Everyone (including the president) has been in agreement for some time that electronic prescribing is a good thing -- everyone, that is, except the Drug Enforcement Agency ("DEA"). The DEA has consistently expressed concerns about e-prescribing, and clung to paper prescription requirements, out of concern that the new technologies will facilitate drug diversion of controlled substances.
On June 26, after seven years of effort, the DEA has proposed new regulations to allow e-prescribing for controlled substances listed on Schedules III-V. See 73 Federal Register 36722-36782. A reading of the regulations makes clear that the DEA's strong concerns about the risks of e-prescribing have not gone away. The proposed DEA regulations describe a complex, costly and potentially onerous system of controls, including requirements such as the following:
* Physicians must undergo "identity proofing" processes conducted by an authority such as a hospital credentialing office or a state licensing authority;
* Pharmacies must confirm weekly that the physician's authority to prescribe has not been revoked, must have system audit controls in place, and must engage auditors to audit those system controls;
* All participants in the e-prescribing process must maintain records of the transactions, with off-site backups; and
* Security breaches involving e-prescription information must be reported to the DEA.
In short, the proposed DEA regulations hardly constitute a "green light" for the movement towards e-prescribing. However, for consulting firms that would provide the system audits and software vendors who will provide products that will help pharmacies and physicians comply with this detailed new regulatory scheme, the proposed regulations could represent a windfall.