Patient Viewer

For Health Plans

The Patient Viewer application is for use by your authorized staff to verify data quality and to troubleshoot any customer support issues.

You can use the Patient Viewer application to search for an individual patient (member) in a 1upHealth single-tenant environment, and view all of the clinical and claims data for that patient. After you locate a patient, you can review your members’ claims data that’s shared with third-party applications and verify the quality of the claims data.

Features of Patient Viewer

  • Search

    You can search for a patient using the patient’s first name, last name, and birth date.

  • Review a member’s data (FHIR resources)

    • FHIR resource types and totals

      Examples — ExplanationOfBenefit, Coverage, Patient, and clinical FHIR resources

    • Raw JSON with the full contents of the FHIR resource for the member

      This JSON authorizes a third-party application to receive and render the member FHIR resources in their applications.

  • Identity Provider integrations

    Identity Provider standard integrations using OpenID Connect (OIDC) or SAML allow end users to authenticate with the same credentials they use to sign in to your existing systems.

  • Maximum user session length — One hour

    After one hour, you are automatically signed out and redirected to the Sign In page.

  • Inactivity timeout — 15 minutes

    After 15 minutes of inactivity, you are automatically logged out and redirected to the Sign In page.

About User Authentication

You can enable your users to sign in to the Patient Viewer using your existing Identity Provider (IdP). Patient Viewer supports integrations with both OpenID Connect and SAML, so your users can authenticate using their existing credentials and familiar processes, using providers such as Okta, Azure Active Directory, or Google.

About User Administration

Patient Viewer supports assigning roles to each of the users you authorize to use the application. You can also revoke access for users who no longer need access.

Grant Access to New Users

When users sign in for the first time, they don’t have an assigned role or any permissions set, and can’t access the Patient Viewer application or any data.

To grant access to new users, you can contact your 1upHealth Customer Success Manager and provide a list of users that can get access to Patient Viewer.

The user access list must include the following information for each user:

  • First name

  • Last name

  • Company email address

  • The customer environments the user can access

Revoke User Access

There are two methods for revoking user access to Patient Viewer: automatic and manual.

User access is automatically revoked for users who are removed from your Identity Provider (IdP). When users are removed from your IdP (such as when employees retire), their credentials aren’t available for authentication, and they can’t sign in to Patient Viewer.

If you need to revoke access to Patient Viewer for users that will remain in your IdP database, you can contact your 1upHealth Customer Success Manager to manually remove the user role assigned to those users.

About Auditing

Each time a user signs in to Patient Viewer, immutable FHIR AuditEvent Resources are created and stored indefinitely. Audit events are logged for each FHIR API interaction between Patient Viewer and the FHIR server. Audit events include details about successful user sign in attempts, and successful patient searches. You can use a tool (such as Kibana) to review reports on aggregated metrics, such as the number of successful user sign in attempts and the number of successful patient searches over a given time period.