The data masking capabilities within the Smart Claims Engine enable a member’s personally identifiable information (PII) to be masked in the system. The members who are identified in the system as employees or VIPs will have their data masked. PII will be masked on claims and other data model UIs for employees or VIPs for unauthorized users. Users with the appropriate access roles will be able to access PII data.
The fields that are masked are controlled by the Pega Foundation for Healthcare (PFHC) field attributes that identify whether a subscriber/patient is classified as an employee or VIP member. If a claim for a VIP or Employee is presented for resolution, and the user does not have the required role, then the fields will be masked. Masked fields are defined by asterisks (*) replacing the data. All reports and UI’s are mask these fields appropriately.Masking Employee & VIP data
Two indicators are included in the member data model in Pega Foundation for Healthcare. The population of these indicators drives the data masking in the UI:
- VIP (.VIPindicator)
The indicators can be seen populated for a member in the screen shot below:User roles
There are two roles in the system that enable the appropriate unmasking of data. These are:
- View_VIP_PII – Ability to view member data with the VIP indicator populated.
- View_Employee_PII – Ability to view member data with the Employee indicator populated.
The data attributes identified in the grid below are included in the masking of member/subscribers PII data on member objects, policy objects, claim objects, and authorization objects. More information on the configuration of fields for data masking can be found in the PFHC implementation guide.
|Member ID||Member first name||Member last name|
|Member middle name||Date of birth||Social Security Number|
|Policy role/relationship||Policy number||Prefix|
|Suffix||Exchange ID||Previous first name|
|Previous last name||Previous middle name||Medicaid number|
|Medicare number||Account holder name||Account number|
|Routing number||Phone number||Email address|
|Social media ID||Address||City/State/Zip|
|Subscriber ID||Subscriber number||Dependent ID|Previous topic Field level security Next topic Configuration approval flows