Defining member PII data masking requirements
The Foundation provides pre-configured access roles and capability to mask a member’s personally identifiable information (PII) on a screen when accessed by unauthorized users. Employee and/or VIP flags available on the member’s profile are leveraged to mask the sensitive information on the screen.
The Foundation provides pre-configured access privilege rules that can be used in your UI design to obfuscate desired data fields on the screen. The following sample user logins are provided to visualize the member data masking in the sample claim and authorization data instances provided with the Foundation.
Rule name | Rule type | Description |
hcuser | Operator | End user login with access to sample data portal WITHOUT privileges to view Employee or VIP member data (used to see Member Data Masking). |
hcuservip | Operator | End user login with access to sample data portal with privileges to view VIP member data and WITHOUT privileges to view Employee member data. (Used to see Member Data Masking). |
hcuseremp | Operator | End user login with access to sample data portal with privileges to view Employees member data and WITHOUT privileges to view VIP member data. (Used to see Member Data Masking). |
PegaHC:View_VIP_PII | Role | Access role with privilege to view VIP member data. |
PegaHC:View_Employee_PII | Role | Access role with privilege to view Employee's member data. |
Previous topic Pre-configured X12 5010 837 claim de-batch process Next topic General Data Protection Regulation (GDPR) support