Register as an RDS Secure Website User

User Roles:

AM

AR

AC

D

This section provides an overview of RDS Secure Website user registration.

Introduction to User Registration

All Retiree Drug Subsidy (RDS) participants must complete Registration to access the RDS Secure Website (SWS). The Registration process requires a user to enter personal information and create a Login ID and Password. CMS' RDS Center sends an email confirming the activation of the user's Login ID and Password within 48 hours after the Registration process is completed.

User Management is the responsibility of the Plan Sponsor. For data integrity and security purposes, CMS’ RDS Center does not alter registered user information on the user’s behalf.

Due to the sensitive nature of this data, the user should contact the RDS Center directly should assistance be required. One individual should not contact the RDS Center on another individual’s behalf. Do not include any Protected Health Information (PHI), as defined in the Health Insurance Portability and Accountability Act (HIPAA), or Personally Identifiable Information (PII) in the correspondence, such as User ID, Password, MBI, SSN, DOB, etc.

Federal Security Regulations require that a user log in to CMS' RDS Secure Website (SWS) at least once every 180 days to maintain an active account. Active user accounts are required to perform many tasks in the RDS Program, such as completing and submitting applications and completing Reconciliation.

Users with disabled accounts should refer to Enable Your User Account for more information about maintaining an active account, as well as step-by-step instructions to enable their user account.

Federal Law Governing User Account Access Information Sharing

Individuals are responsible for maintaining and protecting their RDS Secure Website account access. It is a violation of Federal law to share or transfer user accounts or Login and Password information. Do not share the QR code, Secret Key, Google Authenticator token, one-time token or any other account information with anyone. Activate your MFA configuration with your own personal device, not the device of another person.

If a security violation has been suspected by the RDS Center, the compromised account shall be terminated. If the user requires access to the Secure Website again, they will be required to be invited to each Plan Sponsor account and/or application they will perform work on and complete registration again, including being required to activate a new MFA configuration for the new account.

CMS' RDS Center shall not share your personal information with any third-party, except for disclosures required by law.

Login Warning

In order to access the RDS Secure Website, all users are required to read and accept the Login Warning each time they log in.

Account Manager

The Account Manager Registration takes place during the new Plan Sponsor Registration process. For more information, refer to Create a New Plan Sponsor Account.

Account Manager Reassigned for an Existing Plan Sponsor

A new Account Manager reassigned for an existing Plan Sponsor receives an invitation email to begin Registration within 48 hours after the user role is reassigned. Registration can begin after the email invitation is received.

Authorized Representative, Designee, and Actuary

The Authorized Representative, Actuary, and Designee receive an invitation email to begin Registration within 48 hours after the user role is assigned. Registration can begin after the email invitation is received.

Vendors

Vendors identified by the Plan Sponsor are asked to contact CMS' RDS Center to establish a Vendor ID and Electronic Data Interchange (EDI) requirements.

Return to top

Security Questions

During Registration, each user selects two Security Questions and enters Answers to those Security Questions.

The Security Questions are used to protect personal information, allow RDS users to provide an Electronic Signature, and to reset Passwords. When the Secure Website prompts a user to answer Security Questions, the user is required to enter their own personal Security Question answers.

Note: Security Questions can only be changed once in a 24-hour period.

Locked Security Questions

The Security Questions will be locked after multiple incorrect Answers are entered to the Security Questions.

To unlock Security Questions, refer to Change Or Reset Security Questions or contact CMS' RDS Center.

Return to top

Login ID Requirements

Each user creates a Login ID during Registration, which allows access to the RDS Secure Website.

Create a Login ID based on the following requirements:

  • Must be 8 to 15 characters
  • Can only contain Uppercase letters, Lowercase letters or numbers

Return to top

Password Requirements – New and Changed or Forgotten Passwords

Each user creates and maintains a Password, which allows access to the RDS Secure Website.

Passwords are based on the following requirements:

  • Must be 8 to 14 characters in length
  • Must begin with a letter
  • Must include each of the following:
    • 1 - Lowercase letter
    • 1 - Uppercase letter
    • 1 - Number
    • 1 - Special character
  • Must not contain the Login ID
  • Must not contain a reserved word. For more information, refer to Reserved Words List
  • Must not be a dictionary word or name
  • Password cannot match 4 consecutive characters in the most recent Password (applies to changed Passwords only)
  • Password cannot match any of the previous 6 Passwords (applies to changed and forgotten Passwords only)

Note: A Password can only be changed once in a 24-hour period.

Password Expiration

Passwords expire every 180 days and must be changed to access the RDS Secure Website.

Locked User Account

The user account is locked after multiple incorrect attempts to enter the Password.

To reset a Password, refer to Change Password if Account is Locked.

Return to top

Information for New Users

CMS' RDS Center offers an RDS Welcome Kit to help new Account Managers, Authorized Representatives, Actuaries, and Designees become acquainted with the RDS Program and their role-specific tasks.

The RDS Welcome Kit offers:

  • A list of Top 5 Things to Know that compiles important information to always keep in mind while participating in the RDS Program.
  • A User Roles Support Tool to help new users understand how their role fits into the various components of the RDS Program.
  • Role-based Quick Start Guides to direct new users to the information that will help them get started on their tasks.

Return to top