Ig NGS

Download as pdf or txt
Download as pdf or txt
You are on page 1of 61

Onboarding and Installation

Guide
for NextGen® Share
NOTICE: This document contains information that is confidential and proprietary to NextGen
Healthcare, Inc. and its subsidiaries and affiliates ("Company") and is intended for use solely by
Company's authorized clients. This document may not be copied, reproduced, published,
displayed, otherwise used, transmitted, or distributed in any form by any means as a whole or in
any part, nor may any of the information it contains be used or stored in any information retrieval
system or media, translated into another language, or otherwise made available or used by anyone
other than the authorized client to whom this document was originally delivered without the prior,
written consent of Company.
By retaining or using this document, you represent that you are a client or an authorized
representative of a client of Company who is authorized to use this document under one or more
agreements between you and Company now in force, and that you will use this document and the
information it contains solely as and to the extent those agreements permit. Any other use or
distribution of the contents of this document, as a whole or in any part, is prohibited. Although
we exercised great care in creating this publication, Company assumes no responsibility for errors
or omissions that may appear in this publication and reserves the right to change this publication
at any time without notice.
You will not, directly or indirectly, use, or permit any third party to use, any information obtained
from or through this document: (a) as a training set for machine learning or the training of an
artificial intelligence ("AI"); (b) in connection with machine learning, development and
refinement of algorithms, and/or the enhancement and/or improvement of the operation and
functionality of your or any third party's products or services; or (c) in any generative artificial
intelligence software, tools or technologies, including, but not limited to, any natural language
processing, deep learning algorithms, or machine learning models (commonly known as
"Generative AI").
© 2014-2023 NXGN Management, LLC. All Rights Reserved.
NextGen is a registered trademark of NXGN Management, LLC. All other names and marks are
the property of their respective owners.
Onboarding and Installation Guide for NextGen Share

Contents
Chapter 1 NextGen Share Overview 5
NextGen Enterprise System Requirements .................................................................................. 5
Interface Server Requirements ..................................................................................................... 6
Installation Considerations ........................................................................................................... 7
Network Connectivity Requirements ....................................................................................... 8
Staging Environment Details................................................................................................ 8
Production Environment Details ........................................................................................ 10
Amazon Web Services Package Downloads ...................................................................... 10
Network Topology.................................................................................................................. 11
Corporate Domain Security Policy Settings ........................................................................... 11
Corporate Proxy Settings ........................................................................................................ 11
Corporate Intranet Firewall Settings ...................................................................................... 12
NextGen Share Firewall Rules ........................................................................................... 12
Advanced Auditing Requirements ......................................................................................... 13
Enabling TAP-Windows Adapter V9 ..................................................................................... 13
Automatic Installation of the Patient Locator Service ........................................................... 14
Automatic Installation of the NextGen Share eChart Extraction Service .............................. 15

Chapter 2 Enroll in NextGen Share 16

Chapter 3 Install NextGen Share 21


Install the NextGen Adaptive Content Engine Referral Template Patch ................................... 21
Download and Install the NextGen Share Software................................................................... 26

Chapter 4 Working with the NextGen Share Portal 35


My Share Profile Overview........................................................................................................ 35
Working with the Message Center ............................................................................................. 35
Preview Messages .................................................................................................................. 36
View Messages ....................................................................................................................... 37
Sort Messages ......................................................................................................................... 38
Archive Message Center Messages ........................................................................................ 38
Manage Message Center Subscription Categories ................................................................. 39
Managing NextGen Share Services ............................................................................................ 40
Core Service Overview........................................................................................................... 40
View Core Service Settings ................................................................................................ 40
Manually Activate the Patient Locator Service ...................................................................... 42
Manually Activate the NextGen Share eChart Extraction Service ........................................ 44
Share Community Panel Overview ............................................................................................ 45
Take a Guided Tour of the Services Panel ............................................................................. 45

Chapter 5 Upgrade NextGen Share 46

Chapter 6 Uninstall NextGen Share 48

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 3 of 61
Onboarding and Installation Guide for NextGen Share

Appendix A Frequently Asked Questions about DigiCert 50

Appendix B DigiCert Identity Verification Form Sample Document 53

Appendix C Locate Patient Records with Unpopulated or Null Birth Date or Current Gender Fields 58

Page 4 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

CHAPTER 1

NextGen Share Overview


NextGen® Share is a cloud-based platform that offers secure clinical data exchange between
NextGen® Enterprise and external providers using a nationwide network. It provides users the
ability to:
• Discover external providers and organizations
• Compose and exchange a referral that includes clinical documents
• Securely transmit clinical documentation
• Count NextGen Share transactions towards your Meaningful Use Stage 2 attestation
NextGen Share is also the Health Information Service Provider (HISP) which powers
NextGen EHR Direct messaging, a protocol that provides a way to securely send health
information directly to trusted recipients over the Interne
The platform's connectivity is achieved using industry standards that are widely adopted by
ONC-ATCB-certified EHR products and it simplifies manual referral workflows which
require faxing or paper shuffling.

NextGen Enterprise System Requirements


Make sure that your NextGen Enterprise system meets the following requirements:
• NextGen® Enterprise EHR 5.8 UD1 Patch 40 or later
• NextGen® Adaptive Content Engine 8.3.3 or later

Note: System checks are automatically performed before installation and


during service onboarding to verify that all required applications are installed.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 5 of 61
Onboarding and Installation Guide for NextGen Share

Interface Server Requirements


The interface server must meet the following requirements to successfully install NextGen
Share.

Note: Ensure that NextGen Share and Rosetta are not installed on the SQL
Server.

Requirement Description
Minimum Server • Any Intel® supported 2 GHz or greater processor (x64 architecture, 4
Hardware cores minimum)
Specifications • At least 8 GB of system memory
• At least 200 GB of free drive space (a robust, SSD-based or
equivalent, disk storage configuration is highly recommended)
• Gigabit Ethernet
Supported Operating Windows Server® 2016
Systems
.NET Framework 4.7.2
Internet Information 10
Services (IIS)
ASP.NET ASP.NET MVC 3 through 5.2
Symphonia (for If you are using NextGen Enterprise EHR8, the interface server must
NextGen Enterprise have a Symphonia license. If you do not have a Symphonia license, you
EHR8) can go to NextGen Healthcare Success Community and open a Support
case to request a license.

Note: A single license can be used for one test and one production
server. A single Symphonia license can also be shared by multiple
NextGen® applications.

Page 6 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

Installation Considerations
The following sections provide information about the factors that must be taken into
consideration before you begin the installation of NextGen Share. In addition, you must:
• Ensure that your systems (staging or production) meet all hardware and software
requirements.
• Ensure that you have the proper credentials to access:
o Your network domain
o Microsoft SQL Server on the NextGen interface server
o NextGen Enterprise

• Note: During installation, you are required to enter the license key that
was issued to your site during your enrollment. The license key is used
to establish a secure connection for your NextGen Share instance on
the NextGen Share network. Each NextGen Share installation must be
associated with a unique license key. Using the same license key for
more than one installation will cause all instances sharing the license
key to fail.

• Note: Openfire, software for instant messaging and group chat, utilizes
ports 20000, 20004, and 20008. These ports are also used by NextGen
Share therefore Openfire and NextGen Share cannot be installed on the
same server.

See Also
• Download and Install the NextGen Share Software

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 7 of 61
Onboarding and Installation Guide for NextGen Share

Network Connectivity Requirements


NextGen Share components installed on the Rosetta server require unobstructed network
connectivity. You must ensure that your network firewalls are set to enable this traffic
without any features (such as, packet inspection) that could interfere with data downloaded
from the sites listed in this section. NextGen Share secure communications channel requires
unobstructed network connectivity on TCP port 443. For those environments with policies
that restrict outbound traffic, you must enable your Rosetta server to make TCP/443
connections to the staging and production IP addresses. There is no need to enable any
inbound traffic for the IP addresses.

• Note: You may need to adjust your firewall settings if you are performing
packet inspections. Some firewalls attempt to perform inspection on the
encrypted TCP/443 traffic and terminate the connection even though the
network administrator configured the firewall to enable outbound
TCP/443 traffic.

• Note: Clients using a Zero Trust SSL certificate implementation (e.g.,


Zscaler, WatchGuard, Akamai) must include exceptions for the URLs
listed for each NextGen Share environment.

Staging Environment Details


URL IP Address Network Connectivity
www.staging-ngshare.com 72.1.114.149 HTTP 80, HTTPS 443 outbound
sharenet.staging-ngshare.com 72.1.114.151 TCP 443 outbound

Note: Private IP 172.25.32.1 must not be used

Amazon Web Services URLs


• Core service:
o https://artifact-staging.nextgenshareaws.com/v1/updater
o https://stg-ngshare-artifact-resources.s3.us-west-2.amazonaws.com
o https://stg-ngshare-artifact-public.s3.us-west-2.amazonaws.com
o https://commonarchive-stg.nextgenshareaws.com/v1/getPresignedURL
o https://nextgenshare-stg-archive.s3.us-west-2.amazonaws.com
o https://cognito-idp.us-west-2.amazonaws.com
o https://cognito-identity.us-west-2.amazonaws.com/
o https://kinesis.us-west-2.amazonaws.com/
o https://sqs.us-west-2.amazonaws.com

Page 8 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

• Carequality service:
o https://carequality-staging.nextgenshareaws.com/v1
o https://ngshare-stg-cq.s3.us-west-2.amazonaws.com
• Patient Locator Service:
o https://cx-stg.nextgenshareaws.com/v1/
o https://nextgenshare-stg-activity.s3.us-west-2.amazonaws.com
• eChart Service (VDP):
o https://nextgenshare-stg-chase.s3.us-west-2.amazonaws.com
• Various functionality: CNC Async Dispatches (Core), Provider Search Service (Messaging),
Diagnostic Hub (VDL)
o https://share-api.staging-nextgenshareaws.com

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 9 of 61
Onboarding and Installation Guide for NextGen Share

Production Environment Details


URL IP Address Network Connectivity
www.nextgenshare.com 72.1.114.142 HTTP 80, HTTPS 443 outbound
sharenet.nextgenshare.com 72.1.114.148 TCP 443 outbound

Note: Private IP 172.25.16.1 must not be used.

Amazon Web Services URLs


• Core service:
o https://artifact-prod.nextgenshareaws.com/v1/updater
o https://prod-ngshare-artifact-resources.s3.us-west-2.amazonaws.com
o https://prod-ngshare-artifact-public.s3.us-west-2.amazonaws.com
o https://commonarchive.nextgenshareaws.com/v1/getPresignedURL
o https://nextgenshare-prod-archive.s3.us-west-2.amazonaws.com
o https://cognito-idp.us-west-2.amazonaws.com
o https://sqs.us-west-2.amazonaws.com
• Carequality service:
o https://carequality.nextgenshareaws.com/v1/
o https://ngshare-prod-cq.s3.us-west-2.amazonaws.com
• RLS:
o https://cx-prod.nextgenshareaws.com/v1/
o https://nextgenshare-prod-activity.s3.us-west-2.amazonaws.com
• VDP Service:
o https://nextgenshare-prod-chase.s3.us-west-2.amazonaws.com
• Various functionality: CNC Async Dispatches (Core), Provider Search Service (Messaging),
Veradigm Labs (VDL)
o https://share-api.nextgenshareaws.com
Amazon Web Services Package Downloads
NextGen Share update packages are stored in Amazon Web Services (AWS) for better
scalability and performance. All NextGen Share component updates (for example, Rosetta,
NextGen® Connect Integration Engine (formerly Mirth Connect) (Cx)) are downloaded from
AWS.
Ensure that you provide unobstructed access to the AWS URL -
https://s3.amazonaws.com/nextgenshare to enable these packages to download
successfully.

See Also
• Upgrade NextGen Share

Page 10 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

Network Topology
This reference diagram shows the technical endpoints (IP addresses, URLs, and ports) that
are used by NextGen Share:

Corporate Domain Security Policy Settings


The NextGen Share installer uses Microsoft PowerShell scripts for installing and updating
NextGen Share components. You must ensure that your Domain Security Policy enables
downloading and execution of PS1 scripts on the server where NextGen Share components
are installed.

Corporate Proxy Settings


Update the proxy settings to enable traffic to the following IP addresses and have it bypass
the proxy. That means that these connections will not go through the proxy but will connect
directly.
• 172.25.32.1
• 172.25.16.1

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 11 of 61
Onboarding and Installation Guide for NextGen Share

Corporate Intranet Firewall Settings


The corporate intranet firewall must permit EHR machines to communicate over HTTP on
port 20005 to the Rosetta server where the NextGen Connect Integration Engine Mirth®
Connect eXchange (Cx) (NextGen Share-specific instance of NextGen Connect Integration
Engine Mirth Connect) channel is listening for requests on HTTP port 20005 in order for
NextGen Enterprise to be able to perform the provider directory search and other NextGen
Share related functions.

Note: If you are using the NextGen® Share Carequality Service requester
feature, you must allow your NextGen Enterprise to connect to NextGen
Connect Integration Engine Mirth® Connect eXchange (Cx) through Port 9005
(share.server.commander.port).

NextGen Share Firewall Rules


The NextGen Share installer adds the following firewall rules on the server where NextGen
Share components are installed to permit the (local/intranet) inbound TCP traffic.

Rule NextGen Share Cx


Enabled Yes
Direction In
Profiles Domain, Private, Public
Grouping -
Local IP Any
Remote IP 172.25.0.0/16
Protocol TCP
LocalPort 20000, 20001, 20002, 20003, 20004, 20005, 20006, 20007, 20008, 20009,
20010, 20011, 20012, 20013, 20014, 20015, 20016, 20017, 20018, 20019,
20020, 20081, 20082, 20083, 20084, 20085, 20086, 20087, 20088, 20090,
28080, 28443
RemotePort Any
Edge No
Traversal
Action Allow

Page 12 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

Advanced Auditing Requirements


The following servers must have the same EhrDbServer value for the advanced auditing
messages to be logged successfully:
• EHR database server
• Interface server
• Advanced auditing server
If any of these servers has a different EhrDbServer value, then advanced auditing
messages will not be logged.

Note: If you are running NextGen Enterprise 5.8 UD1 or UD2 and NextGen
Share advanced auditing messages are not being logged, you can troubleshoot
the problem by going to the NextGen Healthcare Success Community and
referring to the Resolving Advanced Audit Server Name Mismatch document.

Enabling TAP-Windows Adapter V9


The TAP-Windows Adapter V9 network adapter must always be enabled. Disabling this
adapter will prevent OpenVPN from successfully connecting to NextGen Share.

OpenVPN uses the TAP-Windows Adapter V9 network adapter. OpenVPN is an open-source


software application that implements Virtual Private Network (VPN) and is used for the
private, encrypted, and secure connection between your site and the NextGen Share network.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 13 of 61
Onboarding and Installation Guide for NextGen Share

Automatic Installation of the Patient Locator Service


The Patient Locator service (PLS) is a master patient index (MPI) that enables NextGen
Share to identify where a patient’s medical records are stored. The service improves the
exchange of clinical data with external systems by enabling patient-matching for NextGen
Share services across enterprises.
The service is included in the NextGen Share installation. After it is installed, the PLS is set
to a pending status for at least 96 hours (plus the time until the next scheduled run of the
back-end job that executes the activation) before it is automatically activated. If necessary,
you can manually activate the service before the waiting period ends.
After you activate the service, a backload of your patients' demographic data is exported from
NextGen Enterprise EHR to NextGen Share's centralized demographic database. The service
also loads patient demographic data into the database when a new patient is created or when
patient demographic data are updated in NextGen Enterprise EHR. This process keeps your
patient demographic data and NextGen Share in sync.
If your site does not want to activate the PLS, you must log a case with NextGen Healthcare
Support using NextGen Healthcare Success Community before the 96-hour waiting period
expires. You must indicate in the Support case when the 96-hour waiting period will expire.

• Note: If you deactivate the PLS, your site cannot participate in other
NextGen® Share services that require patient-matching functionality such
as the NextGen® Share Carequality Service.

• Note: To be successfully indexed by the PLS, patient records in NextGen


Enterprise EHR must have the Birth Date and Current Gender fields filled
with data. If the Birth Date or Current Gender fields are null or
unpopulated, the PLS will exclude the patient record in its indexing.
Services that use the PLS for patient-matching will not be able to locate
the patient record.

See Also
• Manually Activate the Patient Locator Service
• Locate Patient Records with Unpopulated or Null Birth Date or Current Gender Fields

Page 14 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

Automatic Installation of the NextGen Share eChart Extraction


Service
If your system meets the NextGen Share prerequisites, the NextGen® Share eChart Extraction
Service is automatically included with the NextGen Share installation. This service automates
data retrieval for payer and life insurance partners by responding to electronic record
requests.
After installation, the service remains in a pending status for a 96-hour waiting period. After
the waiting period expires, the service is automatically activated. You also have the option to
manually activate the service before the waiting period ends.

Note: If your organization does not want to activate the NextGen Share
eChart Extraction Service, you must log a ticket with NextGen Healthcare
Support using NextGen Healthcare Success Community before the 96-hour
waiting period expires. Indicate in the Support case when the 96-hour waiting
period will expire.

If the system requirements are not met or if an error occurs during the installation of the
NextGen Share eChart Extraction Service, the service is not installed. If the auto-installation
fails, you can manually check the system requirements and activate the service from the
NextGen Share portal. When the system checks are performed, the system also tests whether
documents can be converted to PDF format. If the document conversion test fails, the service
is not auto-installed and you must visit NextGen Healthcare Success Community and open a
case with NextGen Healthcare Support to have the problem resolved.

See Also
• Manually Activate the NextGen Share eChart Extraction Service

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 15 of 61
Onboarding and Installation Guide for NextGen Share

CHAPTER 2

Enroll in NextGen Share


Before You Begin
To begin enrollment, you must be an approved administrator.

Before you can install NextGen Share, you must enroll and create a profile for your
organization on the network using NextGen Healthcare Success Community. After you are
enrolled, you can download the software and connect your NextGen Enterprise EHR to the
network.To create your NextGen Share profile, the NextGen Share portal collects
information about your organization from the NextGen Healthcare Success Community.
After you log on, the information collected about your organization is used to complete the
form.
NextGen Share provides two separate environments you can connect to. The staging
environment is a full-scale test system which can be connected to a client’s test database. The
production environment is the live system which can be connected to a client’s production
database.
You can install NextGen Share into your test environment, or you may choose to go directly
into production with NextGen Share. If you are installing in environment, there is no need to
migrate to the production environment. After testing has concluded, you can install NextGen
Share on the production environment.
1. In a Web browser, go to the appropriate NextGen Share website for the environment you
want to connect to.
o NextGen Share production: https://www.nextgenshare.com
o NextGen Share staging: https://staging-ngshare.com/

Page 16 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

The NextGen Healthcare Success Community login page appears.

2. Enter your NextGen Healthcare Success Community Username and Password.


3. Select Log In.
Note: The NextGen Share Portal uses the same user name and password that
you use for the NextGen Healthcare Success Community.

The first time you log into the NextGen Share Portal, the NextGen Share Prerequisites
Checklist appears.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 17 of 61
Onboarding and Installation Guide for NextGen Share

4. Answer Yes to the following questions:


o Do you have NextGen Enterprise EHR or greater in production?
o Do you have a dedicated Rosetta Server?
If you answer No, a corrective action appears on the right.
5. If you are an approved NextGen Share Administrator for your organization, select Begin
Enrollment.
If you are not approved, select the Request Access to NextGen Share link.

Within two business days, you (or your organization) will receive an email notifying you
of the approval. When you log back on to the NextGen Share Portal, a green check mark
appears next to the question, “Are you a NextGen Share Administrator for your
organization?” You can then begin enrollment.
6. On the NextGen Share Enrollment page, ensure that all fields are completed (including the
fax number).

Page 18 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

7. From the Specialty list, select the specialty that best represents your organization.
Note: Notice that the Specialty list includes a multi-Specialty option for
organizations with providers dedicated to more than one specialty.

8. Scroll down to the Create your organization's email sub-domain section.

A sub-domain is a unique identifier that is part of each Direct address assigned for your
providers and organizations. It facilitates identifying the practice that a provider is
associated with.
It is best to choose a short sub-domain which easily identifies your organization. A
sample sub-domain below the sub-domain field shows how a direct address looks.
9. Enter the sub-domain for your organization.

The icon indicates that the sub-domain you entered is unique in the NextGen Share
Network.
10. Scroll down to the bottom of the page, review the Terms of Service, and then select I
Agree to the Terms and Conditions.

11. Select Continue Enrollment.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 19 of 61
Onboarding and Installation Guide for NextGen Share

The Connect <organization name> to NextGen Share window opens and displays the
NextGen Share license key.

Note: Before you can connect to the NextGen Share network, you must
download the NextGen Share installation kit and install NextGen Share on
your NextGen Interface server.

12. Enter the email address of the person performing the NextGen Share installation, and then
select Send to email the license key and the installation kit instructions.
When you begin enrollment, the NextGen Share Enrollment page appears.

Page 20 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

CHAPTER 3

Install NextGen Share


Installing the NextGen Share platform provides customers the capability to add, manage, and
remove interfaces and other services from your NextGen Enterprise EHR. These interfaces
provide connectivity to external systems and support communication with external providers
and organizations. The platform connectivity is activated after you complete all the steps of
the installer to enable connectivity between NextGen Enterprise EHR and NextGen Share.

Note: Installing NextGen Share on the same server as other NextGen


Enterprise applications (such a NextGen Rosetta) does not interfere with those
applications. However, you cannot run two instances of NextGen Share on the
same server. For example, one pointing to staging and another pointing to
production. If you want to install NextGen Share on both the test and
production environments, you will need two dedicated servers.

Install the NextGen Adaptive Content Engine Referral


Template Patch
NextGen Share is supported on NextGen Adaptive Content Engine version 8.3.3 or later.
However, versions 8.3.3 - 8.3.10 require the installation of a patch to add the NextGen Share
referral templates (and associated picklists, documents, stored procedures, and other database
elements) into the specified NextGen Enterprise database to enable the NextGen Share
functionality on the referral template.

Note: This patch is not required for NextGen® Adaptive Content Engine
versions 8.3.10 or later, as the NextGen Share functionality is built in to the
standard 8.3.10 version onwards. If you have NextGen Adaptive Content
Engine 8.3.10 or later installed, you can skip this section.

1. Go to NextGen Healthcare Success Community and download the correct NextGen


Adaptive Content Engine patch.
2. Extract the files in the patch ZIP package to a folder (other than your Desktop). Ensure
that this folder is accessible by the database server and has the necessary access right and
privileges.
3. Locate the NextGen folder, and then double-click KBMUpgradeUtility.exe.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 21 of 61
Onboarding and Installation Guide for NextGen Share

The KBM Upgrade Utility window appears.

4. Enter your logon credentials, select an enterprise and practice, and then select Logon.
The NextGen KBM Upgrade Utility: Page 1 of 4 screen appears.

5. Select the following check boxes:


o Backup target database
o Review following paths and confirm that they are set for the correct database
6. Select Next.

Page 22 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

The NextGen KBM Upgrade Utility: Page 2 of 4 screen appears.

7. Select Browse .
The Browse window appears.
8. Navigate to the location of the extracted NextGen® Adaptive Content Engine Upgrade
files, and then select OK.
CAUTION: If the Windows file path is longer than 255 characters, the
NextGen Adaptive Content Engine Upgrade Utility will be unable to access
some files.

The NextGen KBM Upgrade Utility: Page 2 of 4 screen displays the path you selected.
9. Select Next.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 23 of 61
Onboarding and Installation Guide for NextGen Share

The NextGen KBM Upgrade Utility: Page 3 of 4 screen appears.

10. Select the NextGen Adaptive Content Engine version currently installed on the NextGen®
Enterprise database server (must be version 8.3.3 or later) and select Next.
The NextGen KBM Upgrade Utility: Page 4 of 4 screen appears.

11. Select Upgrade.

Page 24 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

When the upgrade is complete, the message Upgrade succeeded! appears at the top of the
NextGen KBM Upgrade Utility: Page 4 of 4 screen and the Update Hash Keys window
appears.

12. Select Update.


When the Hash Keys update is complete, the Status changes to Completed.

13. Select Close.


Upon returning to the NextGen KBM Upgrade Utility: Page 4 of 4 screen, select Finish to
exit the NextGen Adaptive Content Engine Upgrade Utility.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 25 of 61
Onboarding and Installation Guide for NextGen Share

Download and Install the NextGen Share Software


To install NextGen Share, you must download and run the installer on the interface server.
The NextGen Share installer installs the following components pre-configured and do not
require local configuration settings:
• NextGen Connect Integration Engine Mirth® Connect eXchange (Cx) — a dedicated
version of NextGen Connect Integration Engine.
• NextGen Rosetta — a dedicated version that is independent of any Rosetta you currently
use.
• OpenVPN® — for secure communications with the NextGen Share network.
1. Open the email containing the installation instructions.

2. Record the NextGen Share License Key.


3. Select the download link.
The NextGen Share portal logon page opens in the default browser.
4. Log on to the portal.
The Installer Information page opens, and the download starts automatically.

Page 26 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

5. Save the downloaded NextGen-Share-Installer.exe file to the NextGen Interface Server or


a location that the NextGen Interface Server can access.
6. Navigate to the location where you saved the NextGen Share Installation Kit.
7. Double-click NextGen-Share-Install.exe.
The NextGen Share Installation wizard appears.

8. Select Next.
The Share Client Registration Validation screen appears.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 27 of 61
Onboarding and Installation Guide for NextGen Share

9. Enter the license key provided in the NextGen Share Installation Kit email, and then
select Submit.
The status of the registration validation is displayed in the Details section. If there is a
problem with registration validation, information about the problem will be displayed in
the Details section.
10. Select Next.
The NextGen Share Network Connectivity Test screen appears. This screen tests to ensure
that your NextGen interface server can connect to the NextGen Share network through
HTTP, HTTPS and TCP connectivity.

11. Select Test.


The NextGen Share Network Connectivity Test screen refreshes and indicates the
connection status.

Page 28 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

12. Select Next.


The Please confirm your environment screen appears.

13. Enter the name of the installation environment (for example, PROD) and select Next.
Confirming your installation environment ensures that you do not install the NextGen
Share Staging version in your Production environment or vice-versa.
The NextGen Share Connectivity Setup screen appears.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 29 of 61
Onboarding and Installation Guide for NextGen Share

14. Complete the NextGen Database Connection Information section:


o DB Server Name: Enter the name of the NextGen database server in the format
[:port] or host[\instance]. For example: phlvdmz\sql2008r2.
o Database name: Enter the name of the NextGen database. For example: ngdbud2
o User ID: Enter a user ID that can access the NextGen database.
o User Password: Enter the password for the User ID. Ensure that your database
password does not contain quotation marks (""). You cannot use a password that
contains quotation marks. If your database password contains quotation marks, you
must change it. If you cannot change the database password, contact your system
administrator.
15. Select one of the following Rosetta service user credentials:
o Choose Local System Account if you want the Rosetta service to have access to local
resources and act as the computer on the network.
o Choose User to specify an account that has access to network resources, such as
storage locations for patient documents or images, and then enter the User Name
(format: Domain\User Name) and Password for the account.
16. The Rosetta Code Branch field will correspond to the EHR you are installing NextGen
Share on. Select Release for EHR versions that have been released. Select Development or
Integration for development or integration releases of EHR.
17. Select Next.
The Select Destination Directory screen appears.

18. Enter the location path to install NextGen Share (or select Browse to manually select a
location) and select Next.

Page 30 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

The Share core system dependencies review screen appears verifying that the NextGen
Share required dependencies are installed on the server.

If you have the wrong version of Microsoft PowerShell or Microsoft .NET Framework,
the Share core system dependencies review screen notifies you that you must upgrade and
provides a link where you can download the software.

If there is an issue with the core system dependencies:


a) Select Cancel to exit the NextGen Share installation.
b) Download and install the correct version of Microsoft PowerShell or Microsoft .NET
Framework.
c) Restart the server.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 31 of 61
Onboarding and Installation Guide for NextGen Share

d) Restart the NextGen Share installation.


19. Select Next.
The Select Components screen appears and displays the NextGen Share components that
will be installed.

20. Select Next.


The Select Start Menu Folder screen appears and displays the Start Menu folder for the
NextGen Share shortcut.

Note: You cannot change this selection.

Page 32 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

21. Select Next.


The installation begins and the Installing progress indicator appears.
22. If you are prompted to install the TAP-Windows Provider V9 Network adapter, select
Install.

When the installation is complete, the NextGen Share Installation Complete! page appears.

23. Select Finish to close the wizard.


24. Return to the NextGen Share Portal to view the status of your installation.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 33 of 61
Onboarding and Installation Guide for NextGen Share

The installation status indicates that the eChart Extraction Service will be installed
automatically.

25. Select Continue to log into the NextGen Share Portal.


The NextGen Share Portal opens and displays a welcome message.

26. Select Close to continue to the NextGen Share Portal.

See Also
• Installation Considerations
• Automatic Installation of the NextGen Share eChart Extraction Service
• Automatic Installation of the Patient Locator Service

Page 34 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

CHAPTER 4

Working with the NextGen Share Portal


The NextGen Share customer portal is a Web-based application used to manage your site's
instance of NextGen® Share. Some of its key features include:
• Use the Message Center to view and manage messages and notifications sent by the
NextGen Share Operations team to communicate information to NextGen Share
customers.
• Activate NextGen Share services, manage service configuration, and monitor service
activity.
• Add external providers to the NextGen Share provider directory.
• View informational videos and other resources that provide information about the
NextGen Share community.

My Share Profile Overview


Your My Share Profile provides details about your Message Center subscriptions and email
notifications for the NextGen Share portal. You receive an email notification whenever a new
message is available in Message Center. If needed, you can modify the My Share Profile to
determine the types of messages received.

Working with the Message Center


The Message Center contains messages and notices originated by the NextGen Share
Operations team used to communicate information to NextGen Share customers.
Message Center messages fall into the following three categories:
• General: NextGen Share service updates, upcoming webinars, or status change of your
service.
• Technical: Scheduled downtime, service outages, or issues requiring user action.
• New Services: Descriptions and availability of new interfaces delivered through NextGen
Share.
When new incoming messages are available in the Message Center, the entry displays a
badge indicating the number of unread messages.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 35 of 61
Onboarding and Installation Guide for NextGen Share

From the Message Center, you can do the following:


• Sort messages
• Preview messages
• View messages
• Archive messages
• View archived messages
• Unsubscribe from Message Center categories

Preview Messages
You can preview messages received in the Message Center.
1. Select the Subject of the message in the Messages grid.
The contents of the message appear in the preview pane below the grid.

2. To open a message, select the Magnifying Glass next to the message.

Page 36 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

The message opens in a new window.

3. To return to the Inbox, select Close.

View Messages
Open messages to fully view the contents of the message.
1. Log in to the NextGen Share Portal.
2. On the Administration panel, select Message Center.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 37 of 61
Onboarding and Installation Guide for NextGen Share

The Message Center opens and displays your Inbox. Unread messages are highlighted in
bold.

3. To open a message double-click it.


The message is opened for viewing.

Sort Messages
You can sort messages by date or subject to easier navigate your message list or locate
messages.
• To toggle the sort order of the Message Center, select Subject or Date on the
corresponding column header.

Archive Message Center Messages


After you read a message, you can archive it for later viewing to reduce the clutter in your
Inbox.

Note: After you archive a message, you cannot move it back to the Inbox.

1. In Message Center, select the message that you want to archive.


2. Select Archive Selected Messages.

Your selected messages are archived and no longer appear.


3. To view your archived messages, select Archived.

Page 38 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

The Archived grid displays your archived messages.

Manage Message Center Subscription Categories


You can manage your Message Center subscriptions by enrolling and disenrolling from
Message Center categories. By default, all users are set up to receive notifications for all
categories.
1. Refresh the NextGen Share portal.
2. On the Administration panel, select My Share Profile.
The My Profile form appears.

3. To disenroll from a Message Center subscription, clear the check box next to the
subscription type.
4. To turn off email notifications for the site, for Send me email notifications select No.
5. Select Save to keep the changes and return to the NextGen Share portal main page.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 39 of 61
Onboarding and Installation Guide for NextGen Share

Managing NextGen Share Services


The Services panel provides information about all of the available NextGen Share services
for your organization and links to manage those services. Depending on which services you
enable and/or activate for your organization, the Services panel may appear differently.
The Services panel contains links to manage NextGen Share services:
• Core Service: Shows your connectivity to the NextGen Share network.
• Messaging Service: Enables you to manage the Direct messaging feature for the practices
and providers activated for your organization. For more information about the NextGen®
Share Direct Messaging Service go to NextGen Healthcare Success Community and view
the User Guide for NextGen® Share Direct Messaging.
The colors indicate the status of the service. Green indicates active; blue indicates that your
practice is eligible, yellow and red indicate a warning or error.

Core Service Overview


The Core service consists of several different components that enable connectivity between
your EHR and theNextGen Share platform. The Core service enables NextGen Share to
retrieve practice-level organization information, rendering provider details such as name,
address, and other profile information for the purposes of enabling interfaces made available
through the platform. The Core service also periodically collects data related to customers'
environments to enable smooth operation of the platform, expand functionality of existing
services, and assist in the development of additional services.
The Core Services panel displays service settings for you to monitor the connectivity status of
the service components. The panel also indicates the last time your system's Reportable
Condition Trigger Code (RCTC) data set was updated. The RCTC data set is stored in the
NextGen Enterprise EHR database and specifies the trigger codes to initiate electronic case
reports to public health agencies.
View Core Service Settings
You can view Core service settings to monitor the connectivity status of the core services
components. The information on this page can be helpful in troubleshooting connection
issues you may experience.
1. Log on to the NextGen Share Portal.
2. On the Services panel, select Core Service.

Page 40 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

The Core Service Status Details appear.

3. To find a setting, type a setting in the Find Settings box.


As you type, the grid displays matching results.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 41 of 61
Onboarding and Installation Guide for NextGen Share

Manually Activate the Patient Locator Service


The Patient Locator service is included in the NextGen Share software installation. After the
service is installed, it is set to a pending status for at least 96 hours (plus the time until the
next scheduled run of the back-end job that executes the activation) before it is automatically
activated. You can also manually activate the service prior to its automatic activation.
If your site does not wish to activate the Patient Locator service, you must log a ticket with
NextGen Healthcare Support using NextGen Healthcare Success Community before the 96-
hour waiting period expires. You must indicate in the Support ticket when the 96-hour
waiting period will expire.

Note: If you deactivate the Patient Locator service, your site cannot
participate in other NextGen Share services that require patient-matching,
such as the NextGen Share Carequality Service.

1. Log on to the NextGen Share portal and locate the Patient Locator service panel.

2. Select Activate.

Page 42 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

A warning message appears informing you that you should consider activating the service
only after normal working hours, due to the excess load that the service activation places
on your NextGen Enterprise database.

3. To continue with the activation, select Continue.


The Patient Locator service is activated.
After the service is activated, a backload of your patients' demographic data is exported to
NextGen Share's centralized database. The data export process may take some time to
complete, depending on the size of your patient population
You can view the counters on the Patient Locator section of the NextGen Share user portal to
track the progress and continue to track the total records available after the data backload is
finished.
The Patient Locator section displays the following information:
• My Patients - The number of patients your enterprise contributes to the Patient Locator
service.
• Records Updated - The number of patient records updated in the last 30 days.

See Also
• Automatic Installation of the Patient Locator Service

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 43 of 61
Onboarding and Installation Guide for NextGen Share

Manually Activate the NextGen Share eChart Extraction Service


The NextGen Share eChart Extraction Service is automatically installed during the NextGen
Share installation. Afterwards, the service is in pending status for at least 96 hours (plus the
time until the next scheduled run of the back-end job that executes the activation) before it is
automatically activated. The activation date appears beneath the Activate Now button in the
eChart Extraction tile. If needed, you can activate the service immediately after the
installation process is completed. For more information about the NextGen Share eChart
Extraction Service, visit NextGen Healthcare Success Community and download the User
Guide for NextGen Share eChart Extraction Service.
1. Access the NextGen Share Portal.
2. On the Services panel, select Services.
3. Navigate to the eChart Extraction section.

The button in the eChart Extraction tile indicates that the service has been
automatically installed. The actual activation date is also available under the Activate Now
button. If needed, you can further delay the activation of the service by opening a case
with NextGen Support.
4. To activate the service immediately, select Activate Now.
The Activate Now confirmation message appears.
5. Select OK.

See Also
• Automatic Installation of the NextGen Share eChart Extraction Service

Page 44 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

Share Community Panel Overview


The Share Community panel provides links to helpful resources for NextGen Share customers
including:
• Access the NextGen Share video library.
• Search the NextGen Share directory for providers and organizations that are in the
NextGen Share directory.
• Add external providers to the provider directory.

Take a Guided Tour of the Services Panel


The guided tour of the Service panels is a series of four overlays that describe the panel
contents.
1. Log on to the NextGen Share Portal.
2. In the Share Community panel, select Guided Tour.
The See All Active Services overlay appears.

The Guided Tour tools appear to the right of the overlay. They include a description of
the specific panel and tools to navigate across the overlays (Skip, Back and Next).
3. At the end of the tour (Overlay 4), select Done to exit the guided tour.

Note: You can exit the guided tour at any time by clicking anywhere outside
the overlay.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 45 of 61
Onboarding and Installation Guide for NextGen Share

CHAPTER 5

Upgrade NextGen Share


The NextGen Share components on your interface server periodically receive updates. There
is no user action required to accept these updates. As updates occur, the NextGen Share
server is automatically stopped and is restarted after the updates are complete. If the NextGen
Share Rosetta application is open during an update, it closes automatically.
If you upgrade your version of NextGen Enterprise, the NextGen Enterprise components on
your interface server automatically upgrade to the latest version after you upgrade your
NextGen Enterprise database. However, to ensure a successful NextGen Share upgrade, you
must perform the following basic steps.

Note: If you are upgrading to NextGen Enterprise EHR8, rendering providers


must be assigned a unique NPI to participate in Direct messaging. An NPI
number is required to allocate a Direct address to Direct messaging providers.
You can assign the NPI for a provider in File Maintenance under Master Files
> System > Providers > <provider name> > System > National Provider ID. For
more information, go to NextGen Healthcare Success Community, and
download the File Maintenance Master Files Guide for NextGen® Enterprise.

1. Before upgrading NextGen Enterprise access Services in Microsoft Management Console


(MMC) on the NextGen Enterprise interface server.
2. Identify and stop all Rosetta-related services used by NextGen Share.
NextGen Share uses the following three services. The service names appear in the
following format:
o <DBServer_Name>.<DB_Name>.<Instance>.NextGenShare.WebServ
ices
o <DBServer_Name>.<DB_Name>.<Instance>.RosettaMonitorServic
e
o <DBServer_Name>.<DB_Name>.<Instance>.RosettaService
Note: The instance name <Instance> is a numeral (for example, 1, 2, 3)
and will vary depending on when NextGen Share was installed in relation to
the other instances of Rosetta.

An example of a group of NextGen Share Rosetta services is:

Page 46 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

o NG6593.NGProd.1.NextGenShare.WebServices
o NG6593.NGProd.1.RosettaMonitorService
o NG6593.NGProd.1.RosettaService
Note: It is possible to have more than one instance of Rosetta installed. In the
above example, the NextGen Share instance of Rosetta was installed first.
However, if NextGen Share were installed second, then the
NextGenShare.WebServices service will be named
NG6593.NGProd.2.NextGenShare.WebServices.

3. Stop the NextGen Share Cx service.


4. Perform the NextGen Enterprise upgrade.
For more information about upgrading NextGen Enterprise, go to the NextGen Healthcare
Success Community and download the latest Upgrade Overview for NextGen Enterprise
document.
5. Restart only the NextGen Share Cx service.
Note: The NextGen Share Cx service restarts the Rosetta services used by
NextGen Share automatically when required.

6. Log on to the NextGen Share portal and access the Message Center.
A message in the Message Center indicates that the NextGen Share upgrade is complete.

See Also
• Amazon Web Services Package Downloads

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 47 of 61
Onboarding and Installation Guide for NextGen Share

CHAPTER 6

Uninstall NextGen Share


Uninstalling NextGen Share removes any installed components and services, including the
NextGen Share Direct Messaging Service.
1. In Windows Explorer, navigate to the NextGenShare folder.
2. Double-click uninstall.exe.
The NextGen Share Uninstall wizard appears.

3. Select Next to uninstall the program.

Page 48 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

Upon completion, the wizard notifies you that the uninstallation has been completed
successfully.

4. Select Finish.
The NextGen Share uninstallation is complete.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 49 of 61
Onboarding and Installation Guide for NextGen Share

APPENDIX A

Frequently Asked Questions about


DigiCert
Why does NextGen Share use DigiCert?
DigiCert, as an accredited certificate authority (CA) and registration authority (RA), provides
a number of important services to ensure that trust is established to support Direct messaging.
These services include issuing certificates and verifying the identities of participants.
How are certificates used in Direct messaging?
As a CA, DigiCert creates, assigns, and maintains certificates for NextGen Share clients who
want to securely exchange Direct messages with NextGen Enterprise.
What services does DigiCert offer as a registration authority?
DigiCert authenticates the identities of individuals, organizations, representatives of
organizations and their services, and administrators of services. DigiCert identifies and
authenticates certificate subjects. Working with NextGen Share, DigiCert evaluates our
certificate management transactions (including certificate requests, renewal and re-keying,
and revocation).
Why is identity verification important for Direct messaging?
Verification ensures trust and security when protected health information (PHI) is exchanged.
Each participant of an accredited Health Information Service Provider (HISP) must complete
a similar level of identity verification to ensure that providers, organizations, and entities are
accurately identified across the network.
HIPAA requires health care entities to protect the privacy of PHI and to reduce security risks.
This requirement applies to providers, health plans, and pharmacies and to health care entities
and businesses associates who handle PHI on their behalf (such as HISPs and health IT
providers).
The Office of the National Coordinator for Health Information Technology (ONC) has
released guidance on how HISPs and accreditation bodies can enhance trust between Direct
messaging participants. For example, participants should “issue Direct addresses only to
organizations and/or individuals that have had their identity verified according to NIST Level
of Assurance 3 requirements, at a minimum, through in-person or remote options.”

Page 50 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

How does DigiCert appoint trusted agents to assist in the identity vetting process?
DigiCert appoints representatives of customer organizations as trusted agents to help collect
the documentation needed to issue Direct Certificates. Before a representative can act as a
trusted agent, they must first verify their identity with DigiCert according to DT LOA3. The
representative then executes an agreement that appoints them as an agent of DigiCert for the
purposes of collecting documentation, verifying identities, and providing identity
information. Verified information is reviewed by DigiCert before a certificate is issued.
What level of identity verification is necessary?
DirectTrust based its standard for identity vetting on Level of Assurance 3 (LOA3) as set
forth in NIST publication 800-63. This standard requires strong identity authentication. For
instance, to establish a legal identity, a certificate applicant could present a government-
issued ID to a verifying person, such as a notary or a DigiCert Trusted Agent. Then, the
applicant’s identity must be verified by two other persons: both an Information Systems
Security Officer (ISSO) working for the HISP and either the individual named in the
certificate (for Direct Address Certificates) or a representative of the organization named in
the certificate (for Direct Organization Certificates). For organizations, the representative is
responsible for managing use of the certificate, and the ISSO at the HISP is responsible for
ensuring the security of the related private key.
What information should I have ready to complete the identity verification?
In addition to your notarized Identity Verification form, you must also provide the publicly
listed phone number of the organization that performed the notarization. The phone number
must be associated with a verified business and be available through a public web search.
This information is required in order for DigiCert to validate the notarization as part of the
identity verification process.
DigiCert may ask you to provide a number from a valid government-issued ID (such as a
driver’s license or passport) and a financial or utility account number (such as, checking
account, savings account, utility account, loan account, or credit card number) confirmed
through record checks. All credentials must be unexpired.
What is the time limit for submitting the DigiCert Identity Verification form after it is notarized?
The completed and notarized Identity Verification form should be submitted to NextGen
Healthcare as soon as possible. The document expires 30 days after the data of notarization.
Given the time required to process the form by NextGen Healthcare and DigiCert, you are
strongly encouraged to submit your form within 20 days after notarization.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 51 of 61
Onboarding and Installation Guide for NextGen Share

How long does the process take after submitting the notarized DigiCert Identity Verification
form?
After NextGen Healthcare submits your completed and notarized Identity Verification form
to DigiCert, the review and verification process typically takes 3-5 business days. During this
time, DigiCert validates the notarization with the notary and all the details you provided. To
avoid delays, you must ensure the accuracy of the Identity Verification form. The entire
process is as follows:

• Complete and Submit the Identity Verification Form: It usually takes only a few minutes to
complete the form. Ensure that the form is notarized. After it is notarized, the completed
form must be submitted to the NextGen Share team in the manner defined on the form.
Forms that are incomplete or difficult to read will be returned for updates.
• DigiCert ID Form Review: NextGen Healthcare submits the completed form to DigiCert to
review its content and verify the user’s identification information.
• Certificate Creation: After the submitter’s identification is verified, a unique certificate is
issued for the organization and made available to the NextGen Share HISP. The
certificate is loaded in the HISP, and the NextGen Share Direct Messaging Service can be
activated.
What are the common reasons for DigiCert to reject a submission?
Two of the most common reasons for rejecting a submission are as follows:
• The notary is not properly registered in your state.
• The form does not reflect the legal name of your organization.

Page 52 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

APPENDIX B

DigiCert Identity Verification Form


Sample Document
An identity verification document must be completed and submitted prior to putting NextGen
Share into production. Identity verification is an integral part of ensuring trust and security
during the exchange of protected health information (PHI).

Note: This is a sample document. The official document is available on the


NextGen Share customer portal after you have completed the installation and
activation of the service.

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 53 of 61
Onboarding and Installation Guide for NextGen Share

Page 54 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 55 of 61
Onboarding and Installation Guide for NextGen Share

Page 56 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 57 of 61
Onboarding and Installation Guide for NextGen Share

APPENDIX C

Locate Patient Records with


Unpopulated or Null Birth Date or
Current Gender Fields
To be successfully indexed by the Patient Locator service (PLS), patient records in NextGen
Enterprise EHR must have the Birth Date and Current Gender fields populated with data. If the
Birth Date or Current Gender fields are null or unpopulated, the PLS will exclude the patient
record. Services that use the PLS for patient-matching will not be able to locate the patient
record.
If the PLS cannot locate a patient record:
• The Carequality service will not be able to return the patient record to external parties.
• The eChart service will not be able to find the patient record in all instances.
• The Patient Matching Service will not be able to move the patient record out of NextGen
Clinical Message Manager.
You can run the following SQL query on your database to identify the patient records in
NextGen Enterprise EHR that have unpopulated or null Birth Date or Current Gender fields:

Page 58 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

DECLARE @sqlCmd NVARCHAR(MAX);


IF EXISTS(SELECT 'x' FROM INFORMATION_SCHEMA.COLUMNS WHERE T
ABLE_NAME =
N'person' AND COLUMN_NAME = N'current_gender')
BEGIN -- NextGen 5.9.0 and later
SET @sqlCmd = '
SELECT
person_id,
LTRIM(CONVERT(varchar, Person_Nbr)) AS "Person Number",
RTRIM(first_name) + '' '' + LTRIM(RTRIM(ISNULL(middle_name,
'''')) + '' '') + RTRIM(last_name) AS "Person Name",
date_of_birth AS "Date of Birth",
Sex,
Current_Gender
FROM
person with(nolock)
WHERE
date_of_birth IS NULL OR RTRIM(date_of_birth) = '''' OR
current_gender IS NULL OR RTRIM(current_gender) = '''';
'
EXEC(@sqlCmd);
END
ELSE
BEGIN -- NextGen 5.8.3 or older
SET @sqlCmd = '
SELECT
person_id,
LTRIM(CONVERT(varchar, Person_Nbr)) AS "Person Number",
RTRIM(first_name) + '' '' + LTRIM(RTRIM(ISNULL(middle_name,
'''')) + '' '') + RTRIM(last_name) AS "Person Name",
date_of_birth AS "Date of Birth",
Sex
FROM
person with(nolock)
WHERE
date_of_birth IS NULL OR RTRIM(date_of_birth) = '''' OR
sex IS NULL OR RTRIM(sex) = '''';
'
EXEC(@sqlCmd);
END

See Also
• Automatic Installation of the Patient Locator Service

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 59 of 61
Onboarding and Installation Guide for NextGen Share

Document Revision History


App Date Document Summary of Changes
Version Version
N/A 11/2/2023 34.0 Added NextGen Enterprise EHR8 requirements.
Updated PLS screenshot and field information.
N/A 7/11/2022 33.0 Updated the DigiCert identity verification
requirements.
N/A 6/14/2022 32.0 Added information about the Patient Locator service
and manual activation.
N/A 5/26/2022 31.0 Added note about Zero Trust implementations.
N/A 2/8/2022 30.0 Added information about how to opt out of the
eChart Extraction Service.
N/A 1/20/2022 29.0 Added note about requirement to use one license
key per installation.
N/A 5/3/2021 28.0 Updated interface server requirements and
converted network topology image to text.
N/A 2/3/2021 27.0 Updated instructions for submitting DigiCert form.
N/A 8/20/2020 26.0 Updated screenshots.
N/A 8/10/2020 25.0 Updates based on installation walkthrough.
N/A 6/23/2020 24.0 Updated information about auto-installed eChart
Extraction Service and corrected network topology
diagram.
N/A 5/5/2020 23.0 Updated interface server requirements and workflow
tasking information.
N/A 11/6/2019 22.0 Updated Network Topology diagram and associated
technical endpoints.
N/A 8/16/2019 21.0 Updated the installation steps. Updated Network
Topology diagram. Updated the Registration
Validation section. Updated the Pre-Requisites
Check section.
N/A 7/26/2019 20.0 Re-ordered installation steps. Added Openfire
warning.
N/A 05/03/2019 19.0 Updated to include WOMBA service.
N/A 11/26/2018 18.0 Rebranded. Updated the Supported Operating
Systems section.
N/A 10/04/2018 17.0 Updated the Download the NextGen Share
Installation Kit section.
N/A 09/16/2018 16.0 Updated for the rebranding changes.

Page 60 of 61 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. 11/02/2023
Onboarding and Installation Guide for NextGen Share

App Date Document Summary of Changes


Version Version
N/A 07/16/2018 15.0 Added the Auto-installation of Payer Services
section.
N/A 04/27/2018 14.0 Rebranded
N/A 08/21/2017 13.0 Restructured the document.
N/A 08/10/2016 12.0 Updated the Installing NextGen Share section.
N/A 07/21/2016 11.0 Updated the Network Connectivity section to include
AWS information.
N/A 07/13/2016 10.0 Updated the NextGen Share Upgrades section.
N/A 06/27/2016 9.0 Updated the Before you start section. Renamed it to
Installation Considerations.
N/A 04/01/2015 8.0 Updated the document to reflect new Success
Community references.
N/A 10/30/2015 7.0 Updated the Network Connectivity section.
N/A 09/18/2015 6.0 Updated the Installing NextGen Share section.
Updated multiple screenshots to remove the
Manage Provider link.
N/A 08/07/2015 5.0 Updated the Interface Server Requirements section.
N/A 07/23/2015 4.0 Updated the NextGen Share Upgrades section.
N/A 07/13/2015 3.0 Updated the installation and on-boarding process
N/A 06/08/2015 2.0 Updated the installation and on-boarding process
Added sections describing the Share Portal and the
Message Center
N/A 03/02/2015 1.0 General Release

11/02/2023 Confidential – Proprietary Information – For Use By Authorized Company Clients Only. Do Not Distribute. Page 61 of 61

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy