the minimum age specified in the PatientSecure Minimum Age Limit setting.

Solution

  • Manually cancel the Authentication window.