Electronic Prescription for Controlled Substances: A Cybersecurity Perspective
Samuel Tan, Rebecca Shapiro, and Sean W. Smith, Dartmouth College
The Electronic Prescription for Controlled Substances (EPCS) is a set of rules published by the Drug Enforcement Administration (DEA) that regulates implementations of electronic prescription systems for controlled substances. EPCS includes requirements two-factor authentication; specifications for electronic prescription applications; and rules governing the signing, transmitting, and receiving of electronic prescriptions. However, this set of regulations overlooks numerous critical aspects of computer security. This paper highlights some key areas in the electronic prescription process outlined by the EPCS regulation that are susceptible to adversarial attacks and provides recommendations for additions to EPCS regulations that would provide greater security for the use of electronic prescriptions.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Samuel Tan and Rebecca Shapiro and Sean W. Smith},
title = {Electronic Prescription for Controlled Substances: A Cybersecurity Perspective},
booktitle = {2013 USENIX Workshop on Health Information Technologies (HealthTech 13)},
year = {2013},
address = {Washington, D.C.},
url = {https://www.usenix.org/conference/healthtech13/workshop-program/presentation/tan},
publisher = {USENIX Association},
month = aug
}