Category: Clinical Perspective
February 24 2016
Description of this Image

Most computer systems and applications authenticate a user by requesting and validating a username and password during the login process. This authentication process uses a single authentication credential – the password the user knows.

The process called multifactor authentication is a stronger approach to user authentication because it uses multiple credentials to identify the user. Multifactor authentication has three primary categories of authentication:

  • Something the user knows (such as a password)
  • Something the user has (such as a one-time password token)
  • Something the user is (such as a biometric)

Cerner has developed a new solution, Cerner Workflow Authentication, for Millennium that enables organizations to use two-factor authentication in workflows, such as electronic prescribing of controlled substances (EPCS), or in areas organizations want additional authentication, like employee remote access. The ability to add two-factor authentication within Millennium helps organizations align with what is becoming a security best practice around improving care, reducing fraud and identifying potential abuse. It also complies with workflows that require a multi-step authentication.  

 The solution supports a password as the first authentication, satisfying “something the user knows” and, secondly, supports “something the user has” through one-time password tokens. Organizations have options for one-time password authentication within the new solution:

  • Cerner is now a Value Added Reseller of VASCO, a world leader in two-factor authentication, supporting one-time password tokens
  • The solution supports existing one-time password tokens deployed at the client’s organization
  • Cerner has developed soft tokens via a mobile app (like Google Authenticator) using open industry standards

E-Prescribing Adoption

 The rapid rise of enabling a two-factor authentication solution has been highly correlated with the Drug Enforcement Administration (DEA) requirement of two-factor authentication for the EPCS workflow. EPCS is now approved in all 50 states to provide physicians with a more streamlined workflow for prescribing medications for their patients while helping prevent prescription fraud and abuse. E-prescribing of controlled substances increased by 400 percent in 2014.


Leveraging the Cerner Workflow Authentication solution, organizations can comply with the DEA requirement of having two-factor authentication when e-prescribing scheduled medications. The ability to e-prescribe all levels of prescriptions highly correlates with overall e-prescribing adoption, which is a Meaningful Use objective.

 For more information on Cerner Workflow Authentication, visit Cerner Booth 2032 at HIMSS16.