Conformance Expectations

Da Vinci Prior Authorization Support (PAS) FHIR IG, published by HL7 International / Financial Management. This guide is not an authorized publication; it is the continuous build for version 2.2.0-snapshot built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/davinci-pas/ and changes regularly. See the Directory of published versions

Page standards status: Trial-use

Highlight text changes?

This page contains a table listing all the free-text conformance statements found in the IG. This table is provided as a useful summary for implementers for the purpose of evaluating key features and to support testing. However, reading this table alone is insufficient to understand or successfully implement the specification:

The table only includes conformance expectations expressed as free text. It does not include the computable expectations represented in capability statements, profiles, value sets, etc.
The text text in the table only includes the 'formal' requirement. It does not provide the contextual language around the statement that will be needed for successful explanation. The 'id' of each statement is a hyperlink to the place it appears in the text to assist with gathering the needed context.

A few other notes:

The ids are generally specific to the pages on which the requirements appear, but not always. If content is moved from one page to another, the id will remain the same.
While ids start as contiguous, as the specification is updated, it is possible some conformance statements will be removed, which will create a gap in the numbers. This is not an error.
Ids are not final until published in an official release. At that point, ids will not be changed.
It is possible for the text of a given rules to change somewhat from one release to another so long as the intention of the rule is the same. If the intent has a significant change, the old rule will be removed and a new one added in its place.
The actors are broken down into 'client' and 'server'. There may be multiple systems that actually compose those logical entities which will vary from implementation. It will be up to implementers to determine how the various conformance statements will apply to the actal systems in their architecture.
The categorizations are general. In practice, all 'exchange', 'ui', and 'storage' requirements are some aspect of 'processing' requirements. The categories will give hints as to the architectural layer a requirement will apply to, but there is nothing definitive implied by the category(ies) listed.

The controls at the top of the table allow filtering the content to particular requirement subsets that may be of interest. As well, a computable representation (XML and JSON) of the requirements can be found here.

Id Expectation Conditional? Actor(s) Category(ies) Rule

SHALL
MAY
SHOULD
SHALL NOT
SHOULD NOT Yes
No
Any PAS Client
PAS Payer exchange
privacy
storage

§1 SHALL spec-77:A subscription-based mechanism SHALL be used by the client to be informed of updates to the authorization.

§2 SHALL spec-77:A subscription-based mechanism SHALL be used by the client to be informed of updates to the authorization. ^§1

§3 SHALL spec-33:Each item returned on the PAS ClaimResponse SHALL echo the same item.sequence as that same item had on the Claim. The item.sequence element SHALL serve as the main tracing identifier of items throughout requests and responses.

§4 SHALL spec-33:Each item returned on the PAS ClaimResponse SHALL echo the same item.sequence as that same item had on the Claim. The item.sequence element SHALL serve as the main tracing identifier of items throughout requests and responses. ^§3

§ainfo-1 MAY PAS Payer exchange Payers MAY request additional information in a number of ways

§ainfo-2 SHALL PAS Payer exchange When a single LOINC code is used, the TRN at the X12 278 header or line level associated with the 102089-0 LOINC code SHALL be the DTR context ID used to retrieve the appropriate questionnaire.

§ainfo-3 SHALL PAS Payer exchange The PAS task profile SHALL be used to convey PAS X12 278 Response information to CDex.

§ainfo-4 SHOULD PAS Payer exchange All of the additional information request codes SHOULD be used as input to a CDex task.

§ainfo-5 SHALL PAS Payer exchange When the LOINC code 102089-0 is present, the associated TRNs SHALL also be exchange as Task.input.

§ainfo-6 SHALL PAS Payer exchange A separate task SHALL be created for each of the above attachment request types (PWK01, LOINC, questionnaire).

§conf-1 SHALL PAS Payer Payers SHALL have a distinct endpoint for each different supported version (which are not inter-version compatible) of the PAS specification.

§conf-2 SHALL PAS Payer If a payer supports endpoint discovery, they SHALL have at most a single endpoint for each combination of version of the specification and coverage (e.g., Medicare, Medicaid, or commercial) they provide coverage under.

§conf-3 SHALL PAS Payer If a payer does not support endpoint discovery, they SHALL expose only one PAS endpoint of each supported version capable of handling all coverages.

§conf-4 SHALL PAS Payer PA Intermediary Systems SHALL be capable of processing all data elements that are marked as Must Support on the Claim Request and Claim Inquiry.

§conf-5 SHALL NOT PAS Payer They SHALL NOT generate an error or cause the application to fail due the presence of any data element marked as Must Support.

§conf-6 SHALL PAS Payer PA Intermediary Systems SHALL be capable of returning resource instances containing any of the data elements that are marked as Must Support on the Claim Response and the Claim Inquiry Response.

§conf-7 SHALL PAS Client PA Client Systems SHALL be capable of receiving all data elements that are marked as Must Support on the Claim Response and the Claim Inquiry Response.

§conf-8 SHALL NOT PAS Client They SHALL NOT generate an error or cause the application to fail when receiving any data element that is marked as Must Support.

§conf-9 SHOULD NOT PAS Client PA Client Systems SHOULD NOT send any data elements that are not marked as Must Support.

§conf-10 MAY PAS Payer If these data elements are included in a Claim Request or Claim Inquiry, the receiving PA Intermediary System MAY ignore those elements.

§conf-11 SHALL NOT PAS Client
PAS Payer When processing prior auth requests and additional data submissions, PAS services SHALL NOT depend on or set expectations for the inclusion of resource instances not compliant with profiles defined in this guide, CRD, DTR, HRex, or US Core.

§conf-12 SHALL NOT PAS Client
PAS Payer Similarly, they SHALL NOT depend on or set expectations for the inclusion of any data elements not marked as mandatory (min cardinality >= 1) or mustSupport in those profiles.

§conf-13 MAY PAS Client
PAS Payer If the proposed change is adopted and published in the PAS continuous integration build or the CI build of one of its dependencies (e.g. US Core), implementations MAY, by mutual agreement, pre-adopt the use of those additional profiles and/or mustSupport data elements and not be considered in violation of #1 above.

§conf-14 SHALL NOT PAS Client
PAS Payer 2. Where cardinality and other constraints present in profiles allow data elements to be omitted, PAS compliant systems SHALL NOT treat the omission of those elements as a conformance error.

§conf-15 SHALL PAS Client
PAS Payer 3. PAS clients and services SHALL use standard PAS data elements (i.e. elements found within PAS-defined or inherited profiles and marked as mandatory or mustSupport) to communicate needed data if such elements are intended to convey such information.

§conf-16 SHALL NOT
MAY PAS Client
PAS Payer 4. PAS implementing organizations SHALL NOT publish guidance setting expectations for where certain data elements are conveyed within PAS and inherited data structures, but MAY submit change requests to PAS, HRex, or US Core requesting that additional guidance be provided to implementers on data structure usage to increase consistency across implementations.

§metric-1 SHOULD
MAY PAS Client
PAS Payer storage Each of these IGs recommends a set of metrics that SHOULD or MAY be collected by their respective implementations to facilitate the evaluation of adoption, functionality, processes, and improved outcomes.

§metric-2 SHOULD PAS Client
PAS Payer storage PAS implementers SHOULD store information for each PAS call in a manner that would allow them to respond to measures based on this logical model.

§priv-1 SHALL NOT
SHALL PAS Client privacy Implementations SHALL permit provider review of data prior to transmission, but SHALL NOT require such review.

§priv-2 SHOULD PAS Payer privacy Payers who do not view the FHIR version of the transmitted information SHOULD be aware of the possibility of these limitations and ensure they have policies that enforce appropriate sharing constraints on data.

§priv-3 SHOULD
MAY PAS Client
PAS Payer privacy PAS Servers SHOULD support server-server OAuth and MAY support mutually authenticated TLS.

§prof-1 SHALL PAS Client
PAS Payer exchange Timings SHALL have at least a count, frequency and period, a calendarPattern, or a deliveryPattern

§prof-2 SHALL PAS Client
PAS Payer exchange Quantities SHALL have a value and either a unit or a code

§prof-3 SHALL PAS Client exchange The Claim instance of the update Bundle SHALL reference the updated Claim instance within the Claim.related.claim element. Note that the presence of this reference and the requirement that referenced instances be included in the submitted Bundle implies that the instance representing the prior version of the Claim SHALL be included in the update Bundle.

§prof-4 SHALL PAS Client exchange The Claim instance of the update Bundle SHALL contain within the Claim.item element each item requested in the updated claim and any prior versions of the claim, including requested items that have been added, modified, deleted, or left unchanged during this or previous updates.

§prof-5 SHALL PAS Client exchange The Claim instance of the update Bundle SHALL contain within the Claim.supportingInfo element each piece of supporting documentation submitted with the updated claim and any prior versions of claim, including supporting documentation that has been added, modified, deleted, or left unchanged during this or previous updates.

§prof-6 SHALL PAS Client exchange Each Claim.item entry that represents an item no longer being requested, whether removed in this update or a previous one, SHALL be flagged using the infoCancelledFlag modifierExtension and SHALL have the code 3 (Cancel) in the Certification Type extension.

§prof-7 SHALL PAS Client exchange Each Claim.supportingInfo entry that is no longer to be used when evaluating the request, whether removed in this update or a previous one, SHALL be flagged using the infoCancelledFlag modifierExtension.

§prof-8 SHALL PAS Client exchange Each Claim.item and Claim.supportingInfo entry that has been changed as a part of this most recent update, including removal, SHALL be flagged using the changed extension with a value of changed.

§prof-9 SHALL PAS Client exchange Each Claim.item and Claim.supportingInfo entry that has been added as a part of this most recent update, SHALL be flagged using the changed extension with a value of added.

§prof-tim-2 SHALL If a code is present, it SHALL use the X12 quantity units.

§spec-1 SHALL X PAS Client
PAS Payer Along with the profiles defined in the PAS implementation guide, implementations SHALL also support the US Core R4 profiles for Condition, Observation, and Procedure.

§spec-2 SHOULD X PAS Client
PAS Payer They SHOULD support any other profiles relevant to the types of prior authorizations they process.

§spec-3 SHOULD X PAS Client
PAS Payer Clients and Servers supporting this implementation guide SHOULD also comply with the Da Vinci Coverage Requirements Discovery (CRD) and Documentation Templates and Rules (DTR) implementation guides.

§spec-4 SHALL X PAS Client
PAS Payer Every system claiming conformance to this IG SHALL comply with the Security and Privacy page in the Da Vinci HRex guide.

§spec-5 SHALL X PAS Payer If a payer supports endpoint discovery, they SHALL have at most a single endpoint for each coverage (e.g., Medicare, Medicaid, or commercial) they provide coverage under.

§spec-6 SHALL X PAS Payer If a payer does not support endpoint discovery, they SHALL expose only one PAS endpoint capable of handling all coverages.

§spec-11 SHOULD All of this SHOULD happen synchronously with a maximum of 15 seconds between the user initiating the prior authorization request and seeing the resulting response - i.e. including network transmission time for request and response.

§spec-12 SHOULD NOT NOTE: The Claim Inquiry response does not include all of the information that can be returned in a request response, such as any request for additional information, so the inquire operation SHOULD NOT be used by the client while waiting for final results.

§spec-13 MAY Provider and EHR Vendor organizations MAY leverage the payer registry developed by PDex (which will eventually fold into the national directory under FAST) as a means of determining which endpoints exist for which payers as candidates for configuration.

§spec-14 SHALL The Bundle SHALL be encoded in JSON.

§spec-15 SHALL The first entry in the Bundle SHALL be a Claim resource complying with the profile defined in this IG to ensure the content is sufficient to appropriately populate an X12N/005010X217 message.

§spec-16 SHALL Additional Bundle entries SHALL be populated with any resources referenced by the Claim resource (and any resources referenced by those resources, fully traversing all references and complying with all identified profiles).

§spec-17 SHALL Note that even if a given resource instance is referenced multiple times, it SHALL only appear in the Bundle once.

§spec-18 SHOULD E.g., if the same Practitioner information is referenced in multiple places, only one Practitioner instance SHOULD be created - referenced from multiple places as appropriate.

§spec-19 SHALL Bundle.entry.fullUrl values SHALL be:

§spec-20 SHALL All GUIDs used SHALL be unique, including across independent prior authorization submissions - with the exception that the same resource instance being referenced in distinct prior authorization request Bundles can have the same GUID.

§spec-21 SHALL Relevant resources referenced by those "supporting information" resources SHALL also be included (e.g. prescriber Practitioner and Medication for a MedicationRequest).

§spec-22 SHALL Any such resource that has a US Core profile SHALL comply with the relevant US Core profiles.

§spec-23 SHALL All "supporting information" resources included in the Bundle SHALL be pointed to by the Claim resource using the Claim.supportingInfo.valueReference element.

§spec-24 SHOULD To attach non-FHIR instance data such as PDFs, CDAs, JPGs, a DocumentReference instance SHOULD be used.

§spec-25 SHALL The Claim.supportingInfo.sequence for each entry SHALL be unique within the Claim.

§spec-26 SHALL All resources SHALL comply with their respective profiles.

§spec-27 SHOULD
MAY FHIR elements not marked as 'must support' MAY be included in resources within the Bundle, but client systems SHOULD have no expectation of such elements being processed by the payer unless prior arrangements have been made.

§spec-28 SHALL
MAY Systems that do not process such elements SHALL ignore unsupported elements unless they are 'modifier' elements, in which case the system MAY treat the presence of the element as an error.

§spec-29 SHALL In addition, the system SHALL make the entire PAS FHIR Bundle available to the intended payer.

§spec-30 MAY The method MAY be based on the X12 275 or another method that trading partners have agreed to use.

§spec-31 SHALL If the X12 275 is used for this purpose, the 275 BDS01 Filter ID Code element SHALL be set to "B64" and the CAT02 Attachment Information Format Code element SHALL be sent to "HL".

§spec-32 SHOULD Translation/mapping systems SHOULD be aware that if the size of the attachments as part of a claims submission would exceed the size limitations of a particular recipient, the intermediary SHOULD split the attachments into separate 275s to remain within the overall limit.

§spec-35 SHALL The Bundle SHALL start with a ClaimResponse entry that contains information mapped from the 278 response.

§spec-36 SHALL When converting additional Bundle entries, the conversion process SHALL ensure that only one resource is created for a given combination of content.

§spec-37 SHOULD E.g. if the same Practitioner information is referenced in multiple places, only one Practitioner instance SHOULD be created - referenced from multiple places as appropriate.

§spec-38 SHALL When echoing back resources that are the same as were present in the prior authorization request, the system SHALL ensure that the same fullUrl and resource identifiers are used in the response as appeared in the request.

§spec-39 SHALL In these instances, the receiving system SHALL return OperationOutcome instances that detail why the Bundle could not be processed and no ClaimResponse will be returned.

§spec-40 SHALL For instances where the authorized item is a modification of the requested item, the requested item SHALL be returned in the ClaimResponse.item with an adjudication status of A6 - 'Modified'.

§spec-41 SHALL The actual authorized item SHALL be returned in the ClaimResponse.addItem.

§spec-42 SHOULD The new intent of this extension is to indicate what was authorized which SHOULD match what was requested since the ClaimResponse.item does not have this information.

§spec-43 SHALL If what has been authorized is different, then the ClaimResponse.addItem SHALL be used.

§spec-44 SHOULD Recipients of the transactions SHOULD respond as indicated below and senders of the transaction SHOULD look for the following responses and then take appropriate actions.

§spec-45 SHALL All transactions in PAS are synchronous and SHALL require one of the following HTTP responses:

§spec-46 SHOULD If an OperationOutcome is received, it may have information regarding errors that SHOULD be addressed in the future, but did not cause the transaction to fail.

§spec-47 SHOULD NOTE: These errors SHOULD not be returned to the provider but SHOULD be reviewed and addressed by technical staff.

§spec-48 SHOULD Although there are no constraints on the frequency of the query, clients SHOULD ensure that no repetitive inquiries do not happen so as not to stress payer systems.

§spec-49 SHOULD To search for a specific claim, the Claim.identifier can be sent and it SHOULD be either the previously returned Administration Reference Number (REF-BB) or the Prior Authorization Number (REF-NT).

§spec-50 SHALL Intermediaries SHALL interpret the 'not-applicable' code as no product or service code.

§spec-51 SHALL This Claim Inquiry Response SHALL either reference a Claim or have a Data Absent Reason indicating why the Claim can not be referenced (eg. original claim received by fax).

§spec-52 SHOULD The referenced Claim instance SHOULD be returned if there is information in the Response that needs to be present can not be returned in the Claim Response instance.

§spec-53 SHALL the returned ClaimResponse SHALL include the current results for all submitted items, including any items changed or canceled since the original authoriation request.

§spec-54 SHALL if a specific reference number (either the REF-NT or REF-BB) is submitted and is not the 'current' number (because subsequent additions/changes/cancellations have been made to the prior authorization request), the returned record SHALL be the current authorization response - even though it no longer has the same identifier.

§spec-55 SHALL I.e. If a search is for a 'replaced' prior authorization, the search result SHALL include the 'current' prior authorization response for the most recent replacing prior authorization request.

§spec-56 MAY systems MAY withhold information about prior authorizations that are 'open' but are deemed to be not relevant to the provider (eg. prior authorization requests for sensitive care where the requesting provider is neither the ordering nor rendering provider) who is checking for the prior authorization status if not searching by a specific Claim identifier.

§spec-57 SHOULD In such situations the response SHOULD include an OperationOutcome warning that some prior authorizations have been suppressed and provide an alternative mechanism (e.g. telephone number) to provide further information if needed.

§spec-58 SHALL To retrieve the response at a later point, implementers SHALL support subscriptions.

§spec-59 SHALL Servers SHALL permit access to the prior authorization response to systems other than the original submitter.

§spec-60 SHALL They SHALL require a match on the patient member or subscriber id (identifier on the Claim.patient) plus the ordering and/or rendering provider identifier, i.e. the provider's NPI.

§spec-61 SHALL Implementers SHALL support the R4 Subscriptions referenced in the Subscriptions for R5 Backport Implementation Guide.

§spec-62 SHALL This Subscription SHALL conform to the PAS Subscription profile.

§spec-63 SHALL The Subscription filter criteria SHALL be org-identifier = [sending system identifier].

§spec-64 SHALL Intermediaries SHALL ensure that subscriptions to monitor a particular sending system's prior authorizations are only created or modified by that sending system.

§spec-65 SHALL Servers supporting subscriptions SHALL expose this as part of the Server's CapabilityStatement

§spec-66 SHALL Servers SHALL support rest-hook

§spec-67 SHALL Once the subscription has been created, the Server SHALL send a notification over the requested channel indicating that a prior authorization response submitted by the requesting provider organization has changed.

§spec-68 SHALL Due to the inquiry not supporting all of the required information needed in a PAS response, PAS Clients and Intermediaries SHALL only support subscriptions with content='full-resource'.

§spec-70 SHOULD When details of a submitted request change and a provider needs to request prior authorization of a different set of items, clients SHOULD submit an update to the previously submitted Claim.

§spec-71 MAY Servers MAY reject updates and require that a new request is made by providing the appropriate X12 error code.

§spec-72 SHALL Systems SHALL communicate a cancellation of an item if the corresponding order is canceled and a final authorization determination has not yet been received for that item.

§spec-73 SHOULD This is appropriate if the added items share the same context and SHOULD be evaluated in conjunction with the other items in the previously submitted authorization request.

§spec-74 SHALL The Claim Update Bundle SHALL contain the Claim Update instance as the first entry.

§spec-75 SHALL The Claim that is being updated SHALL be included in the Bundle.

§spec-76 SHALL NOT If that Claim instance is itself a Claim Update, its referenced Claim SHALL NOT be included.

§spec-77 SHALL All other referenced resources SHALL be included in the Bundle.

§spec-78 SHALL PAS systems SHALL ensure that prior authorizations that were initially pended remain available for query for at least 6 months after the anticipated completion of the services whose authorization was requested.

§use-1 SHALL PAS Payer exchange The intermediary SHALL always exchange a FHIR bundle with the EHR (figure 2.3)

§use-2 SHALL PAS Payer exchange The intermediary SHALL convert the FHIR bundle to and from an X12 278 (and optionally to an X12 275) if necessary to meet the HIPAA transaction requirements

§use-3 MAY PAS Payer exchange The intermediary MAY convert the X12 278 to and from a FHIR bundle and exchange it with a payer as long as the PA request and response are in an X12 278 format at some time between the exchange with the EHR and the payer

§use-4 SHOULD PAS Client exchange As well, EHRs SHOULD annotate their orders with the decisions contained in the PAS Response.

§use-5 SHALL PAS Client privacy Prior to sending clinical data as part of the PAS exchange, the provider (or their designated agent) SHALL have the ability, but not an obligation, to review patient information and where appropriate amend or withhold the submission to comply with current regulations and relevant provider policies. The provider can choose to turn off the ability to review documentation. The vendor must allow them this option.

§use-6 SHOULD PAS Client
PAS Payer exchange All exchanges SHOULD meet Federal and state regulations, including any HIPAA restrictions and restrictions on sensitive data.

Id	Expectation	Conditional?	Actor(s)	Category(ies)	Rule
§1	SHALL				spec-77:A subscription-based mechanism SHALL be used by the client to be informed of updates to the authorization.
§2	SHALL				spec-77:A subscription-based mechanism SHALL be used by the client to be informed of updates to the authorization. ^§1
§3	SHALL				spec-33:Each item returned on the PAS ClaimResponse SHALL echo the same item.sequence as that same item had on the Claim. The item.sequence element SHALL serve as the main tracing identifier of items throughout requests and responses.
§4	SHALL				spec-33:Each item returned on the PAS ClaimResponse SHALL echo the same item.sequence as that same item had on the Claim. The item.sequence element SHALL serve as the main tracing identifier of items throughout requests and responses. ^§3
§ainfo-1	MAY		PAS Payer	exchange	Payers MAY request additional information in a number of ways
§ainfo-2	SHALL		PAS Payer	exchange	When a single LOINC code is used, the TRN at the X12 278 header or line level associated with the 102089-0 LOINC code SHALL be the DTR context ID used to retrieve the appropriate questionnaire.
§ainfo-3	SHALL		PAS Payer	exchange	The PAS task profile SHALL be used to convey PAS X12 278 Response information to CDex.
§ainfo-4	SHOULD		PAS Payer	exchange	All of the additional information request codes SHOULD be used as input to a CDex task.
§ainfo-5	SHALL		PAS Payer	exchange	When the LOINC code 102089-0 is present, the associated TRNs SHALL also be exchange as Task.input.
§ainfo-6	SHALL		PAS Payer	exchange	A separate task SHALL be created for each of the above attachment request types (PWK01, LOINC, questionnaire).
§conf-1	SHALL		PAS Payer		Payers SHALL have a distinct endpoint for each different supported version (which are not inter-version compatible) of the PAS specification.
§conf-2	SHALL		PAS Payer		If a payer supports endpoint discovery, they SHALL have at most a single endpoint for each combination of version of the specification and coverage (e.g., Medicare, Medicaid, or commercial) they provide coverage under.
§conf-3	SHALL		PAS Payer		If a payer does not support endpoint discovery, they SHALL expose only one PAS endpoint of each supported version capable of handling all coverages.
§conf-4	SHALL		PAS Payer		PA Intermediary Systems SHALL be capable of processing all data elements that are marked as Must Support on the Claim Request and Claim Inquiry.
§conf-5	SHALL NOT		PAS Payer		They SHALL NOT generate an error or cause the application to fail due the presence of any data element marked as Must Support.
§conf-6	SHALL		PAS Payer		PA Intermediary Systems SHALL be capable of returning resource instances containing any of the data elements that are marked as Must Support on the Claim Response and the Claim Inquiry Response.
§conf-7	SHALL		PAS Client		PA Client Systems SHALL be capable of receiving all data elements that are marked as Must Support on the Claim Response and the Claim Inquiry Response.
§conf-8	SHALL NOT		PAS Client		They SHALL NOT generate an error or cause the application to fail when receiving any data element that is marked as Must Support.
§conf-9	SHOULD NOT		PAS Client		PA Client Systems SHOULD NOT send any data elements that are not marked as Must Support.
§conf-10	MAY		PAS Payer		If these data elements are included in a Claim Request or Claim Inquiry, the receiving PA Intermediary System MAY ignore those elements.
§conf-11	SHALL NOT		PAS Client PAS Payer		When processing prior auth requests and additional data submissions, PAS services SHALL NOT depend on or set expectations for the inclusion of resource instances not compliant with profiles defined in this guide, CRD, DTR, HRex, or US Core.
§conf-12	SHALL NOT		PAS Client PAS Payer		Similarly, they SHALL NOT depend on or set expectations for the inclusion of any data elements not marked as mandatory (min cardinality >= 1) or mustSupport in those profiles.
§conf-13	MAY		PAS Client PAS Payer		If the proposed change is adopted and published in the PAS continuous integration build or the CI build of one of its dependencies (e.g. US Core), implementations MAY, by mutual agreement, pre-adopt the use of those additional profiles and/or mustSupport data elements and not be considered in violation of #1 above.
§conf-14	SHALL NOT		PAS Client PAS Payer		2. Where cardinality and other constraints present in profiles allow data elements to be omitted, PAS compliant systems SHALL NOT treat the omission of those elements as a conformance error.
§conf-15	SHALL		PAS Client PAS Payer		3. PAS clients and services SHALL use standard PAS data elements (i.e. elements found within PAS-defined or inherited profiles and marked as mandatory or mustSupport) to communicate needed data if such elements are intended to convey such information.
§conf-16	SHALL NOT MAY		PAS Client PAS Payer		4. PAS implementing organizations SHALL NOT publish guidance setting expectations for where certain data elements are conveyed within PAS and inherited data structures, but MAY submit change requests to PAS, HRex, or US Core requesting that additional guidance be provided to implementers on data structure usage to increase consistency across implementations.
§metric-1	SHOULD MAY		PAS Client PAS Payer	storage	Each of these IGs recommends a set of metrics that SHOULD or MAY be collected by their respective implementations to facilitate the evaluation of adoption, functionality, processes, and improved outcomes.
§metric-2	SHOULD		PAS Client PAS Payer	storage	PAS implementers SHOULD store information for each PAS call in a manner that would allow them to respond to measures based on this logical model.
§priv-1	SHALL NOT SHALL		PAS Client	privacy	Implementations SHALL permit provider review of data prior to transmission, but SHALL NOT require such review.
§priv-2	SHOULD		PAS Payer	privacy	Payers who do not view the FHIR version of the transmitted information SHOULD be aware of the possibility of these limitations and ensure they have policies that enforce appropriate sharing constraints on data.
§priv-3	SHOULD MAY		PAS Client PAS Payer	privacy	PAS Servers SHOULD support server-server OAuth and MAY support mutually authenticated TLS.
§prof-1	SHALL		PAS Client PAS Payer	exchange	Timings SHALL have at least a count, frequency and period, a calendarPattern, or a deliveryPattern
§prof-2	SHALL		PAS Client PAS Payer	exchange	Quantities SHALL have a value and either a unit or a code
§prof-3	SHALL		PAS Client	exchange	The Claim instance of the update Bundle SHALL reference the updated Claim instance within the `Claim.related.claim` element. Note that the presence of this reference and the requirement that referenced instances be included in the submitted Bundle implies that the instance representing the prior version of the Claim SHALL be included in the update Bundle.
§prof-4	SHALL		PAS Client	exchange	The Claim instance of the update Bundle SHALL contain within the `Claim.item` element each item requested in the updated claim and any prior versions of the claim, including requested items that have been added, modified, deleted, or left unchanged during this or previous updates.
§prof-5	SHALL		PAS Client	exchange	The Claim instance of the update Bundle SHALL contain within the `Claim.supportingInfo` element each piece of supporting documentation submitted with the updated claim and any prior versions of claim, including supporting documentation that has been added, modified, deleted, or left unchanged during this or previous updates.
§prof-6	SHALL		PAS Client	exchange	Each `Claim.item` entry that represents an item no longer being requested, whether removed in this update or a previous one, SHALL be flagged using the infoCancelledFlag modifierExtension and SHALL have the code `3` (Cancel) in the Certification Type extension.
§prof-7	SHALL		PAS Client	exchange	Each `Claim.supportingInfo` entry that is no longer to be used when evaluating the request, whether removed in this update or a previous one, SHALL be flagged using the infoCancelledFlag modifierExtension.
§prof-8	SHALL		PAS Client	exchange	Each `Claim.item` and `Claim.supportingInfo` entry that has been changed as a part of this most recent update, including removal, SHALL be flagged using the changed extension with a value of `changed`.
§prof-9	SHALL		PAS Client	exchange	Each `Claim.item` and `Claim.supportingInfo` entry that has been added as a part of this most recent update, SHALL be flagged using the changed extension with a value of `added`.
§prof-tim-2	SHALL				If a code is present, it SHALL use the X12 quantity units.
§spec-1	SHALL	X	PAS Client PAS Payer		Along with the profiles defined in the PAS implementation guide, implementations SHALL also support the US Core R4 profiles for Condition, Observation, and Procedure.
§spec-2	SHOULD	X	PAS Client PAS Payer		They SHOULD support any other profiles relevant to the types of prior authorizations they process.
§spec-3	SHOULD	X	PAS Client PAS Payer		Clients and Servers supporting this implementation guide SHOULD also comply with the Da Vinci Coverage Requirements Discovery (CRD) and Documentation Templates and Rules (DTR) implementation guides.
§spec-4	SHALL	X	PAS Client PAS Payer		Every system claiming conformance to this IG SHALL comply with the Security and Privacy page in the Da Vinci HRex guide.
§spec-5	SHALL	X	PAS Payer		If a payer supports endpoint discovery, they SHALL have at most a single endpoint for each coverage (e.g., Medicare, Medicaid, or commercial) they provide coverage under.
§spec-6	SHALL	X	PAS Payer		If a payer does not support endpoint discovery, they SHALL expose only one PAS endpoint capable of handling all coverages.
§spec-11	SHOULD				All of this SHOULD happen synchronously with a maximum of 15 seconds between the user initiating the prior authorization request and seeing the resulting response - i.e. including network transmission time for request and response.
§spec-12	SHOULD NOT				NOTE: The Claim Inquiry response does not include all of the information that can be returned in a request response, such as any request for additional information, so the inquire operation SHOULD NOT be used by the client while waiting for final results.
§spec-13	MAY				Provider and EHR Vendor organizations MAY leverage the payer registry developed by PDex (which will eventually fold into the national directory under FAST) as a means of determining which endpoints exist for which payers as candidates for configuration.
§spec-14	SHALL				The Bundle SHALL be encoded in JSON.
§spec-15	SHALL				The first entry in the Bundle SHALL be a Claim resource complying with the profile defined in this IG to ensure the content is sufficient to appropriately populate an X12N/005010X217 message.
§spec-16	SHALL				Additional Bundle entries SHALL be populated with any resources referenced by the Claim resource (and any resources referenced by those resources, fully traversing all references and complying with all identified profiles).
§spec-17	SHALL				Note that even if a given resource instance is referenced multiple times, it SHALL only appear in the Bundle once.
§spec-18	SHOULD				E.g., if the same Practitioner information is referenced in multiple places, only one Practitioner instance SHOULD be created - referenced from multiple places as appropriate.
§spec-19	SHALL				Bundle.entry.fullUrl values SHALL be:
§spec-20	SHALL				All GUIDs used SHALL be unique, including across independent prior authorization submissions - with the exception that the same resource instance being referenced in distinct prior authorization request Bundles can have the same GUID.
§spec-21	SHALL				Relevant resources referenced by those "supporting information" resources SHALL also be included (e.g. prescriber Practitioner and Medication for a MedicationRequest).
§spec-22	SHALL				Any such resource that has a US Core profile SHALL comply with the relevant US Core profiles.
§spec-23	SHALL				All "supporting information" resources included in the Bundle SHALL be pointed to by the Claim resource using the Claim.supportingInfo.valueReference element.
§spec-24	SHOULD				To attach non-FHIR instance data such as PDFs, CDAs, JPGs, a DocumentReference instance SHOULD be used.
§spec-25	SHALL				The Claim.supportingInfo.sequence for each entry SHALL be unique within the Claim.
§spec-26	SHALL				All resources SHALL comply with their respective profiles.
§spec-27	SHOULD MAY				FHIR elements not marked as 'must support' MAY be included in resources within the Bundle, but client systems SHOULD have no expectation of such elements being processed by the payer unless prior arrangements have been made.
§spec-28	SHALL MAY				Systems that do not process such elements SHALL ignore unsupported elements unless they are 'modifier' elements, in which case the system MAY treat the presence of the element as an error.
§spec-29	SHALL				In addition, the system SHALL make the entire PAS FHIR Bundle available to the intended payer.
§spec-30	MAY				The method MAY be based on the X12 275 or another method that trading partners have agreed to use.
§spec-31	SHALL				If the X12 275 is used for this purpose, the 275 BDS01 Filter ID Code element SHALL be set to "B64" and the CAT02 Attachment Information Format Code element SHALL be sent to "HL".
§spec-32	SHOULD				Translation/mapping systems SHOULD be aware that if the size of the attachments as part of a claims submission would exceed the size limitations of a particular recipient, the intermediary SHOULD split the attachments into separate 275s to remain within the overall limit.
§spec-35	SHALL				The Bundle SHALL start with a ClaimResponse entry that contains information mapped from the 278 response.
§spec-36	SHALL				When converting additional Bundle entries, the conversion process SHALL ensure that only one resource is created for a given combination of content.
§spec-37	SHOULD				E.g. if the same Practitioner information is referenced in multiple places, only one Practitioner instance SHOULD be created - referenced from multiple places as appropriate.
§spec-38	SHALL				When echoing back resources that are the same as were present in the prior authorization request, the system SHALL ensure that the same fullUrl and resource identifiers are used in the response as appeared in the request.
§spec-39	SHALL				In these instances, the receiving system SHALL return OperationOutcome instances that detail why the Bundle could not be processed and no ClaimResponse will be returned.
§spec-40	SHALL				For instances where the authorized item is a modification of the requested item, the requested item SHALL be returned in the ClaimResponse.item with an adjudication status of A6 - 'Modified'.
§spec-41	SHALL				The actual authorized item SHALL be returned in the ClaimResponse.addItem.
§spec-42	SHOULD				The new intent of this extension is to indicate what was authorized which SHOULD match what was requested since the ClaimResponse.item does not have this information.
§spec-43	SHALL				If what has been authorized is different, then the ClaimResponse.addItem SHALL be used.
§spec-44	SHOULD				Recipients of the transactions SHOULD respond as indicated below and senders of the transaction SHOULD look for the following responses and then take appropriate actions.
§spec-45	SHALL				All transactions in PAS are synchronous and SHALL require one of the following HTTP responses:
§spec-46	SHOULD				If an OperationOutcome is received, it may have information regarding errors that SHOULD be addressed in the future, but did not cause the transaction to fail.
§spec-47	SHOULD				NOTE: These errors SHOULD not be returned to the provider but SHOULD be reviewed and addressed by technical staff.
§spec-48	SHOULD				Although there are no constraints on the frequency of the query, clients SHOULD ensure that no repetitive inquiries do not happen so as not to stress payer systems.
§spec-49	SHOULD				To search for a specific claim, the Claim.identifier can be sent and it SHOULD be either the previously returned Administration Reference Number (REF-BB) or the Prior Authorization Number (REF-NT).
§spec-50	SHALL				Intermediaries SHALL interpret the 'not-applicable' code as no product or service code.
§spec-51	SHALL				This Claim Inquiry Response SHALL either reference a Claim or have a Data Absent Reason indicating why the Claim can not be referenced (eg. original claim received by fax).
§spec-52	SHOULD				The referenced Claim instance SHOULD be returned if there is information in the Response that needs to be present can not be returned in the Claim Response instance.
§spec-53	SHALL				the returned ClaimResponse SHALL include the current results for all submitted items, including any items changed or canceled since the original authoriation request.
§spec-54	SHALL				if a specific reference number (either the REF-NT or REF-BB) is submitted and is not the 'current' number (because subsequent additions/changes/cancellations have been made to the prior authorization request), the returned record SHALL be the current authorization response - even though it no longer has the same identifier.
§spec-55	SHALL				I.e. If a search is for a 'replaced' prior authorization, the search result SHALL include the 'current' prior authorization response for the most recent replacing prior authorization request.
§spec-56	MAY				systems MAY withhold information about prior authorizations that are 'open' but are deemed to be not relevant to the provider (eg. prior authorization requests for sensitive care where the requesting provider is neither the ordering nor rendering provider) who is checking for the prior authorization status if not searching by a specific Claim identifier.
§spec-57	SHOULD				In such situations the response SHOULD include an OperationOutcome warning that some prior authorizations have been suppressed and provide an alternative mechanism (e.g. telephone number) to provide further information if needed.
§spec-58	SHALL				To retrieve the response at a later point, implementers SHALL support subscriptions.
§spec-59	SHALL				Servers SHALL permit access to the prior authorization response to systems other than the original submitter.
§spec-60	SHALL				They SHALL require a match on the patient member or subscriber id (identifier on the Claim.patient) plus the ordering and/or rendering provider identifier, i.e. the provider's NPI.
§spec-61	SHALL				Implementers SHALL support the R4 Subscriptions referenced in the Subscriptions for R5 Backport Implementation Guide.
§spec-62	SHALL				This Subscription SHALL conform to the PAS Subscription profile.
§spec-63	SHALL				The Subscription filter criteria SHALL be org-identifier = [sending system identifier].
§spec-64	SHALL				Intermediaries SHALL ensure that subscriptions to monitor a particular sending system's prior authorizations are only created or modified by that sending system.
§spec-65	SHALL				Servers supporting subscriptions SHALL expose this as part of the Server's CapabilityStatement
§spec-66	SHALL				Servers SHALL support rest-hook
§spec-67	SHALL				Once the subscription has been created, the Server SHALL send a notification over the requested channel indicating that a prior authorization response submitted by the requesting provider organization has changed.
§spec-68	SHALL				Due to the inquiry not supporting all of the required information needed in a PAS response, PAS Clients and Intermediaries SHALL only support subscriptions with content='full-resource'.
§spec-70	SHOULD				When details of a submitted request change and a provider needs to request prior authorization of a different set of items, clients SHOULD submit an update to the previously submitted Claim.
§spec-71	MAY				Servers MAY reject updates and require that a new request is made by providing the appropriate X12 error code.
§spec-72	SHALL				Systems SHALL communicate a cancellation of an item if the corresponding order is canceled and a final authorization determination has not yet been received for that item.
§spec-73	SHOULD				This is appropriate if the added items share the same context and SHOULD be evaluated in conjunction with the other items in the previously submitted authorization request.
§spec-74	SHALL				The Claim Update Bundle SHALL contain the Claim Update instance as the first entry.
§spec-75	SHALL				The Claim that is being updated SHALL be included in the Bundle.
§spec-76	SHALL NOT				If that Claim instance is itself a Claim Update, its referenced Claim SHALL NOT be included.
§spec-77	SHALL				All other referenced resources SHALL be included in the Bundle.
§spec-78	SHALL				PAS systems SHALL ensure that prior authorizations that were initially pended remain available for query for at least 6 months after the anticipated completion of the services whose authorization was requested.
§use-1	SHALL		PAS Payer	exchange	The intermediary SHALL always exchange a FHIR bundle with the EHR (figure 2.3)
§use-2	SHALL		PAS Payer	exchange	The intermediary SHALL convert the FHIR bundle to and from an X12 278 (and optionally to an X12 275) if necessary to meet the HIPAA transaction requirements
§use-3	MAY		PAS Payer	exchange	The intermediary MAY convert the X12 278 to and from a FHIR bundle and exchange it with a payer as long as the PA request and response are in an X12 278 format at some time between the exchange with the EHR and the payer
§use-4	SHOULD		PAS Client	exchange	As well, EHRs SHOULD annotate their orders with the decisions contained in the PAS Response.
§use-5	SHALL		PAS Client	privacy	Prior to sending clinical data as part of the PAS exchange, the provider (or their designated agent) SHALL have the ability, but not an obligation, to review patient information and where appropriate amend or withhold the submission to comply with current regulations and relevant provider policies. The provider can choose to turn off the ability to review documentation. The vendor must allow them this option.
§use-6	SHOULD		PAS Client PAS Payer	exchange	All exchanges SHOULD meet Federal and state regulations, including any HIPAA restrictions and restrictions on sensitive data.