Skip to main content

Click Here for Medicaid Redetermination Information

Incident Reporting and Analysis System (IRAS) - Registration


The following information explains the process for provider staff to become registered IRAS Users. The only providers who need to have staff register are:

  • Managing entities (MEs) and their subcontracted agencies
  • Substance abuse providers licensed by the Department but not contracted by the Department.

Provider Database

Before provider staff can register to use IRAS, the provider must be registered in the Department's provider database. Managing entities are already registered in the provider database. Non-contracted substance abuse providers may or may not be registered in the provider database. If your provider needs to register, or you are unsure if your provider is registered, send an email with the complete name and address of the facility to Sarah Griffith at DCF.

Provider Staff Registration

Please follow the steps below to register.

Each provider that is required to submit incident reports to IRAS must have at least two staff members registered in the role of Incident Coordinator. Additional staff may be registered in the Viewer role. See the IRAS User Guide for details on these and other user roles.

Complete the required HIPAA and Security Awareness trainings (if you have not done so already) and save the completion certificates.

To access the HIPPA and Security Awareness Training, you may visit the DCF Training page.


Complete a Provider Data Security Enrollment Form (entitled Database Access Request Form) and the Access Confidentiality and Nondisclosure Agreement Form and obtain your supervisor’s signature on them. Review Instructions for the Database Access Request Form carefully prior to completing the form.


Scan and email completed Data Security Enrollment Form (Database Access Request Form), Access Confidentiality and Nondisclosure Agreement Form, and HIPAA and Security Agreement training certificates to:

  • Your Managing Entity Data Liaison if you are subcontracted with a Managing Entity.
  • Sarah Griffith at DCF if you are employed by a private licensed substance abuse provider, or a private designated Baker Act receiving facility requesting SAMHIS access.


You should receive your IRAS user logon and initial password from your Managing Entity Data Liaison, or Sarah Griffith within 30 days.  Please disregard any system generated emails from Tivoli with your user logon and a non-working link.  Please follow-up with Sarah Griffith if you do not receive your user logon and initial password within 30 days.


Install Cisco AnyConnect, and create a shortcut to the DCF Web Portal in Internet Explorer on your desktop. A link to the AnyConnect installation instructions and the DCF Web Portal login will be included on the email you receive containing your user logon and initial passwords.


Log into Cisco AnyConnect and once connected, click on your DCF Web Portal shortcut. Log into the DCF Web Portal and click on Incident Reporting and Analysis System on the left side menu.

Review the IRAS User Guide for more details (This guide is also accessible within the IRAS system).

Review DCF Operating Procedure, CF-OP 215-6, to learn what incidents must be reported and the responsibilities of provider staff.

This completes your registration. You should now be able to access IRAS to submit or view incidents. If you have technical problems while using IRAS (other than with the registration process), email For problems with the registration process, contact Sarah Griffith.