License for Use of "Physicians' Current Procedural Terminology", (CPT) Fourth Edition

End User/Point and Click Agreement: CPT codes, descriptions and other data only are copyright 2009 American Medical Association (AMA). All Rights Reserved (or such other date of publication of CPT). CPT is a trademark of the AMA.

You, your employees and agents are authorized to use CPT only as contained in the following authorized materials including but not limited to CGS fee schedules, general communications, Medicare Bulletin, and related materials internally within your organization within the United States for the sole use by yourself, employees, and agents. Use is limited to use in Medicare, Medicaid, or other programs administered by the Centers for Medicare & Medicaid Services (CMS). You agree to take all necessary steps to insure that your employees and agents abide by the terms of this agreement.

Any use not authorized herein is prohibited, including by way of illustration and not by way of limitation, making copies of CPT for resale and/or license, transferring copies of CPT to any party not bound by this agreement, creating any modified or derivative work of CPT, or making any commercial use of CPT. License to use CPT for any use not authorized here in must be obtained through the AMA, CPT Intellectual Property Services, 515 N. State Street, Chicago, IL 60610. Applications are available at the AMA website.

This product includes CPT which is commercial technical data and/or computer data bases and/or commercial computer software and/or commercial computer software documentation, as applicable which were developed exclusively at private expense by the American Medical Association, 515 North State Street, Chicago, Illinois, 60610. U.S. Government rights to use, modify, reproduce, release, perform, display, or disclose these technical data and/or computer data bases and/or computer software and/or computer software documentation are subject to the limited rights restrictions of DFARS 252.227-7015(b)(2)(June 1995) and/or subject to the restrictions of DFARS 227.7202-1(a)(June 1995) and DFARS 227.7202-3(a)June 1995), as applicable for U.S. Department of Defense procurements and the limited rights restrictions of FAR 52.227-14 (June 1987) and/or subject to the restricted rights provisions of FAR 52.227-14 (June 1987) and FAR 52.227-19 (June 1987), as applicable, and any applicable agency FAR Supplements, for non-Department Federal procurements.

AMA Disclaimer of Warranties and Liabilities.

CPT is provided "as is" without warranty of any kind, either expressed or implied, including but not limited to, the implied warranties of merchantability and fitness for a particular purpose. AMA warrants that due to the nature of CPT, it does not manipulate or process dates, therefore there is no Year 2000 issue with CPT. AMA disclaims responsibility for any errors in CPT that may arise as a result of CPT being used in conjunction with any software and/or hardware system that is not Year 2000 compliant. No fee schedules, basic unit, relative values or related listings are included in CPT. The AMA does not directly or indirectly practice medicine or dispense medical services. The responsibility for the content of this file/product is with CGS or the CMS and no endorsement by the AMA is intended or implied. The AMA disclaims responsibility for any consequences or liability attributable to or related to any use, non-use, or interpretation of information contained or not contained in this file/product. This Agreement will terminate upon notice if you violate its terms. The AMA is a third party beneficiary to this Agreement.

CMS Disclaimer

The scope of this license is determined by the AMA, the copyright holder. Any questions pertaining to the license or use of the CPT must be addressed to the AMA. End Users do not act for or on behalf of the CMS. CMS DISCLAIMS RESPONSIBILITY FOR ANY LIABILITY ATTRIBUTABLE TO END USER USE OF THE CPT. CMS WILL NOT BE LIABLE FOR ANY CLAIMS ATTRIBUTABLE TO ANY ERRORS, OMISSIONS, OR OTHER INACCURACIES IN THE INFORMATION OR MATERIAL CONTAINED ON THIS PAGE. In no event shall CMS be liable for direct, indirect, special, incidental, or consequential damages arising out of the use of such information or material.

This license will terminate upon notice to you if you violate the terms of this license. The AMA is a third party beneficiary to this license.

POINT AND CLICK LICENSE FOR USE OF "CURRENT DENTAL TERMINOLOGY", ("CDT")

End User License Agreement

THE LICENSE GRANTED HEREIN IS EXPRESSLY CONDITIONED UPON YOUR ACCEPTANCE OF ALL TERMS AND CONDITIONS CONTAINED IN THIS AGREEMENT. BY CLICKING BELOW ON THE BUTTON LABELED "I ACCEPT", YOU HEREBY ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD AND AGREED TO ALL TERMS AND CONDITIONS SET FORTH IN THIS AGREEMENT.

IF YOU DO NOT AGREE WITH ALL TERMS AND CONDITIONS SET FORTH HEREIN, CLICK BELOW ON THE BUTTON LABELED "I DO NOT ACCEPT" AND EXIT FROM THIS COMPUTER SCREEN.

IF YOU ARE ACTING ON BEHALF OF AN ORGANIZATION, YOU REPRESENT THAT YOU ARE AUTHORIZED TO ACT ON BEHALF OF SUCH ORGANIZATION AND THAT YOUR ACCEPTANCE OF THE TERMS OF THIS AGREEMENT CREATES A LEGALLY ENFORCEABLE OBLIGATION OF THE ORGANIZATION. AS USED HEREIN, "YOU" AND "YOUR" REFER TO YOU AND ANY ORGANIZATION ON BEHALF OF WHICH YOU ARE ACTING.

Subject to the terms and conditions contained in this Agreement, you, your employees, and agents are authorized to use CDT-4 only as contained in the following authorized materials and solely for internal use by yourself, employees and agents within your organization within the United States and its territories. Use of CDT-4 is limited to use in programs administered by Centers for Medicare & Medicaid Services (CMS). You agree to take all necessary steps to ensure that your employees and agents abide by the terms of this agreement. You acknowledge that the ADA holds all copyright, trademark and other rights in CDT-4. You shall not remove, alter, or obscure any ADA copyright notices or other proprietary rights notices included in the materials.
Any use not authorized herein is prohibited, including by way of illustration and not by way of limitation, making copies of CDT-4 for resale and/or license, transferring copies of CDT-4 to any party not bound by this agreement, creating any modified or derivative work of CDT-4, or making any commercial use of CDT-4. License to use CDT-4 for any use not authorized herein must be obtained through the American Dental Association, 211 East Chicago Avenue, Chicago, IL 60611. Applications are available at the American Dental Association website.
Applicable Federal Acquisition Regulation Clauses (FARS)\Department of Defense Federal Acquisition Regulation Supplement (DFARS) Restrictions Apply to Government use. Please click here to see all U.S. Government Rights Provisions.
ADA DISCLAIMER OF WARRANTIES AND LIABILITIES. CDT-4 is provided "as is" without warranty of any kind, either expressed or implied, including but not limited to, the implied warranties of merchantability and fitness for a particular purpose. No fee schedules, basic unit, relative values or related listings are included in CDT-4. The ADA does not directly or indirectly practice medicine or dispense dental services. The sole responsibility for the software, including any CDT-4 and other content contained therein, is with (insert name of applicable entity) or the CMS; and no endorsement by the ADA is intended or implied. The ADA expressly disclaims responsibility for any consequences or liability attributable to or related to any use, non-use, or interpretation of information contained or not contained in this file/product. This Agreement will terminate upon notice to you if you violate the terms of this Agreement. The ADA is a third-party beneficiary to this Agreement.
CMS DISCLAIMER. The scope of this license is determined by the ADA, the copyright holder. Any questions pertaining to the license or use of the CDT-4 should be addressed to the ADA. End users do not act for or on behalf of the CMS. CMS DISCLAIMS RESPONSIBILITY FOR ANY LIABILITY ATTRIBUTABLE TO END USER USE OF THE CDT-4. CMS WILL NOT BE LIABLE FOR ANY CLAIMS ATTRIBUTABLE TO ANY ERRORS, OMISSIONS, OR OTHER INACCURACIES IN THE INFORMATION OR MATERIAL COVERED BY THIS LICENSE. In no event shall CMS be liable for direct, indirect, special, incidental, or consequential damages arising out of the use of such information or material.

The license granted herein is expressly conditioned upon your acceptance of all terms and conditions contained in this agreement. If the foregoing terms and conditions are acceptable to you, please indicate your agreement by clicking below on the button labeled "I ACCEPT". If you do not agree to the terms and conditions, you may not access or use the software. Instead, you must click below on the button labeled "I DO NOT ACCEPT" and exit from this computer screen.

Print | Bookmark | Email | Font Size: + | –

Multi-Factor Authentication (MFA)

Effective September 2, 2016, CMS is updating the Enterprise Identity Management (EIDM) Portal to begin requiring a new multi-factor authentication (MFA) process whenever users log in to the myCGS Web Portal. MFA is the use of two or more different authentication factors to verify the identity of a user. One authentication factor is the password that goes along with your EIDM ID to get into myCGS. MFA will require a second, completely separate authentication method.

If you are an existing user of myCGS, you will need to register an MFA option in your EIDM account prior to September 2, 2016. Options for MFA include using "credential" software on your computer or phone, text message (SMS), voice message, or email. You can register up to five devices for MFA, and CMS recommends that you register at least two devices. It is strongly suggested that you use the free credentialing software as your first MFA choice. If you are unable to use the credentialing software (for instance, because you use a shared computer), then text message is suggested. Using email should be your last resort for authentication, as it is both the least secure and the slowest method for receiving access authentication, and therefore may cause delays in the log in process.

You will need MFA software if you choose to receive your MFA credential on a computer or laptop or a mobile device. You will be required to download the MFA software from Symantec and install it in your device of choice. To download the desktop software for Windows or Mac, navigate to https://idprotect.vip.symantec.com/desktop/home.v and follow the instructions. If using an iPhone, Android, Blackberry, or other mobile device, use your device to navigate to https://m.vip.symantec.com/home.v and follow the instructions. The text message, voice message, and email options do not require a software download.

You can register your MFA devices in EIDM now. While you will not be required to use MFA until September 2, it is important to complete the registration of your MFA option prior to the September 2 implementation. Failure to register an MFA option prior to implementation will result in delays accessing myCGS. Note that if you do register now, you will not be required to actually log in using MFA until September 2.

If you are registered for myCGS in an Approver role (Designated Approver, Authorized Official, or Backup Authorized Official), it is especially important that you register your MFA option by September 2, as End Users in your organization may have issues with MFA if their Approvers are not registered.

For detailed instructions on how to register your MFA device(s), CMS has provided an MFA Quick Reference Guide.

In order to assist you with registering your MFA device, CGS has put together a list of Frequently Asked Questions below. Additionally, CMS has produced an EIDM Training Video on YouTube with instructions about MFA registration and use.

Frequently Asked Questions (FAQs)

What is Multi-Factor Authentication (MFA)?

MFA is an approach to security authentication that requires you to provide more than one form of a credential in order to prove your identity. CMS policy specifies that all users who request access to a CMS Application designated a level of assurance (LOA) 3 security rating must be identity proofed to LOA 3 and are also required to be authenticated using MFA. CMS uses Symantec's Validation and Identity Protection (VIP) service to add a layer of protection for your online identity. Symantec's VIP utilizes government-certified technology and techniques to provide this multi-factor authentication.

Are there any specific MFA service providers? What MFA devices can I link to my CMS user account?

Yes. There are various MFA service providers. Symantec is the MFA service provider for EIDM accounts. Symantec provides validation and identity protection using one of the following: a computer-based application, smartphone-based app, one-time email password, or one-time SMS password.

How does CMS use MFA?

CMS uses MFA to grant access to protected CMS applications such as myCGS. You will be asked to enter your username and password and a One Time Password (OTP) that is generated by Symantec VIP software to gain access to myCGS. The OTP can be generated by a free Symantec application that can be downloaded to your desktop or smartphone, or alternatively, you can receive an OTP via a Short Message Service (SMS), email, or voice phone call once you have registered your phone in EIDM.

How do I get an MFA credential?

You will be prompted to register an MFA credential when you request access to myCGS, and you have not already registered an MFA credential in EIDM. You will be given a choice of MFA token delivery methods. The primary MFA token delivery method is to download software and install it on your computer or a mobile device. Alternatively you can set up SMS, email, or voice token to deliver your MFA credential.

Where can I get the MFA software?

To download the desktop software for Windows or Mac, navigate to https://idprotect.vip.symantec.com/desktop/home.v and follow the instructions.

If using an iPhone, Android, Blackberry, or other mobile device, use your device to navigate to https://m.vip.symantec.com/home.v and follow the instructions.

SMS OTP and Voice OTP options do not require a software download.

How do I register for MFA if I receive an error when installing the software on my computer?

If you are having trouble downloading and installing the MFA software on your desktop or laptop, it is possibly due to your company's IT policy that disables users from installing any software on their company-provided machines. Check with your company's IT department for assistance. If your company does not allow you to install MFA software, one alternative is to use a mobile device that you control, or you can also use a voice call to obtain the OTP.

What if I can't use the desktop MFA software or the mobile phone MFA software?

EIDM allows you to set up a voice or SMS delivery method for your OTP that does not require an MFA software download. You can register a phone number and select SMS or Voice OTP, and then EIDM can register your phone number and delivery method with Symantec. After your MFA is activated, when you request access to myCGS through EIDM you will receive either a phone call or text message that contains your OTP, depending on the delivery method that you select.

The SMS and Voice OTP expire within 30 minutes of when they are sent, so please make sure you provide a phone number that will be accessible to you during your typical work hours. As an example, do not use a residential phone number if you will normally log in from your place of employment.

I am being asked to type a Credential ID. Where do I find the Credential ID?

The Credential ID is the 12-digit alpha-numeric number on the top of the soft token that was downloaded to your device from Symantec. The Credential ID begins with four letters and ends with eight numbers. In the example below, the token displays the credential ID as VSST57144377.

How do I register additional devices to my user account?

You can register up to five MFA credentials in your user account. Additional MFA credentials can be added to your account after you have been prompted by EIDM to set up the first MFA credential. The "Register your Smartphone or Computer" hyperlink on the "My Profile" page will appear once you have successfully set up your first MFA credential. You can click on the link and add additional MFA devices to your user account.

Refer to the MFA Quick Reference Guide for additional instructions.

If my Credential ID is copied or stolen, can someone else access my CMS EIDM User account?

No. A Credential ID cannot be used to access an EIDM user account.

How many MFA devices can I link to my EIDM user account?

EIDM allows you to link a maximum of five distinct devices which can either be a computer or a smartphone.

Will I be charged cell phone time each time I use Symantec VIP MFA on my mobile device?

It depends on what delivery method you use. The Symantec VIP MFA software is free. Once the Symantec VIP MFA application is downloaded and installed on the phone it does not utilize any cell time to generate the six-digit security code. Cell or network traffic is used to download the application to one's mobile device. There are no recurring charges associated the use of either software option. If you choose not to use the software option and select SMS or Voice OTP, carrier charges may apply.

Top