Attention: Immediate Action Required – TLS 1.2 Security Deadline – April 2, 2018

Last updated on April 26th, 2018 at 04:34 pm CT

[Update 04.26.2018]
Immediate Action Required – TLS 1.2 Deadlines Extended

Review Immediately – PCI Compliance and TLS 1.2 Security Deadlines Extended
In the event your location cannot meet these deadlines, please immediately reach out to us at customer.support@experianhealth.com so that we can audit the progress of your required upgrades.

Financial Products, Extended Deadline – Friday, May 4, 2018
Due to PCI Compliance and TLS 1.2 Security Requirements, clients or end users who process payments using any of our Financial Products (PaymentSafe, Link2Gov or L2G, Concord/First Data, Patient Self-Service, Cash Tracking) must take the following actions. In consideration of efforts being made by our clients to achieve compliance, please be advised of the following:

  • Browsers must be TLS1.2 compliant by 5/4.
  • Whitelisting of Domains and IPs need to be Added or Updated by 5/4.
  • NextBar and PIC updates must be updated by 6/30.

Please inform and communicate with your IT Staff and/or Network Administrators, to ensure that each of the following URLs and IP addresses are included and/or added in your Network Configuration and “Whitelisted” for any of your network proxy servers and firewalls. To avoid any service disruption and/or end-user access, please complete this action prior to Friday, May 4,2018.

URL/Domain – paymentsafe.experianhealth.com
Whitelist IP Range – 199.96.232.175/199.96.233.175

URL/Domain – collections.ecarenext.com
Whitelist IP Range – 199.96.232.176/199.96.233.176

Non-Financial Products, Deadline by June 30, 2018
Clients who do not have our Financial Products, must complete their upgrades by: June 30, 2018.

  • Browsers must be TLS1.2 compliant by 6/30
  • NextBar and PIC updates must be updated by 6/30

Download – TLS 1.2 Readiness Document
Includes Instructions, Checklist, FAQs, Compatibility, and Product Testing


Product Specific Actions Required for TLS 1.2 Deadlines

eCare NEXT Bar and IntelliSource (PIC)
In addition to enabled TLS 1.2 Internet Browsers, eCare NEXT (Click-Once, MSI, IPS), IntelliSource, and Medical Necessity clients must upgrade their applications.   Instructions for enabling and testing TLS 1.2 can be downloaded in our TLS 1.2 Readiness Document, that provides Checklist, FAQs, Compatibility, and Product Testing.

  • If you have Financial Products –
    Your Deadline is May 4, 2018 to Upgrade Your Browser and NextBar/PIC.
  • If you don’t have Financial Products –
    Your Deadline is June 30, 2018 to Upgrade Your Browser and NextBar/PIC.

Medical Necessity
Use this link to download the TLS 1.2 requirements and upgrade instructions for the Medical Necessity – Thin Client.  This is only for clients who use the Legacy Order Checker application (a/k/a Healthworks and IntelliSource Medical Necessity). This update does not apply to clients who use Order Checker within their eCare NEXT platform.


[Previously Posted]

Please Read.
Attention:  Immediate Action Required – TLS 1.2 Security  Deadline – April 2, 2018

To avoid disruption, you should ensure that all minimum TLS 1.2 requirements are met by April 2, 2018. Please take immediate action to ensure that your internal systems are tested with TLS 1.2 today. If you cannot meet TLS 1.2 protocol requirements, your access to Experian Health systems may be disrupted after this date.

Experian Health is focused on helping our customers improve their security by using the latest security protocols. At Experian Health, we take the protection of our customer’s data very seriously. The disablement of TLS 1.0 and TLS 1.1 is being undertaken so we can maintain the highest security standards and promote the safety of your data as well as align with industry-wide best practices. This phased approach will prevent older encryption protocols from being used to access Experian Health services within inbound and outbound connections.

Download – Important  TLS1.2
FAQs, Checklist, and Product Testing –
Updated Document

eCare Next and IntelliSource
Download the TLS Product Testing Document and Email our Customer Support Team to begin your TLS 1.2 compliance tests via eCare NEXT.

This is a critical step if you use eCare NEXT (click-once, MSI, IPS) or IntelliSource. It is imperative that we require your assistance in testing this security update. Simple testing can only be performed by using a single user account at your facility. This will allow you to work directly with our team to confirm and make certain that our solutions work for you once we mandate these changes on Monday, April 2nd, 2018. Instructions for testing can be found in the TLS document.  For more information, contact us at: Customer.Support@experianhealth.com

Medical Necessity
Click Here for the requirements and instructions to upgrade Medical Necessity Thin Client. This is only for clients who use the Legacy Order Checker application (a/k/a Healthworks and IntelliSource Medical Necessity). This update does not apply to clients running Order Checker within the eCare Next platform.  For more information, contact us at: Compliance.Support@experianhealth.com 

Search America
The most common way a user will be impacted is if they are still using Internet Explorer (IE) 7 or older, these browsers will not work once TLS 1.2 cutover happens. For Search America specific questions, contact us at: ehccustomercare@experian.com

Soon Approaching – TLS 1.2 Security Deadline, April 2, 2018.
We want to remind you about our ongoing TLS 1.2 project and to ensure you are aware that this initiative requires your immediate attention.  Experian Health is focused on helping our customers improve their security by using the latest security protocols. At Experian Health, we take the protection of our customer’s data very seriously.

(Previous Posts - References)
Originally Posted: Feb 15, 2018 - Initiation of TLS 1.2 Browser Notification Message - Thursday, February 15, 2018  
Originally Posted: Jan. 19, 2018 - Attention: Immediate Action Required – TLS 1.2 Security Deadline – April 2, 2018
Originally Posted: Sept. 02, 2017 - Immediate Action Required – TLS 1.2 Security Requirements Deadline –  April 2, 2018  

The disablement of TLS 1.0 and TLS 1.1 is being undertaken so we can maintain the highest security standards and promote the safety of your data as well as align with industry-wide best practices. This phased approach will prevent older encryption protocols from being used to access Experian Health services within inbound and outbound connections.