The Provider Directory Application Program Interface (API) is a recent development aimed at delivering current details regarding healthcare providers and facilities to beneficiaries of the Centers for Medicare & Medicaid Services (CMS). Through this API, beneficiaries can explore healthcare providers and facilities based on various factors such as location, specialty, and other criteria. 

This API emerged as a response to the CMS Interoperability and Patient Access Final Rule. This regulation mandates health plans to furnish beneficiaries with access to precise and promptly updated provider directory information through an API. The rule's objective is to enhance access to care and guarantee that beneficiaries possess the necessary information to make well-informed decisions concerning their healthcare. 

API Description

The Provider Directory guide is built on the Fast Healthcare Interoperability Resources (FHIR) STU3 API and serves as the cornerstone of a comprehensive provider directory. It delineates the scenarios and search criteria for locating a practitioner or organization, while also specifying the essential data elements and offering fundamental query instructions. The elements outlined in this guide aim to establish a groundwork for a centralized Provider Directory. 

For more information about how to use the API, please refer to the API’s Documentation: NDE | API Methods (netsmartcloud.com) or view entry level information in the Provider Directory API Access Section below

As part of the Centers for Medicare and Medicaid Services (CMS) Interoperability and Patient Access Rule, BHSD implemented a Patient Access as publicly available API which seeks to establish beneficiaries as the owners of their health information with the right to direct its transmission to third-party applications. 

API Description  

The Patient Access API allows members to access their personal health information through a third-party application of their choosing. This API implements the HL7 FHIR implementation guides listed below. 

• https://hl7.org/fhir/us/carin-bb/ 
• http://hl7.org/fhir/us/davinci-pdex/ 
• https://build.fhir.org/ig/HL7/davinci-pdex-formulary/ 

For more information about how to use the API, please refer to the API’s Documentation: NDE | API Methods (netsmartcloud.com) . If you’re just looking for how to get started read on.

To gain access to the API developer portal, register third party applications, and request third party application client credentials, developers should first request an API Developer Portal account using our account request form: API Access Request

If you are a registered developer, you can login here.

This documentation presumes that anyone accessing the API is familiar with the implementation guides for patient access USCore (hl7.org), HL7.FHIR.US.CARIN-BB\Home – FHIR v4.0.1 and https://build.fhir.org/ig/HL7/davinci-pdex-formulary/.

Once the API Developer has an account they can register their Organization and Third Party Application(s) via the API Developer Portal.. The OAuth2 Authorization Server / Open ID Connect Provider (AS/OP) provides necessary details for establishing secure communication with the third party application.

The FHIR base server URL for the live response production environment is: https://Fhir.netsmartcloud.com/uscore/v1/. The FHIR base server URL for the demo (e.g. third party application test or sandbox environment) is: https://Fhirtest.netsmartcloud.com/uscore/v1/ .

The live response production environment capability statement is available here: https:// https://Fhir.netsmartcloud.com/uscore/v1/metadata  The demo (e.g. third party application test or sandbox environment) capability statement is available here https://Fhirtest.netsmartcloud.com/uscore/v1/metadata

An example of retrieving the live response production environment capability statement is below. Note that the HTTP Accept header is required. This command will download the capability statement into a file named netsmart-patient-cs.json:

An example of retrieving the demo (e.g. third party application test or sandbox environment) capability statement is below. Note that the HTTP Accept header is required. This command will download the capability statement into a file named netsmart-patient-cs-test.json:

Our FHIR RESTful capabilities include:

1. Support the US Core resource profiles – conformance expectation SHALL.
2. Support the CARIN-BB resource profiles conformance expectation SHALL.
3. Support the US Drug Formulary resource profiles – conformance expectation SHALL.
4. Implement the RESTful behavior according to the FHIR specification.
5. For all the supported search interactions in this guide, support the GET based search only.
6. Return the following response classes (at a minimum):
   • (Status 400): invalid parameter
   • (Status 401/4xx): unauthorized request
   • (Status 403): insufficient scopes
   • (Status 404): unknown resource
7. Support JSON source formats for all US Core, CARIN-BB and US Drug Formulary interactions.
8. Support the search parameters on each profile individually and in combination – conformance expectation SHALL.

Third party applications will need to follow the SMART on FHIR specification, version 1.0.0. Third party applications must be pre-registered in the API Developer portal. After account creation, the API Developer will be walked through registering their application organization and their third party application. Currently, the Patient Access API implementation only supports patient read resource scopes along with the Smart on FHIR scopes such as launch/patient, fhirUser, openid, etc.

Capital Blue Cross monitors API requests, and request patterns, reserving the right to block IP address(es) if API traffic originating from that address(es) frequently disrupts normal operations of the API or demonstrates patterns of behavior consistent with attempts to attack the systems providing the API.

Richer documentation is available via the NetSmart Provider Directory Resources page here

Provider Directory API Access

The provider directory is an open access and public-facing API to make provider directory information available. This API does not require any authentication for any user.

This documentation presumes that anyone accessing the API is familiar with the implementation guide for provider directory, FHIR US DAVINCI-PDEX v4.0.1. The capability statement is available here

Richer documentation is available via the NetSmart Provider Directory Resources page here

Policies