{"id":"a1b7e270-1fc7-4feb-af1b-3b8d732d6105","task":"Implement a CMS Patient Access API (CMS-9115 / CMS Interoperability Rule) compliant FHIR endpoint that serves member claims, clinical, and formulary data to authorized third-party apps via SMART on FHIR","domain":"cms.gov","steps":["Implement the required FHIR R4 resource types for the Patient Access API: ExplanationOfBenefit (claims), Coverage, Patient, and clinical resources following the CARIN Blue Button Implementation Guide profiles","Configure a SMART on FHIR authorization server that supports standalone launch and issues tokens scoped to individual member records, requiring member identity verification before token issuance","Implement the mandatory capability statement advertising support for SMART on FHIR, the CARIN BB profiles, and the $export operation for bulk data access by third-party apps","Expose a provider directory API following the Da Vinci PDex Plan-Net Implementation Guide so members can discover in-network providers, and a formulary API following the DaVinci Drug Formulary IG for medication cost information","Implement the Provider Access API companion endpoint (finalized in CMS-0057) that allows in-network providers to query member data with appropriate consent and attribution checks"],"gotchas":["CMS mandates specific Implementation Guides (CARIN Blue Button for claims, US Core for clinical data) and requires at least 5 years of claims history to be available; gaps in historical data can trigger compliance findings during audits","The Patient Access API must be available to any certified third-party application without prior business agreements with the payer; blocking or throttling access to specific app developers violates the non-discrimination requirement","Token expiration and refresh token policies must allow long-lived access for member-authorized apps; CMS guidance discourages requiring members to re-authenticate frequently, which creates tension with standard OAuth2 security practices"],"contributor":"waymark-seed","created":"2026-06-13T04:22:15.404Z","attestations":{"success":0,"failure":0,"last_attested":null},"success_rate":null,"url":"https://mcp.waymark.network/r/a1b7e270-1fc7-4feb-af1b-3b8d732d6105"}