Authorized Representatives: Confirm your access to the RDS Secure Website now!
To avoid missed program deadlines and delayed subsidy payments, ensure that your RDS user accounts and Multi-Factor Authentication (MFA) are active and that you are able to access the RDS Secure Website today!
Do not wait until last minute! When a user enters Login information incorrectly (i.e., invalid Login ID, Password, and/or MFA token), CMS’ RDS Center is prohibited by Federal Security Regulations to identify which login requirements were entered incorrectly. If your user account becomes locked after three (3) consecutive failed login attempts, you will be forced to change your password.
**UPDATED 1/25/24** New Password Policy Reminder: Passwords can be changed five (5) times in a 24-hour period. If a user changes their password the maximum five (5) times and then locks their account again on the same day, the user cannot change their password to unlock their account until 24 hours have passed. CMS' RDS Center cannot unlock user accounts.
What does this mean for the Authorized Representative?
Concurrent with the terms of the Plan Sponsor Agreement, the Authorized Representative is the ONLY individual who can complete Application Submission: Review & Submit Application and Reconciliation: Review And Submit Reconciliation Payment Request in the RDS Secure Website.
Potential Risks of Attempting to Submit on the Deadline Date:
**UPDATED 1/25/24** New Password Policy If the Authorized Representative’s user account is locked due to three (3) consecutive failed login attempts on the Application Deadline Date AND their password was already changed the maximum five (5) times on that date:
- The Application Deadline will be missed, and
- The application will not be processed.
**UPDATED 1/25/24** New Password Policy If the Authorized Representative’s user account is locked due to three (3) consecutive failed login attempts on the Reconciliation Deadline Date AND their password was already changed the maximum five (5) times on that date:
- The Reconciliation Deadline will be missed,
- A final subsidy payment cannot be requested, and
- The sum of any interim payments received for the application will be placed in overpayment status for which CMS will initiate immediate overpayment recovery action.
CMS’ RDS Center recommends resetting MFA for your mobile device before attempting to log in with a new password and before using all three of your login attempts. Multi-Factor Authentication can be configured on only one device at a time. If any user changes devices, or gets a new device, they must reset MFA with the new device.
CMS’ RDS Center cannot circumvent the Federal Security Regulations enforcing password requirements.
Due to these security restrictions, the 24 hours IMMEDIATELY PRECEDING a deadline can be very difficult to obtain remediation regarding account login issues, potentially resulting in a missed deadline and possible loss of subsidy.
If you need help accessing your account, refer to these helpful links:
- MFA Reset Instructions: Use this link if your MFA is not working.
- MFA Reset Quick Start Guide: Use this link to view a one-page process diagram illustrating how to reset MFA.
- Request a One-Time Token Instructions: Use this link if your MFA is not working, you are unable to reset MFA, and you need immediate access to the RDS Secure Website. Note: One-Time Tokens can be used for login a MAXIMUM of three consecutive times.
- Forgot Password: Use this link if you cannot remember your password and need to reset it.
- Change Password If Account Is Locked: Use this link if you entered your login information incorrectly three consecutive times and have been locked out.
- Enable Your User Account: Use this link if you haven’t logged in for 180 days and are disabled.
- Request Forgotten Login ID: Use this link if you cannot remember your Login ID.
- Verify Email Address: Use this link if CMS' RDS Center has detected an issue with your email address and you need to confirm or change it.
CMS' RDS Center's official means of communication to the Plan Sponsor is through email. If you need assistance logging into the RDS Secure Website, contact CMS’ RDS Center for support. Do not include any Protected Health Information (PHI), as defined in the Health Insurance Portability and Accountability Act (HIPAA), or Personally Identifiable Information (PII) in the email or Support Request, such as User ID, Password, MBI, SSN, DOB, etc. As a reminder, the CMS’ RDS Center discontinued its Call Center in 2015.