Beneficiary Claims Data API

• Significant System Management Change
• PIA Validation (PIA Refresh/Annual Review)

The document’s references to Beneficiary Claims Data Application Programming Interface (API) (BCDA) are intended to be inclusive of the program’s component parts: Accountable Care Organization (ACO) API, Data at Point of Care (DPC) API and Claims Data to Part D Sponsors (AB2D) API, unless otherwise noted. The ACO API also includes the System-to-System Authentication Service (SSAS).

ACO API is meant to allow ACOs easier access to claim and claim line data about the beneficiaries who have been assigned to their practitioners for care. Currently, the highly manual process ACOs use to access this data is a hindrance to beneficiary care, ACO API seeks to make this information more easily accessible to help ACOs and the practitioners that work with them have a fuller understanding of what's happening in beneficiaries’ lives sooner.

Centers for Medicare & Medicaid Services (CMS) provides this information today through the Accountable Care Organization - Operational System (ACO-OS) in the form of a Claims and Claim Line Feed (CCLF) download via Electronic File Transfer mailboxes. ACO API delivers the data in a structured format that allows easier and more accurate processing with less effort required by the beneficiary.

The AB2D API securely provides stand-alone Part D Plan (PDP) Sponsors with Medicare Parts A and B claims data for their active enrollees. Sponsors will be able to utilize this claims data to promote the appropriate use of medications and to improve health outcomes for their beneficiaries. AB2D also implements the Fast Healthcare Interoperability Resources (FHIR) standard.

DPC API is meant to allow healthcare providers better access to a beneficiary’s Medicare claims data. As beneficiaries move throughout the healthcare system, providers often struggle to gain and maintain a complete picture of their medical history. The DPC project fills in the gaps with claims data to inform providers with structured patient history, past procedures, medication adherence, and more. Like ACO and AB2D APIs, DPC implements the FHIR Bulk Data Access specification, which provides an asynchronous interface over the existing Blue Button Beneficiary FHIR Data (BFD) Server data model.

The information in BCDA systems includes beneficiary name, address, email, phone number, birth date, sex, race, claim information, and a Medicare Beneficiary Identifier (MBI).

DPC does an element comparison against a valid Login.gov identity and the role of a Provider’s Authorized Official in Provider Enrollment, Chain, and Ownership System (PECOS). SSN is the data element utilized for this role verification, only for Login.gov (Identification Assurance Level) IAL2 Provider Authorized Officials, which is not collected, stored nor maintained by DPC or BCDA systems.

Other data handled includes inpatient, outpatient, and pharmacy claims, including diagnoses, procedures, preventative tests, and medications. In addition, it includes data for outpatient care, hospital admissions, emergency room care, and urgent care. The underlying data model is provided by the Beneficiary FHIR Data (BFD) Server.

Production DPC API access is managed via administrative dashboard -- a component part of the DPC API project. BCDA team members administer accounts for individuals, the organizations they are part of as well as API credentials associated with said organizations.

AB2D, ACO and DPC APIs provide FHIR-formatted bulk data files to PDP Sponsors, ACOs and healthcare providers for their assigned and active beneficiaries respectively. Data at the Point of Care does not require individual beneficiary authorization, unlike the ACO API, but will allow a process for beneficiaries to opt out of data sharing.

Medicare beneficiary information (in the form of FHIR Patient, Coverage and Explanation of Benefit resources) is made available via a secure API to API clients based the beneficiaries attributed to the ACO (ACO API), healthcare provider (DPC API) or stand-alone PDP sponsors (AB2D API). Retrieval of records from the BFD Server will be done using an MBI, which is stored within BCDA systems on a permanent basis.

In the case of DPC API, healthcare providers are required to submit patient rosters identifying the beneficiaries for which they are entitled to receive data for treatment purposes under HIPAA. Patient rosters include patient name, sex, date of birth, address, phone number and MBI. In addition, healthcare providers must submit information regarding practitioners, including practitioner name, sex, address and National Provider Identifier (NPI). This information is stored by DPC API on a permanent basis.

Developers that wish to use ACO, DPC and AB2D APIs must follow standard on-boarding procedures with CMS. For those developers we store name, email address, organization, and credentials.

In the case of ACO API, developers may only be individuals from an active ACO. For DPC API, developers can be CMS employees, CMS direct contractors, or third-party developers in association with a vetted healthcare provider. For AB2D, PDP sponsors assign an "AB2D Data Operations Specialist" that has authority to access and view data provided by the API.

Requests to BCDA systems are made by API clients for a bulk data export housed in the BFD Server. An API client’s request for bulk data export is recorded as a job and tracked by a job queue. As a job is processed, requests are made to the BFD Server and responses collated into bulk export files. When a job is complete, data is made available for download by API clients.

DPC does an element comparison against a valid Login.gov identity and the role of a Provider’s Authorized Official in Provider Enrollment, Chain, and Ownership System (PECOS). SSN is the data element utilized for this role verification, only for Login.gov (Identification Assurance Level) IAL2 Provider Authorized Officials, which is not collected, stored nor maintained by DPC or BCDA systems.

• Name
• E-Mail Address
• Phone Numbers
• Medical Notes
• Date of Birth
• Mailing Address
• Medical Records Number
• Other - Medicare Beneficiary Identifier (MBI)CMS Credentials, Race, Sex

• Employees
• Public Citizens
• Business Partners/Contacts (Federal, state, local agencies)
• Vendors/Suppliers/Contractors
• Patients
• Other - Healthcare providers and their authorized delegates

ACO API delivers information about Medicare beneficiaries to ACOs to enable data analysis tasks related to the services beneficiaries receive through said ACOs.

AB2D API gives PDPs claims data to Part D Sponsors per requirements set forth in the Bipartisan Budget Act of 2018 now Public Law No: 115-123. The AB2D API uses PII to provide accurate beneficiary data to the authorized user that requests it. Beneficiaries can opt out of having their data shared by calling 1-800-MEDICARE. AB2D receives this information from BFD as its source of truth.

DPC API provides FHIR-formatted bulk data files to fee-for-service providers for their active patients as needed for treatment purposes under HIPAA. Data is shared for covered entities for treatment purposes as defined under HIPAA. Patients can choose to opt out of data sharing.

The provider SSN serves as a shared identifier between external identity proofing (IDP) services and the CMS Center for Program Integrity (CPI).

Within the BCDA system, specifically for DPC, Social Security Numbers (SSNs) are neither collected nor stored. Their usage is limited to a temporary, in-memory match between IDP and CPI for linking authorized identities to registered providers.

Published:

09-70-0532 Provider Enrollment, Chain, and Ownership System (PECOS)

09-70-0502 Enrollment Database (EDB)

09-70-0555 National Plan and Provider Enumeration System (NPPES)

09-70-0558 National Claims History (NCH)

General Services Administration (GSA)/TTS-1 Login.gov (GSA)

• Other - AB2D, ACO, and DPC APIs utilize the Blue Button BFD Server, which relies on both the Chronic Conditions Warehouse (CCW) and the Integrated Data Repository (IDR). Both the CCW and IDR are covered under separate PIAs. ACO API also receives Claim and Claim Line Feed (CCLF) data files from ACO-OS. ACO API utilizes the data in these files to associate beneficiaries with an ACO, to ensure that when an ACO makes a bulk data request, the correct beneficiaries’ information is returned to the ACO. In addition, ACO API receives opt-out data originating from 1-800-MEDICARE. The source of this data is also ACO-OS. DPC API collects information regarding patients and practitioners directly from healthcare providers. DPC, limited to Providers collects delegate last name and e-mail address.

• Within the OPDIV
• Other - For DPC, GSA's Login.gov shares PII to verify the identity of that user at the requisite level of rigor required to grant access to its services.

• Other - Other - DPC API: information regarding patients and practitioners collected directly from healthcare providers

• Within HHS Private Sector: Yes, AB2D API: the information is shared with Part D Sponsors who have properly attested within Health Plan Management System (HPMS) and received AB2D API production credentials. Additionally, PDPs are only eligible to receive the claims data after the date they have attested (as required by the public health law to be only current data) ACO API: The information is shared with authorized ACOs as a replacement for the existing manual transfer of the CCLF files that provide them with the claims data for the beneficiaries attributed to each ACO. This information is used by the ACOs to measure, manage, and attempt to improve outcomes and efficiencies. DPC API: The information is shared with authorized providers for their active patients only and for treatment purposes. This information allows providers to inform themselves with patient histories, past procedures, medication adherences, and more.

   

• Private Sector: Additionally, for DPC, authorized officials may review PII for their delegates to confirm Portal account status, limited to last name and email address.  

ACO API: Each ACO is authorized by its respective CMS Center, normally via a Data Use Agreement (DUA) or Attestation/Authorization executed between CMS and the ACO, and Information Security Agreements between CMS and the ACO.

AB2D API: PDPs must attest for each contract within HPMS to be eligible to receive current claims data. Only authorized PDPs may request, access, and use the exported data from the API. The data belongs to the sponsors and is simply processed and served by the AB2D API.

DPC API: to receive data from the DPC application, a healthcare provider must have a treatment related purpose for viewing a patient's claims history. Providers attest to their treatment purposes by submitting an attribution roster which lists the patients currently under their care.

AB2D API: The business owners are responsible for the PDPs maintaining a process for distribution of the data delivered. Additionally, the PDPs are responsible for maintaining proper attestation status within HPMS otherwise they will lose access to the data. All access is controlled and audited within Okta and can be cross referenced for accountability. This data is only disclosed to relevant parties. Job records are kept within the AB2D database.

ACO API: The business owners responsible for the ACO have existing processes for distribution of the CCLF files to the ACOs. ACO API relies on those existing procedures and augment them with system level auditing of requests and deliveries of data to the ACOs.

DPC API: Providers requesting data are bound to the Terms of Service (ToS) and have existing processes for use of data exported from the BFD service. DPC relies on these existing procedures and augments them with system level auditing of requests and deliveries of data to the providers.

ACO and DPC APIs: Medicare beneficiaries may revoke access by contacting the 1-800 Medicare Call Center and requesting to changes to their data sharing preference.

DPC Portal: Providers and their delegates must undergo rigorous identity proofing to gain access, managed outside of the BCDA system leveraging Login.gov. Providers and their delegates are not opted in by default, they may choose to not participate in the program.

AB2D API: This API does not have allow for opt out, as per the CMS Final Rule (84 FR 15680). The Final Rule specifies Part A and B data must be provided to PDPs, with no opt-out provisions. Substance Abuse and Mental Health (SAMHSA) claims data are not available to PDPs.

Every release deployment fully replaces the existing infrastructure and removes any transient data from the environment as part of the provisioning of the new environment where the application is running.

Claims data is stored in BFD. BCDA APIs cache and continually refresh this data from BFD.

Within the DPC Portal, Authorized Official PII is updated every time a Provider is linked to a new organization. Sources of current PII are Login.gov and PECOS.

• Users: Data Analysts access data in the process of managing and preparing data sets and data extracts
• Administrators: System administrators access data to manage system and troubleshoot potential issues.
• Contractors: Direct Contractors operating on behalf of the agency, using agency credentials are authorized by CMS to access data to conduct research under the assigned contract. Also, contractor staff may assist in troubleshooting any issues that may arise.

AB2D API Website
https://ab2d.cms.gov/

ACO API Website
https://bcda.cms.gov/

DPC API Website
https://dpc.cms.gov/

DPC Portal:
https://dpc.cms.gov/portal

• Session Cookies: No
• Persistent Cookies: No