Access Control (Roles)*
Roles and access control policies on Health Claims Exchange
Last updated
Was this helpful?
Roles and access control policies on Health Claims Exchange
Last updated
Was this helpful?
Participating organisations in the the Health Claims information exchange ecosystem may possess one or more of the roles mentioned below. These roles are based on the base set of organisation roles defined in hl7 specifications . Name spaced coding is used to further qualify the role in the context of the claims exchange process.
provider - Health Service Provider (An entity that delivers care services) roles as below
provider.hospital - Organised hospitals.
provider.clinic - Independent clinics/ small care setups.
provider.practitioner - Individual practitioners.
provider.diagnosticsFacility - Diagnostic testing/laboratory services facility.
provider.pharmacy - Pharmacies and drug stores.
payer - Insurance service provider, an entity providing reimbursement, payment, or related services.
agency.tpa - Third party administrator, entity acting on behalf of the payer. In the current version, this role is expected to behave like a payer from the data exchange perspective.
agency.regulator - IRDAI and IIB like regulatory bodies.
research - Research groups, etc.
member.isnp - eCommerce platforms facilitating insurance adoption.
agency.sponsor - Scheme owners of specific programs, e.g. NHA for. Ayushman Bharat.
HIE/HIO.HCX - An entity that facilitates electronic clinical data exchange between entities, e.g. other HCXs.
BSP - Beneficiary Service Platform, digital platforms dedicated to assisting beneficiaries.
To streamline the existing method of delineating access rights for various roles in HCX, we present the following essential access groups:
These roles are responsible for initiating claims on behalf of policyholders, including providers and BSPs. The table below enumerates the key APIs that are initiated and responded to by these roles.
/coverageeligibility/check
/communication/request
/preauth/submit
/paymentnotice/request
/predetermination/submit
/claim/submit
/hcx/status
/notification
/registry/search
/eob/on_fetch
These roles encompass entities that receive and process claims, such as payers and TPAs. The table below enumerates the key APIs that are initiated and responded to by these roles.
/coverageeligibility/on_check
/coverageeligibility/check
/preauth/on_submit
/preauth/submit
/predetermination/on_submit
/predetermination/submit
/claim/on_submit
/claim/submit
/communication/request
/hcx/status
/paymentnotice/request
/eob/fetch
/hcx/on_status
/notification
/registry/search
/eob/on_fetch
These roles, while not directly engaged in claim processing, monitor claims for various purposes. This category includes regulators, observers, sponsors, and more. The table below enumerates the key APIs that are initiated and responded to by these roles.
/eob/fetch
/notification
Following section focuses on the participant onboarding requirement & processes on HCX.
Initial recommendations about onboarding policies of the new roles is included in the section.