Organization Settings

Note If you are not a health plan administrator or a representative, skip this section.

After you sign in to the Member Consent service, complete your organization settings with the information and contacts to be shown to members and their authorized representatives that establish connection through the Member Consent service and set up an identity provider for their authorization. Some of your organization information is populated from your Smart Trading organization account.

On the Organization Settings page, in Organization Details, Organization Contacts, Additional Information sections, as a health plan administrator, you can:

• Enter organization details, such as the organization's name, the address, the email, phone and fax numbers, and so on.
• View the unique portal URL of the Member Consent service that is issued for your organization and which you can copy and paste to your website for your members and their authorized representatives to use to sign in to the Member Consent service. The link is generated as soon as the Member Consent service subscription for your organization account is enabled.
• Enter primary and support contacts.
• Add relevant organization information.
• Edit or update your organization profile information.

In the IdP Settings section, you can:

• Set up the identity provider (IdP) configuration to enable the SAML/OIDC integration for an email domain of your account for your members' and their authorized representatives' authentication.
• Test the connectivity of the IdP. The test connection will redirect you to the IdP sign-in page where you can test the connection using user credentials. If the signing in is successful, the test of the connection is also successful.
• Delete a configured IdP.
• Configure the URL of the XEConnect API as a part of the application consent settings to connect to the XEConnect server where the member's application consents are stored.

In the Authorized Representative Settings section, you can:

• Configure additional data fields to collect more information on authorized representatives.
• Configure and edit the documents that are required to be digitally signed by authorized representatives.
• View the list of configured documents with the details (such as the name of the document, by whom and when this document was modified).
• View a certain configured document with the details (such as the title and description).

As a health plan representative, you can view the following:

• The organization details (such as organization's logo, the name, the type, the address, the email, phone and fax numbers, the website, and so on.
• Primary and support contacts with details (such as the first and last names, their role, email addresses, and phone numbers).
• Additional information for members and authorized representatives to view under your organization details.
• The Terms and Conditions and Privacy Policy URLs.

To complete your organization settings:

1. In Organization Details, in the Edit Organization Details dialog, enter the following information:
   • An image with your application's logo.
   • The organization name.
   • The organization type.
   • The organization's address, ZIP code, phone and fax numbers.
   • The organization website.
   • The Terms and Conditions URL to your organization's terms of service resource.
   • The Privacy Policy URL to your organization's privacy policy resource.
2. In Organization Contacts, in the Edit Contact Details dialog, enter the contact details of personnel that your members can reach out to:
   • Primary Contact: (a person who designates access, manages connection requests, and is responsible for all communications) enter the first and last name, their role, email, and phone number.
   • Support Contact: (a person responsible for triaging issues and works with help desk level support) enter the email address and phone number of your health plan's support. Avoid adding the contact information of an individual as a support contact.
3. In Additional Information, in the Add Organization Information dialog, add relevant organization information, such as an informative description of your organization and member information for your members and their authorized representatives to view under your organization details.
4. In IdP Settings, enter the details of the identity providers (IdP) and test the connection for the Member Consent service to authenticate your members and their authorized representatives. To enter the details, click Add. In the Add IdP Settings dialog, enter/select the following:
   • Line of Business: the name for the classification of business with which your members and their authorized representatives can identify and sign in, such as State Children’s Health Insurance Program, Veterans Affairs Plan, Vision HMO, Commercial, Medicare, Medicaid, and so on.
   • Use as Member IdP settings: select if the IdP settings are applicable for members.
   • Use as Auth. Rep. IdP settings: select if the IdP settings are applicable for members' authorized representatives.

     Note You can select the same IdP to be used by both members and their authorized representatives.

   • SAML: organization's identity provider that supports the Security Assertion Markup Language (SAML) 2.0 protocol.
     Click to view SAML General Settings

     In SAML General Settings, enter the following details:

     • SSO URL: configure the Single Sign On (SSO) endpoint URL of the health plan administrators' identity provider to which a browser redirects users (member or authorized representative) to sign in.
     • Logout URL: configure the remote log-out URL to where the identity provider sends log-out requests and responses.
     • Issuer: configure the issuer ID of the health plan ID.
     • Signature Verification Certificate: enter your health plan's X.509 public key certificate that the Member Consent service uses to validate assertions' correctness.

   • OIDC: organization's identity provider that supports the OpenID Connect (OIDC Federation) protocol.
     Click to view OIDC General Settings

     In OIDC General Settings, enter the following details:

     • Client ID: set up the client ID retrieved from your authorization server.
     • Client Secret: enter the client secret retrieved from your authorization server.
     • Issuer: configure the issuer ID of the health plan ID.
     • Scopes: set up the access scopes for the members or their authorized representatives.
   • In Required Attributes for Member/Authorized Representative, specify the following attributes from the IdP response:
   • Name
   • Email
   • ID
   • In Application Consent Setting, select the following:

     Note The field becomes available only if the IdP settings are applicable for members or both members and authorized representatives.

   • OIDC powered by Edifecs: select organization's identity provider that supports the OpenID Connect (OIDC Federation) protocol powered by Edifecs.
   • Edifecs XES API URL: specify the URL of XEConnect API where your application consents are managed. You can configure only one application consent redirect URL for each unique IdP connection and configure the same application consent redirect URL for multiple IdPs.
   Delete IdP

   In IdP Settings, as a health plan administrator, you can delete a specific configured IdP not to allow your members and/or their authorized representatives to authenticate through the IdP when they sign in to the Member Consent service.

   Download service provider XML metadata

   In IdP Settings, as a health plan administrator, you can download the service provider XML metadata file that contains the details of the configuration settings defined in the Member Consent service. The file becomes available, once you have saved the SAML/IdP configuration settings. To download the file in an XML format, click SAML SP Metadata.

5. In Authorized Representative Settings, do the following:
6. On the Additional Fields tab, enter the address, phone and fax numbers of the authorized representative.

   You can define additional fields to capture necessary information (such as the date of birth, the state of residence, the marital status, plan type, and so on) about a specific authorized representative. To do this, click Edit, and then, in the Fields dialog, in Additional Fields Schema, modify the JSON script of the form.

7. On the Documents tab, you can add/delete documents that are required to be digitally signed by authorized representatives. Click Add, and then, in the Add Document dialog, configure documents. To do this, enter the title of the document, and then copy and paste required tabs (/name/, /address/, /signature/, /signature-date/, /agree-to-terms/) in the document body (Description) to enable digital data capture from the signee. These tabs will be replaced with input fields when they are opened in DocuSign.