CMS Rules
The CMS Interoperability and Patient Access API ruling finalized the requirements for third party developers to interact with and access Patient Access and Provider Directory APIs. A summary of these compliance measures are below :-
Any app accessing the Patient Access API would be doing so only with the approval and at the direction of the specific patient.
The Patient Access API will allow developers to retrieve, with the approval and at the direction of an applicable Health Plan enrollee or the enrollee’s personal representative, certain data, as applicable, concerning adjudicated claims, encounter data from capitated providers, formulary data, and certain clinical data, if the Health Plan maintains any such data.
The Provider Directory API will allow developers to retrieve, as applicable, certain Health Plan provider and pharmacy directory information.
The Developer Sandbox will allow developers to test their application’s connection to the APIs without establishing production access to the APIs