SPOT approver instructions

Step 1: Submit new organization form

Organizations must submit a new organization form that designates an approver and is signed by their authorized or delegated official:

Step 2: Complete the following instructions

Reminders for SPOT approvers:

First Coast would like to inform you of the requirements for Secure Provider Online Tool (SPOT) approvers. Your implementation of the following requirements will help to ensure consistent and proper SPOT access for you and your end-users, and will also help you prevent disruptions in the efficient operations of your organization. 

  • When requesting SPOT access, you should ONLY request the approver role, not end-user access. End-user access is included as part of being a SPOT approver.
  • Refer to the CMS IDM User Guide (found on the CMS Guides & Documentation webpage for instructions on using the Identity Management system (IDM), such as how to approve your end users.
  • You must remember to recertify all your end-users annually. You will be prompted via email when a recertification is due.
  • When you leave your role or organization, you must submit a SPOT update form listing a new approver who will manage your organization’s account.
  • It is crucial that you log in to your SPOT account (https://thespot.fcso.com/), not just IDM, regularly so that you do not lose access. All users are required to log in to SPOT at least once every 30 days. Any user IDs that do not meet this requirement will be considered inactive. Logging in to the Identity Management (IDM) system at https://home.idm.cms.gov to reset your password is required to reactivate the SPOT access.
  • Please closely monitor your email for information on upcoming changes, enhancements, outages, and more

Once the approver has received an approval communication from the SPOT Help Desk, they may complete these instructions.

Is this the correct role for you? View role descriptions here.

Instructions Navigation examples

1. Navigate to CMS’ IDM portal

https://home.idm.cms.gov

Select link for New User Registration

Note: If you already have an IDM account, skip to Step 5.

IDM sign in screen

2. Register your information

This portion of the application is based on your personal information.  

The information you enter here will be important later in the process for securing your access to SPOT.

Per CMS requirements, enter your: 

  • First name
  • Last name
  • Date of birth
  • Email address

Review the terms and conditions, check the box, and click Next to continue.

new user registration screen

3. Complete your contact information

Enter your:

  • Home address
  • Primary contact telephone number

Click Next to continue.

 

new user registration screen 2

4. Create user ID, password and security

Note: IDM and SPOT accounts CANNOT be shared. Each individual who needs access must create their own IDM account and their own SPOT account.

Create a User ID for your IDM account, based on the provided parameters:

  • A minimum of six and a maximum of 74 alphanumeric characters
  • Can contain alphanumeric characters
  • The @ symbol may only be used if the user id is in a valid email address format (j.doe@abc.com)
  • May not start or end with special characters, or contain consecutive special characters
  • Your User ID may not contain your SSN or any nine consecutive numbers

Create your Password for your IDM account, which must meet the provided parameters:

  • Be at least 15 characters long
  • Cannot be longer than 60 characters
  • Contain at least one number
  • Contain at least one lower case letter
  • Contain at least one upper case letter
  • Special characters are optional. The following special characters are acceptable: “ ! # $ % & ” ( ) * + , - . / \  : ; < = > ? @ [ ] ^ _ ` { | } ~
  • Be different from the previous six (6) passwords
  • Not contain any parts of the User ID
  • Not contain any parts of your first or last name

Note: Passwords may only be changed once per day.

Confirm new password

Complete the Select Question and Answer section, which may be used to verify your identity.

Click the Submit button.

A message will display when the registration has completed. Click Return to proceed back to the login screen.

new user registration screen 3

 

confirmation message

 

5. Log in

Log into IDM with the User ID and password created.

IDM sign in screen

6. Verify with your email

Click the Send me an email button.

Access your email and open the email from IDM Auto Response to find the one-time verification code.

Type the code in the Enter Code box and click Verify

 

email verification screen

 

email verification screen 2

7. Set up another multifactor authentication (MFA)

*Skip this step if you previously setup the MFA.

Click the My Profile tile.

Click the Manage MFA and Recovery Devices option.

Click the Add another device dropdown arrow.

Choose the best MFA factor for your needs.

Follow the steps on the screen to complete the setup. 

Click Verify MFA and confirm the MFA.

Click OK.

 

home screen showing tiles
my profile - my information screen

 

my profile - manage MFA screen

8. Role request

Once you have logged in, click Role Request from the self-service options.

home screen with tiles

9. Select an application

Type SPOT in the ‘Select an Application’ drop-down field and click on ‘SPOT-First Coast Service Options internet portal (FCSO)’ to proceed to the role selection.

role request screen

10. Select a role

Click on the drop-down menu next to ‘Select a Role.’ 

Select ‘FCSO – Provider Office Approver’ or ‘FCSO - Business Office Approver.” 

If you are a third-party biller, select ‘FCSO Business Office Approver.’

If you select the incorrect role your application will be denied, and you will need to begin the registration process from Step 5.

 

role request screen 2

11. Review RIDP information

The next steps will verify your identity. Note: If you are NOT asked to verify your identity, skip to Step 15.

This process is known as Remote Identity Proofing (RIDP).

The Experian identity verification service is used by CMS to confirm your identity when you need to access a protected CMS application.  

If you have not previously been through CMS’ required identity verification, you may be prompted for RIDP when requesting access to SPOT.

Read the terms and conditions, check the box to agree, and then click ‘Next’ to proceed.

remote identity proofing agreement terms

12. Complete the RIDP

Use your personal information to complete all the required fields.

You must use your full legal name. Refer to your driver’s license or financial account information.

Your surname and other information, such as date of birth, must match the information Experian has for you on file.

Do not use nicknames.

If you have a two-part name, enter the second part in the middle name field. (i.e., Mary Beth would have Mary in the first name field and Beth in the middle name field).

Enter your current residential address:

  • Address where you receive financial statements including credit cards and/or utilities
  • Address you most consistently use for billing purposes
  • Address associated with your credit report
  • If you have a recent change in address, you can try to ID proof with a prior address

Click ‘Next.

If your information is verified, you have completed the RIDP process. Click Next and proceed to Step 15.

remote identity proofing data fields

13. If your information cannot be verified

In the event your information cannot be verified through RIDP, you will be asked to contact Experian Verification Support Services.

When you contact Experian Verification Support Services, please keep your ‘Review Reference Number’ close at hand. If Experian can resolve the information, return to Step 5 in this process by logging into your IDM account and begin the process of requesting access to SPOT.

You may return to this application once you have resolved the issue with the Experian database.

remote identity proofing error

14. Contacting Experian

When you arrive at the Role Request process again, click the check box to confirm your Experian verification and click Next.

Once you enter your information, the CMS IDM system will verify your contact with Experian. 

If Experian successfully verified your identity, you will be able to complete your request for SPOT.

If Experian is unable to verify your identity, contact the SPOT Help Desk and request to be manually verified.

Experian verification

15. Create / associate organization

On the screen, click the radio button next to “Create an Organization” and provide all requested information, including your TIN / SSN, legal business name, address, company telephone, city, state / territory, ZIP code, and submitter ID (this is found in your communication from the SPOT Help Desk).

If the organization has previously been created for SPOT access, you must associate to the existing organization. This is important to ensure access for any other users associated to your organization are not impacted. Do not create a new organization.

Click Review Request, review your information, enter your reason for request, and click Submit Role Request.

Create a new organization

16. Request submitted

The final screen will confirm that your request has been submitted. You will receive an email confirmation once your request has been processed. 

 

Request submitted

17. Access SPOT

Once the request is approved, go to https://thespot.fcso.com and sign in to access SPOT. 

 

Access SPOT