-
Change Request
-
Resolution: Persuasive with Modification
-
Medium
-
US Da Vinci PDex (FHIR)
-
current
-
Financial Mgmt
-
Payer-to-Payer Exchange [deprecated]
-
-
Bob Dieterle / Celine Lefebvre: 21-0-1
-
Clarification
-
Compatible, substantive
-
2.0.0-ballot [deprecated]
The step 16 of the Payer to Payer data exchange workflow reads:
"Token endpoint matches to member using MemberMatch ID and confirms that consent is still valid"
Consent being valid means, among others:
- consent_start_date < current_date < consent_end_date
- consent hasn't been revoked by the user
Because the party verifying consent validity is the old payer, which most likely has no way to contact a former customer, how do we handle a scenario in which the customer wants to revoke it?
Should it be responsibility of the Old payer, New payer or both?
A first idea has been discussed, putting the onus on the New payer to flag the consent as revoked, and trusting the New payer will not request data for which it doesn't have the rights to request.