On this page:
   65.0    Get Started
  • How-to Guides
  • 65.0 Get Started
  • 65.1 Setup Prior Auth for Providers
  • 65.2 Setup Prior Auth for Payers
  • 65.3 Troubleshoot Prior Auth Issues
    • 65.2    Setup Prior Auth for Payers   
    Table of Contents

    Setup Prior Auth for Providers

    65.1.1Setup Prior Auth for Providers

     

    This section describes the steps required for a healthcare provider to setup the Prior Authorization Solution within their Smile HDP environment.

    65.1.1.1Overview

    Healthcare providers primarily engage with the Prior Authorization Solution to streamline the submission of prior authorization requests through structured workflows and to ensure compliance with payer documentation requirements:

    • Coverage Requirements Discovery (CRD): Providers utilize CRD to access payer-specific clinical rules and coverage requirements, enabling them to determine in advance whether prior authorization is needed and what information to submit.
    • Documentation Templates and Rules (DTR): Providers leverage DTR to access structured questionnaires and templates that capture the necessary clinical documentation for authorization requests. This ensures completeness and compliance with payer requirements.
    • DTR SMART on FHIR (SoF) Application: Providers can integrate the DTR app into their Electronic Health Record (EHR) systems. This app facilitates the real-time capture and submission of required documentation, enhancing the efficiency and accuracy of the prior authorization process.

    65.1.2Pre-Seed Required Files

     

    Before module configuration, add these files to the config_seeding folder in the Smile classes directory:

    • search-parameters.json
    • com.search.parameters.tgz

    Note: These reference files can be obtained from Smile Support or your Technical Account Manager.

    65.1.3Start Smile

     

    Once all required files have been added, start the Smile application. (See Quick Start Guide for reference.)

    65.1.4Configure Required Modules

     

    With Smile started and pre-seeding completed, the following modules need to be configured in order to enable Prior Authorization functionality. Each module has specific dependencies and settings, so follow the steps carefully to ensure proper setup.

    65.1.4.1Configure FHIR Storage Module

    On the FHIR Storage (R4 RDBMS) module (add it if it does not already exist, or update the existing module), configure the following properties:

    1. Under FHIR Storage Package Registry, add the classpath for the pre-seed installation file (classpath:/config_seeding/search-parameters.json).
    2. Confirm Database Settings:
      • Connection URL (default: H2_EMBEDDED).
      • Database Username and Password.
    3. Under FHIR Subscription Persistence, enable REST Hook Subscription.
    4. Leave everything else as default values.
    5. Save and start (or restart) the module as needed.

    65.1.4.2Configure the Subscription Matcher Module

    On the Subscription Matcher module (add it if it does not already exist), configure the following properties:

    1. Under Dependencies:
      • FHIR Storage Module: set to the previously configured FHIR Storage module.
    2. Save and start the module.

    65.1.4.3Configure the Local Inbound Security Module

    Add the Local Inbound Security module (only if it does not already exist):

    1. Leave all configurations as default.
    2. Save and start the module.

    65.1.4.4Configure the Outbound Security Module (for SoF Launch)

    Add the Outbound Security Module and configure the following properties:

    1. Enable CORS.
    2. In SMART Callback Script section:
      • Set Authorization Request Details (whitelist) to 'launch'.
      • Set Post Authorization Script to:
      function onTokenGenerating(theUserSession, theAuthorizationRequestDetails) {
  // Ensure launch parameters exist
  const launch = theAuthorizationRequestDetails.launch;
  if (launch) {
    // Extract FHIR resource references from launch
    const regex = /([A-Za-z]+\/[^"]+)/g;
    const matches = launch.match(regex);
    if (matches) {
      matches.forEach(resource => theUserSession.addFhirContextReference(resource));
    }

    // Extract Patient ID from launch
    const patientMatch = launch.match(/Patient\/([^"]+)/);
    if (patientMatch && patientMatch[1]) {
      theUserSession.addLaunchResourceId('Patient', patientMatch[1]);
    }
  }

  // Set fhirUser to the provider's PractitionerRole
  theUserSession.setFhirUserUrl('PractitionerRole/provider-practitioner-role-1');
}
    3. Save and enable the module.

    65.1.4.5Configure the FHIR REST Endpoint Module (DTR backend)

    (Note: This is used for $populate calls and to determine payer endpoints)

    Add the FHIR REST Endpoint module and configure the following properties:

    1. Add a Listener Port: (e.g., 8000).
    2. Add Context Path: (e.g.,/payer-fhir)
    3. Under the FHIR REST Endpoint section, set the Fixed Value for the Endpoint Base URL. (e.g., https://<host>/payer-fhir)
    4. Add Dependencies:
      • Username/Password Authentication: local_security (Local Inbound Security)
      • FHIR R4 Storage: Set to the previously created FHIR Storage module.
    5. Save and start the module.

    65.1.4.6Configure the FHIR REST Endpoint Module (Provider)

    (Note: This allows access to Provider FHIR resources using the FHIR endpoint specified as the iss parameter during a SMART on FHIR app launch)

    Add the FHIR REST Endpoint module and configure the following properties:

    1. Add a Listener Port: (e.g., 8000).
    2. Add Context Path: (e.g.,/provider-fhir)
    3. Under the FHIR REST Endpoint section, set the Fixed Value for the Endpoint Base URL. (e.g., https://<host>/provider-fhir)
    4. Enable Auth: OpenID Connect - OpenID Connect Security.
    5. Under Dependencies:
      • FHIR R4 Storage: Set to the previously created FHIR Storage
      • OpenID Connect Authentication: select the previously configured outbound security module
      • Username/Password Authentication: local_security (Local Inbound Security)
    6. Save and start the module.

    65.1.4.7Configure the CQL Module

    On the CQL module (add it if it does not already exist), configure the following properties:

    1. Leave all configurations as default.
    2. Add Dependencies:
      • FHIR Endpoint: set to the previously configured FHIR REST Endpoint module.
    3. Save and start the module.

    65.1.4.8Configure the Prior Auth DTR Module

    Add the Prior Auth DTR module and configure the following properties:

    1. Under Prior Authorization Documentation Templates and Requirements, confirm that Enable $questionnaire-package is set to Yes.
    2. Add Dependencies:
      • CQL: select the previously configured CQL module.
      • FHIR Endpoint: select the previously configured FHIR REST Endpoint module.
    3. Save and start the module.

    65.1.5Deploy the DTR SMART on FHIR (SoF) App

     

    The DTR app provides the user interface for providers to create, populate, and submit prior authorization requests.

    Deploy the app according to the target environment requirements (e.g., local development, containerized deployment, or server deployment). Update config.json with the appropriate FHIR endpoint and client ID values before starting the app.

    • Configuration files: config/config.json or environment variables
    • Sample configuration (config.json):
    {
  "autoSave": true,
  "clientId": "<DTR_CLIENT_ID>",
  "dtrBackend": "<FHIR_ENDPOINT>",
  "maxUploadSize": "20",
  "attachmentIncludeTypes": [],
  "attachmentExcludeTypes": [
    "application/octet-stream",
    "text/html"
  ],
  "logo": "./assets/smilelogo.png",
  "rendererConfig": {
    "enableDefaultStyles": true,
    "customStyles": ".group-label {color: #107E98;}",
    "showSubmitButton": false,
    "displayItemAuthor": true,
    "showGroupSeparator": false,
    "allowMultipleFiles": true,
    "dropDownChoiceAsDefault": true,
    "headerMarginTop": 50,
    "footerMarginBottom": 70
  }
}

    65.1.6Create OpenID Connect Client for DTR SoF App

     

    To enable SMART launch for the DTR app, an OpenID Connect (OIDC) client must be created in the Smile HDP environment.

    1. Navigate to Users and Authorization > OpenID Connect Clients in the Smile HDP Web Admin Console.
    2. Click Add Client to create a new client.
    3. Configure the following properties:
      • Client ID Must match the clientId in the DTR SoF app configuration (config.json).
      • Authorized Redirect URLs should be launch URL / base URL of DTR app (this could contain all DTR frontend app deployments + http://localhost:4200/)
      • Scopes = fhirUser launch launch/patient launch/practitioner online_access openid patient/*.read patient/DocumentReference.write
      • Auto-grant scopes: cdr_all_user_authorities
    4. Save and enable the module.

    65.1.7Setup Users and Permissions

     
    1. Users logging in to the DTR need at least the following permissions:
      • ROLE_FHIR_CLIENT
      • FHIR_ALL_READ
      • FHIR_ALL_WRITE
      • FHIR_DELETE_ALL_OF_TYPE (note: used for DocumentReference)
      • FHIR_OP_BINARY_ACCESS_WRITE
    2. ANONYMOUS user needs ROLE_FHIR_CLIENT_SUPERUSER (since connection between DTR SoF app and DTR backend is currently set up to use no authentication).

    65.1.8Load Required FHIR Resources

     

    65.1.8.1For DTR SoF:

    The DTR SMART on FHIR (SoF) app relies on specific resources in the FHIR repository to function correctly. This includes payer endpoint information and other configuration data.

    1. Ensure the FHIR repository contains the necessary Organization resources for each relevant payer with the following identifier: 
      {
  "system": "http://smiledigitalhealth.com/pa-org-identifier",
  "value": "<payer-org-id>"
}
    2. For each Organization, add Endpoint resources that reference payer services used by the DTR app. The Endpoint.identifier must include the system http://smiledigitalhealth.com/pa-org-endpoint, and the value must be set exactly as one of the following, according to the corresponding service:
      • CDEXAttachment – Handles attachment submissions to the payer
      • CDSDiscovery – Provides the CDS Hooks discovery endpoint for order-sign requests
      • DTRQuestionnairePackage – Retrieves the payer’s Questionnaire package for prior authorization
      • DTRQuestionnaireError – Receives error information related to Questionnaire processing
      • PASSubmit – Submits prior authorization requests to the payer
      • PASUpdate – Updates submitted prior authorization requests
      • PASInquiry – Queries the status of prior authorization requests

    These identifiers correspond to specific payer services and must be configured exactly as shown for the DTR app to function correctly.

    Example:

      {
    "system": "http://smiledigitalhealth.com/pa-org-endpoint",
    "value": "CDEXAttachment" 
  }

    65.1.9Launch the DTR SMART on FHIR (SoF) App

     

    The DTR SMART on FHIR (SoF) app supports SMART App Launch and allows providers to create, populate, and submit prior authorization requests. Before launching, the app must be registered with an EHR’s authorization service.

    65.1.9.1Register the App

    1. Register the app with the EHR.
    2. Provide the following information during registration:
      • Launch URL: Root of the app (e.g., http://localhost:4200 for local deployment)
      • Redirect URI: Same as the launch URL
      • Requested Scopes: patient/*.read, user/*.read, patient/QuestionnaireResponse.write, launch, online_access, openid, fhirUser, launch/patient, launch/practitioner, patient/DocumentReference.write
    3. After registration, a Client ID will be assigned. This must be added to the DTR SoF app’s config.json.

    65.1.9.2Launch the DTR App

    After registration, the DTR SMART on FHIR (SoF) app can be launched. The app must be passed a launch context, which tells it which patient and resources to load.

    The launch context should include:

    1. Patient Reference – the patient record the app will use.
    2. fhirContext references – the resources the app should load. Within fhirContext:
      • One active Coverage resource indicating the coverage(s) associated with the documentation to be captured
      • Exactly one of the following:
        • An Order (ServiceRequest, DeviceRequest, or NutritionOrder)
          (Used when launching DTR for a new session or based on CRD recommendations)
        • An existing incomplete QuestionnaireResponse previously created with DTR
          (Used when relaunching DTR to continue a previous session)
        • A Questionnaire Task
          (Used when launching from CDex or PAS workflows)

    To launch the DTR app, use the following URL format: <dtr_sof_app_launch_url>?iss=<fhir_provider_endpoint>&launch=<launch_context>

    Where:

    • <dtr_sof_app_launch_url> – the base URL of the DTR SMART on FHIR app (e.g., http://localhost:4200)
    • <fhir_provider_endpoint> – the FHIR server URL of the provider, used to fetch patient and resource data
    • <launch_context> – containing patient and fhirContext references as described above.

    Example: http://localhost:4200/?iss=http://localhost:8200/&launch=[{"reference":"ServiceRequest/SleepStudy"},{"reference":"Patient/positive"}]

    Note: The FHIR Endpoint (Provider) module will be used to retrieve resources in the launch context and to store or reload the QuestionnaireResponse.

       65.0    Get Started
  • How-to Guides
  • 65.0 Get Started
  • 65.1 Setup Prior Auth for Providers
  • 65.2 Setup Prior Auth for Payers
  • 65.3 Troubleshoot Prior Auth Issues
    • 65.2    Setup Prior Auth for Payers