Epic MyChart Remote Enrollment

Allow patients to verify their identity by providing a government issued ID along with a selfie to be enrolled in Patient Access. This feature provides Epic1 Epic is a registered trademark of Epic Systems Corporation. customers with a convenient and secure way for patients to onboard before arriving for their scheduled visits.

Remote patient enrollment is supported on the following:

• The MyChart website on desktop or mobile

• The MyChart mobile application

Expected Patient Workflow

After configuring the remote enrollment feature in Patient Access, the expected patient workflow is as follows:

• The patient logs in to MyChart on their desktop or mobile app. From the MyChart menu, they can launch Patient Access remote enrollment.

• The patient completes the identity proofing steps, capturing photos of their government ID and a selfie.

• Once the identity is verified, the patient is enrolled in Patient Access.

Prerequisites

Take note of the following prerequisites:

• Configure the FHIR integration in Patient Access. For more information, see Configure the FHIR integration.

• Obtain the Imprivata Patient Access - Remote Enrollment app.

User Security for the Patient Access - Remote Enrollment App

Patient and provider-facing apps that use OAuth 2.0 authentication require certain security points on the users launching the app.

Ensure that users who will be accessing the app have the security points for the APIs used by this app and have access to launch the button for the app.

To determine which security points might be needed for an app install, review the list of APIs on the app and identify this app’s FHIR Resources in the FHIR Setup & Support Guide.

For more information, see the User & Security Setup for Apps topic.

To allow users to use OAuth 2.0 Authorization Code flow (e.g., standalone), ensure that the Allow OAuth2 authentication option is enabled in the Login security options settings for both Hyperspace Web and Hyperspace Web EpicCareLink servers within your HSWeb server deployment configuration.

For assistance, reach out to your Client Systems/Kuiper counterparts or open a Sherlock ticket with your Client Systems TS.

Interconnect Setup for the Patient Access - Remote Enrollment App

If you need assistance enabling web services or determining the appropriate rewrite patterns for the Patient Access - Remote Enrollment app, contact your Epic Client Systems - Web and Service Servers TS, and reference SLG 7948970.

If you are currently using the Chronicles-Configured OAuth2 Instance and the OAuth2 ARR Use Case, you do not need to complete any additional OAuth2 Interconnect build for this application. For more information on these topics, see the Interconnect Setup Guide or reach out to your Epic Client Systems - Web and Service Servers TS.

Application Build for the Patient Access - Remote Enrollment App

For information on and setup steps for the possible user workflow launch points that can be used to launch the app, see Launch an App from MyChart. Work with your operational stakeholders and Epic application representative, as needed, to determine how users should launch and interact with the app.

Information to Send to the Customer

1. Client IDs - The customer will use either the Non-Production or Production client ID in their Remote Enrollment configuration, depending on the environment.

   Only the client IDs for the Imprivata Patient Access - Remote Enrollment application are required for the customer to configure in their launch configuration.

   Application Name	Non-Production Client ID	Production Client ID
   Imprivata Patient Access - Remote Enrollment	441d76ed-cd38-40a5-84b4-f8858bd43fc0	4e2cb1f5-abfb-4962-87ba-670ad76057bb

2. Launch URL - The launch URL for the initial landing page that kicks off the SMART on FHIR launch’s OAuth 2.0 handshake.

   The value is:

   https://ps.sys.prod.imprivata.com/pa-patient-web/api/v1/fhir/launch?Impr-Tenant-Id=<tenantID>

   where

   <tenantID> is the organization's tenant ID.

3. Tokens in OAuth 2.0 Context - The list of context tokens that the Patient Access - Remote Enrollment application app needs at the point of launch. These tokens are in the form of key/value pairs. Set the following launch tokens in Epic:

   Key	Value
   %WPRID	wpr
   %EPTWPRID%	ept

Configure Remote Enrollment in Patient Access

To configure the remote enrollment integration:

1. In the Patient Access Admin Console, navigate to Integrations > Remote enrollment.

2. In the Configuration section, in the Client ID box, type the client identifier for the FHIR service.

   • If this is a test tenant, this is the non-production ID for the Imprivata Patient Access- Remote Enrollment app.

   • If this is the production tenant, this is the production ID for the Imprivata Patient Access - Remote Enrollment app.

3. The Interconnect instance base URL box automatically fills in the address of the interconnect instance base URL.

   If you have not configured the FHIR integration yet, use the link to navigate to the FHIR configuration page.
   

4. Click Save.