Patient Access API
The Patient Access API facilitates the secure movement of data from payer systems (producers) to patients (consumers), accessible via third-party consumer applications. The API leverages CMS-recommended implementation guides, including the CARIN IG for Blue Button®, Da Vinci Payer Data Exchange (PDex), and the PDex US Drug Formulary IGs. It also uses the Common Payer Consumer Dataset (CPCDS) as a foundation, along with data exchange standards such as HL7® FHIR® and the SMART Application Launch Framework (standalone launch sequence).
Capability Statement
Developers can access the Acentra Health FHIR server capabilities for Patient Access API using the CapabilityStatement endpoint:
The capability statement describes the set of capabilities (behaviors) implemented by the FHIR Server to enable the Patient Access API. For example, it describes the enabled profiles, interactions, search parameters and provides information about the authorization and token endpoints.
API Access Setup
Authorization URL Format
https://sb.fhir.mhbapp.com/sof/oauth2/authorize?client_id={your_client_id}&redirect_uri={your_redirect_url}&response_type=code&aud={EHR_Server_BaseURL}Sandbox User IDs
Username: Sbuser###
Password: Acentra-sb$2024
Getting Access Token
| Section | Key | Value |
|---|---|---|
| HTTP Method | POST | https://sb.fhir.mhbapp.com/sof/oauth2/token |
| HTTP Headers | content-type | application/json |
| accept | application/json | |
| authorization | Basic base 64({client_id}:{client_secret}) | |
| HTTP Body | code | {oauth code} |
| grant_type | authorization_code | |
| redirect_uri | {your_redirect_uri} |
Profiles
Acentra Health Interoperability Solution's Patient Access API supports the following profiles
| Profile | Endpoint |
|---|---|
| ExplanationOfBenefit | https://sb.fhir.mhbapp.com/pa/api/v1/ExplanationOfBenefit |
| ExplanationOfBenefit – Inpatient Institutional | https://sb.fhir.mhbapp.com/pa/api/v1/ExplanationOfBenefit?type=institutional |
| ExplanationOfBenefit – Professional NonClinician | https://sb.fhir.mhbapp.com/pa/api/v1/ExplanationOfBenefit?type=professional |
| ExplanationOfBenefit – Oral | https://sb.fhir.mhbapp.com/pa/api/v1/ExplanationOfBenefit?type=oral |
| ExplanationOfBenefit – Pharmacy | https://sb.fhir.mhbapp.com/pa/api/v1/ExplanationOfBenefit?type=pharmacy |
| Patient | https://sb.fhir.mhbapp.com/pa/api/v1/Patient |
| Coverage | https://sb.fhir.mhbapp.com/pa/api/v1/Coverage |
| Practitioner | https://sb.fhir.mhbapp.com/pa/api/v1/Practitioner |
| Organization | https://sb.fhir.mhbapp.com/pa/api/v1/Organization |
| Formulary Drug | https://sb.fhir.mhbapp.com/pa/api/v1/MedicationKnowledge |
| Formulary Coverage Plan | https://sb.fhir.mhbapp.com/pa/api/v1/List |
| Prior Authorization | https://sb.fhir.mhbapp.com/pa/api/v1/ExplanationOfBenefit?use=preauthorization |
| Provenance | https://sb.fhir.mhbapp.com/pa/api/v1/Provenance |
Request Headers
All requests for Patient Access API profiles require the following headers
| Header | Value |
|---|---|
| content-type | application/json |
| accept | application/json |
| authorization | Bearer |
Sample Queries and Data
Acentra Health Interoperability Solution’s Sandbox environment provides synthetic but reliable dataset to facilitate testing Patient Access API. The sandbox dataset is representative of real data and ensures consistency across the dataset.
Important information for Application Owners
| Topic | Reference |
|---|---|
| CARIN Alliance Code of Conduct | https://www.carinalliance.com/our-work/trust-frameworkand-code-of-conduct/ |
| Privacy, Security and HIPAA | https://www.healthit.gov/topic/privacy-security-and-hipaa |
| ONC Model Privacy Notice | https://www.healthit.gov/topic/privacy-security-and-hipaa/model-privacy-notice-mpn |