FOR DRFIRST EPCS AND PDMP PLATFORMS

The below set of terms apply to your access to EPCS Gold Platform only:

1. I agree to retain sole possession of the OTP token, and will not share the login passphrase with any other person or allow any other person to use the OTP token or login passphrase in order to sign controlled substance prescriptions.
2. I understand that any failure to secure the OTP token or login passphrase, or any sharing of the OTP token or login passphrase with any other person, may result in the revocation or suspension of my use and access of EPCS Gold. I agree that if using a hard token or software token application on a mobile device to generate a one-time-password for the two-factor authentication process, the hard token or software token application on the mobile device must be separate from the device that I use to issue any electronic prescription for a controlled substance.
3. I agree to notify the DEA, the persons in my organization designated to set logical access controls to the EPCS application, and , my electronic prescription application or EHR/EMR vendor within one (1) business day upon discovery if one or more controlled substance prescriptions issued using my DEA number were not consistent with the prescriptions I signed, or were not signed at all.
4. I agree to notify the persons in my organization designated to set logical access controls to the EPCS application and to notify my electronic prescribing or EHR/EMR vendor within one (1) business day of discovery if:
   • • I am contacted by a pharmacy because one or more of my controlled substance prescriptions are displaying the incorrect DEA number;
     • It appears that any of the functions of the electronic prescription application are functioning improperly;
     • My OTP token is lost, stolen, or the authentication protocol has been compromised in any way; or
     • I determine there is any other potential security problem not described

5. I understand that in the event of misuse, I am responsible for any controlled substance prescriptions written using my two-factor authentication credential if I do not alert my electronic prescription application or EHR/EMR vendor as required in the provision above, and that I am responsible for any prescription information entered by an agent at my direction upon signing and authorizing the transmission of an electronic prescription for a controlled substance.
6. I agree to promptly install all application updates of which I am made aware.
7. I understand that the same responsibilities that apply to me when issuing paper or oral prescriptions also apply to me when issuing electronic prescriptions for controlled substances.
8. I agree to prescribe controlled substances only for legitimate medical purposes.
9. DrFirst may update these Terms of Use at any time upon providing notice to you.

The following Terms apply regardless of how you access and your use of the prescription drug monitoring program (PDMP) data made available to you through your state, a third-party provider, or DrFirst.:

1. I agree that I am a licensed medical professional authorized to access PDMP data (all such data referred to as “PDMP Data”) and shall only access or use PDMP Data in accordance with applicable state and federal laws and regulations, and that I am solely responsible for ensuring my access of the PDMP is authorized by the state in which I practice.
2. I agree to provide proof of my state-issued authorization of accessing PDMP Data, if such authorization is required by applicable law.
3. I have received all applicable consents or authorizations from current patients to access and/or use the PDMP Data.
4. I agree to access and use PDMP Data solely for health care-related decision making related to a patient in accordance with applicable federal and state laws and regulations.
5. I shall not engage in unlawful, objectionable, or malicious conduct or activities in accessing PDMP Data, including but not limited to, the transmission or distribution of viruses, computer worms, Trojan horses, malicious code, denial of service attacks, unsolicited commercial e-mail, the unauthorized entry to any other machine accessible via any platform, the unauthorized submission or transmission of data or material protected by a proprietary right of a third party, or the submission of otherwise objectionable information, material, or communications.
6. I agree that I will not decompile, disassemble, deconstruct, or reverse-engineer any PDMP Data that is retrieved through PDMP Access.
7. I agree not to sublicense, transfer, sell, disclose, export or otherwise permit access to or use of PDMP Data acquired through the software.
8. I hereby agree to indemnify, hold harmless, and defend DrFirst, the National Association of Boards of Pharmacy, and Bamboo Health, f/k/a Appriss, Inc. (“Bamboo Health”), and each of their respective officers, directors, employees, members, contractors, and affiliates from and against any losses, liabilities, costs (including reasonable attorneys’ fees), or damages resulting from any third party claim in which any above-named party is named as a result of my access or use of the PDMP Data.
9. To the extent that PDMP Data is accessed through Bamboo Health, I represent and warrant that I am not currently under formal investigation, indictment, or prosecution and have not been convicted, disciplined, or sanctioned within the preceding five (5) years by any governmental entity or self-regulation program for violation of any government laws or regulations under or related to health care, drugs, or criminal acts.
10. I agree that DrFirst may adjust fees at any time if required to comply with laws, regulations, or mandates, or if a relevant jurisdiction no longer pre-pays for the third-party hosting service (e.g. Bamboo Health) for PDMP access for providers in that state.
11. I acknowledge that to the extent that Bamboo Health is the source of the PDMP data, Bamboo Health and the National Association of Boards of Pharmacy shall be third-party beneficiaries to these terms.
12. To the extent that the CURES network is the source of the PDMP Data, I agree that it shall be my responsibility to verify through the CURES portal that my CURES account profile is current, which shall include, at a minimum, completion of the annual update, and that I possess an active CURES account. I acknowledge that the failure to complete the annual update or maintain an active CURES account status will result in rejection of the query.
13. For access to Washington State PDMP Data, I agree and acknowledge that I am required to have an account with OneHealthPort and retain full responsibility for maintaining an account with OneHealthPort and for any associated costs or fees.

By accessing the PDMP platform, you acknowledge and understand that you are subject to these terms of use and all applicable federal and state laws governing the electronic prescribing of controlled substances and applicable federal and state laws and regulations governing access and use of prescription drug monitoring program data.