DrChrono's identity proofing partner, ID.me, is improving their process of identity verification to the highest standards set by the National Institute of Standards and Technology (NIST). See our FAQ later in this article.
Once you have secured your ID.me account, you will need verify your identity using your your mobile device. You will need the following items for this process.
- Photo ID (Driver’s License, Passport, Passport Card, or State ID card)
- A “live” selfie using your mobile device
- Your Social Security Number
1. Go to Account > Account Settings and select the eRx Info tab. Click the Verify with ID.me button. You will need to sign into ID.me using your email and password and will need to approve the sign-in from the ID.me Authenticator app. Tap Yes on the app to proceed.
Note: If you previously verified your identity with a photo ID or with an ID.me Trusted Referee, you will be prompted to take a selfie and proceed from step 3.
|2. Enter the code generated on your device to complete your login.|
|3. Select your verification for the photo ID you would like you to upload. You have the option of taking a picture of the photo ID you would like to use for example: a state issued driver’s license or state ID, a passport, or passport card.|
|4. Using your device, take photos of your government ID or, if you already have photos of your government ID on your device, you can choose to upload them.|
|5. Next, you will be prompted to take a selfie with your device's camera or your webcam.|
|6. After taking your selfie, enter your Social Security Number to confirm your identity.|
|7. Ensure that all of your information is complete and correct. Check the box to attest that the information is correct and to accept the use of the Fair Credit Reporting Act to verify your identity.|
|8. Select Allow to authorize ID.me to share your verified identity with DrChrono in order to e-prescribe.|
8. You will then be taken back to your DrChrono account.
Why does ID.me use facial recognition (selfie)?
For specific partners such as government and healthcare organizations, we need to comply with the federal standards for identity verification established by National Institute of Standards and Technology (NIST) 800-63-3. The selfie step is related to a mandatory requirement in the NIST standards for verifying evidence for use in unsupervised remote identity verification at IAL2 and supervised identity verification.
ID.me will not sell, rent, or trade your Personal Information. ID.me will only transfer your Personal Information at your request, and with your consent, for use by third parties to verify your identity, or as required for the prevention of fraud or otherwise permitted by law.
All Personally Identifiable Information (PII) is encrypted using a FIPS 140-2 approved Advanced Encryption Standard (AES) algorithm with 256-bit key sizes and dynamic key rotation.ID.me is hosted within FedRAMP authorized AWS in an isolated Virtual Private Cloud (VPC) using independently-verified International Standardization Organization (ISO) 27001/27002, Statement on Standards for Attestation Engagements (SSAE)-16 / Payment Card Industry (PCI) / Service Organization Controls (SOC) 1 and SOC2 Type II certified Tier-III data centers. The data center’s physical and environmental security includes industry-leading network hardening and active monitoring, biometric access control, digital security video surveillance and 24/365 on-site security staff. The Kantara Initiative and FICAM accreditations require ID.me to pass ongoing annual on-site third-party security and data privacy audits for certification.
For more information see ID.me's article here.