Legacy eRx EPCS Setup

Electronic prescribing of controlled substances (EPCS) is available using Legacy eRx. This process is required by the Drug Enforcement Agency (DEA) to register and prescribe scheduled drugs. There may also be additional steps required by a provider's state.

Note: EPCS setup differs depending on your eRx solution. See DoseSpot Setup for EPCS steps using DoseSpot.

General Setup Steps

  1. Download the Authy app.
  2. Enable Legacy eRx and complete Identity Proofing (IDP) if you have not already done so. See Enabling Legacy eRx / Identity Proofing.
  3. Obtain an EPCS License for each provider who will prescribe controlled substances.
  4. Enter identity proofing credentials.

We recommend updating to the current stable version.

Subscribe for EPCS

All providers who want to prescribe controlled substances must obtain an EPCS license.

Make sure the provider is logged on to Open Dental (in Open Dental the provider must be associated to a user. See User Security Profiles).

  1. In the Chart Module, click eRx to open the Legacy eRx interface.
  2. Click the Admin tab.
  3. Click Exostar Sign-up.
  4. Click Sign Up for EPCS Services.

  5. Check the box next to the provider(s) to register for EPCS Subscriber Licenses, then click Calculate.
  6. If the Total Cost is accurate, click Purchase.
  7. Click Transfer to PayPal Portal to complete your payment in PayPal.
  8. If you have a PayPal account, click Have a PayPal Account, then login. If not, you can pay as a guest by entering credit card and billing information.
  9. After a successful transaction, you will receive a confirmation email from PayPal. If you do not want to pay via credit card online, PayPal offers 'Bill Me Later' to pay by check. Click Print Receipt to print a receipt.
  10. To proceed with EPCS setup, click the tab in your browser to return to Legacy eRx.
  11. Click Click here at the bottom of the screen to return to EPCS registration screens in Open Dental.

    If you experience an error, copy/paste the link at the bottom of the page into a different browser window.

  12. Enter the address currently listed on the provider's driver's license and current email address. Before clicking save, verify the DEA number is correct.
  13. Click Save.

Hardware Token: You will receive a hardware token as part of your registration. Your hardware token is a physical device that generates a One Time Passcode (OTP). You can choose to have your hardware token shipped to the location (practice/clinic) address or home address. Click the preferred shipping address, verify it is correct, and click Order Token and Continue Registration.

Note: Only click each button once. Some buttons respond slowly.

Exostar Registration

Click Click to Start EPCS Registration Process to begin.

Once this button is clicked, the Exostar pages will open and you will begin the identity proofing process.

Identity proofing with Exostar

Note: Click each button only once. Some buttons respond slowly.

  1. Review the Subscriber Agreement. Click I Agree.
  2. Confirm profile: Select United States from the drop down and click Submit.
  3. Verify identity.
    1. Enter all of your personal information. Review carefully. Once information is verified as correct, click I Agree.
    2. You will be presented with questions that will be used to verify your identity. Read all questions carefully. When all questions are answered, click Next.

    Note: If you are unable to be approved during the registration process, you will be provided with one of the two alternative methods below.
    • Webcam proofing
    • US mail

  4. Bind Token/App - Choose option A or B.

    Note: If you choose to use the Authy app (option b), you do not need the token but you will still receive one.

    1. Your hardware token will arrive in approximately one business week. See Bind Hardware Token section below for steps, or click Skip to Next to bind your token using the Authy app.
    2. Use the Authy app to generate your OTP. To bind the app to your profile, enter your phone number. Click Register Phone. If you have not yet downloaded the app, you will receive a text message with a link to the downloaded app.
  5. Open the Authy app. Follow the on-screen instructions.
  6. In the Legacy eRx window, continue to next steps.
  7. Click the red X and enter the 6 digit passcode from the Authy app into the Soft OTP field.
  8. Click Submit.
  9. You will see confirmation that the app is now bound to your profile. Click Complete.

Accessing your Exostar Profile

To access your Exostar profile, you must authenticate using either one of your OTP methods or via a text message or voice call. It is important that you set up text messaging or voice call in the event that you do not have access to your OTP method and would like to add a new OTP method. If you are unable to access your profile, the current profile will be revoked and you are required to re-start the entire process.

  1. Enter your cell phone number to receive a text in order to authenticate to your profile. Select the Country, enter and verify the phone number to text. Click Send Code.
  2. If you would prefer to have a voice call, change the first drop down to voice call. Enter and verify the phone number to call.
  3. Click Call.
  4. Enter the Verification Code that was sent. Click Submit. Once your profile is set up, you can add more than one authentication number to your profile.
  5. Click Complete.

You have now completed the Exostar registration process. You can manage the OTP devices in the Admin Tab, Manage Your EPCS Account link. Once the process is completed in Exostar, there are two last steps must be completed. These steps are called the Grant and Finalize steps.

Grant and Finalize

Grant Step

The DEA requires an EPCS Administrator to confirm the identity of the Prescriber. This is called the Grant Step. Anyone on the list who is not the Prescriber can complete the Grant Step as the EPCS Administrator.

  1. Check the box next to both the EPCS Administrator's name and your own name.
  2. Click Save. The Prescriber logs out of Legacy eRx.

    In the example below, Timothy Applegate is the Prescriber and Amber Valentine is the EPCS Administrator.

  3. The EPCS Administrator logs into Legacy eRx, clicks on the Admin tab and chooses the Prescriber Registration and EPCS Setup link.
  4. The doctor's name now appears in the box with Select underlined in blue.
  5. Click Select next to the Prescriber's name. The EPCS Administrator logs out.

Finalize Step

  1. The Prescriber logs back in, clicks on the Admin Tab and chooses the Prescriber Registration and EPCS Setup link. The Prescriber's name will appear in the Finalize Step box.
  2. Click Select.
  3. The Enter OTP box will appear. Use the OTP option that was bound during registration to complete the Finalize step.
    1. Authy App: Open the Authy App on your mobile phone. Enter the One Time Passcode from the Authy app into Legacy eRx. Click Authenticate.
    2. Hardware Token: Click Hard Token. Click the button on the hardware token and enter the One Time Passcode into Legacy eRx. Click Authenticate.

You have completed the EPCS registration process. You are now able to transmit controlled substances.

Bind Hardware Token

You will receive a hardware token in the mail. Use either the hardware token or the Authy app to authorize your account.

  1. In the Legacy eRx window, Admin tab, click Manage Your EPCS Account.
  2. Click Authenticate to receive an authentication code by text/call or through the Authy app.
  3. In the Soft OTP field, enter the code you received in Step 2.
  4. Click Add Token.
  5. Enter the serial number found on the back of the hardware token.
  6. Click the hardware token button to generate One-Time Password 1, and enter it in the field. Click the button again to generate One-Time Password 2, and enter it.
  7. Click Submit.