CMS Is Using Multi-Factor Authentication Process for Online Provider Enrollment System Applications

CMS announced they utilize an MFA process for users of their Provider Enrollment Systems. 

MFA is a second layer of security used to access online systems. Using this second factor when logging in, helps prevent anyone other than the user from logging in. When users log into the I&A System or the NPPES, the username and password are required, and when enrolled in MFA, a one-time passcode is also required.

Note:  Please share this information with staff members who conduct provider enrollment and credentialing of your providers within the Medicare Program.

CMS has established the following timeline for implementing MFA to the enrollment systems:

• I&A System on 9/9/2019
• NPPES in 12/2019
• PECOS in 4/2020

CMS conducted an educational event on 7/30/2019 detailing the upcoming MFA implementation. You can access the information from this event at Enrollment Multi-Factor Authentication for I&A System Webcast.

Contact EUS Help Desk with any questions related to CMS Provider Enrollment Systems MFA setup. (Initial setup, MFA login, account reset … etc.)

• Website: EUS Help Desk
• By Email: EUSSupport@cgi.com
• By Phone: 1-866-484-8049

I&A MFA Background and Overview

What is MFA?

• MFA is a security system that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction.

Why is CMS implementing this?

• This is to improve identification and authentication security for the four public facing applications I&A, NPPES, PECOS and HITECH , starting with I&A in 9/2019.

Posted 12/9/2019