Making your provider data secure is a priority for us
To ensure your provider data and your patients’ data are as secure as possible, we’ve implemented additional security for prism accounts by creating a prism Security Administrator (pSA) role. Practices and facilities will review and approve or deny all affiliation requests for their group, which gives access to the group’s data like claims, authorizations and reporting. This security feature also gives Security Admins visibility to everyone who has access today.
Starting September 23, prism users will only be able to affiliate to groups or facilities that have a pSA. If the group doesn’t have a pSA, users will not be able to access the group’s data until the group assigns a pSA.
Determining and assigning a pSA at your provider group or facility
We rely on each practice or facility to assign a pSA through prism. We recommend groups who have more than 10 user affiliations have additional pSAs and that your Security Admin(s) are:
- A prism user already affiliated in prism with the practice group or facility
- A practice manager, compliance director or administrator for the provider group or organization
To become your group's pSA, submit a request through prism under General Requests, then prism Security Admin (pSA) Assignment.
How users add a group or facility affiliation in prism
New prism users won’t get automatic access to provider groups or facilities. Now, users will be notified that a request was submitted to the group’s pSA for approval.
Requesting a group/facility affiliation during prism registration
- Register for a prism account.
- Enter a valid provider group Tax ID and NPI combination and submit.
- You’ll either receive an email if your account is approved, or being reviewed. If approved, you'll be prompted to complete registration. If you're account is in review, we’ll let you know when your account has been approved so you can complete registration.
- Your group/facility affiliation request will be sent to the Security Admin for that group. You’ll receive a separate email once the pSA has approved your request for access.
If you’re a pSA for your provider group or facility
The pSA is responsible for approving or denying any prism user requesting an affiliation to their group. Approving the affiliation gives the user access to the group’s data, like claims, authorizations and reporting. Click on the headings below for more information on how to view and approve or deny requests and add or remove additional pSAs.
View affiliation requests for your group
- Login to prism and click the Security Admin link at the top of your homepage. Only pSAs can see this link and access this page.
- View your affiliation requests under the Affiliations Requests tab.
Approve or deny affiliation requests for your group
- Under Affiliation Requests, you’ll see all requests submitted by other prism users who want access to your group or facility.
- Review each user, their account/group affiliation, and email address. Approve or Deny each request.
- The status of the user’s application will update in prism once you make a selection, and they will get an email notifying them of their status change. If approved, users will have access to your group right away.
- If approved, the request will move to the Approved Affiliations tab. If denied, the request will be removed from the list.
Third Party Administrators (TPA)
If a user is from a TPA, the TPA column will display Yes. To approve or deny a TPA user, you must open the TPA request details by clicking the link in the TPA column for that request. A separate window will appear giving you additional details on the user’s affiliation, with the option to either Approve or Deny links.
Remove a user's affiliation to your group
If a user leaves your organization or should no longer have access to the data, you’re responsible for removing their access.
- In prism, go to your Security Admin page to view all users affiliated to your group or facility.
- Select Approved Affiliations.
- Review all users or use the search to find a specific user by name or email.
- On the contact’s affiliation row, click the trash can icon. Select Yes when asked “are you sure?”
- The user is removed from your group and will no longer have access to your data. This action won’t affect the user’s access to prism or other affiliations. The user will get an email notifying them of this change, with the pSA contact information to reach out with questions.
Renewing affiliated users' access
Every year between June 1 and Aug. 1, follow these steps to review your affiliated users:
- In your prism account, select Security Administration, then Affiliation Requests.
- Navigate to your Affiliations table and select Affiliation Renewals at the far right of the table.
- Review the users currently affiliated with your provider group/facility and determine if they should be renewed. Once you select the user by checking the box, an Approve or Deny button will appear. Note: you can select multiple users at one time to approve or deny.
- Confirm your selection.
Unsure if the users are still employed by your organization or need to check with another department before you renew? You can select Download Pending Renewals to get an Excel sheet to share with others.
Important: If users aren’t renewed, they'll automatically be removed from the provider affiliation after Aug. 1. It’s important for pSAs to review all renewals and take action to ensure access isn’t disrupted.
Adding or removing prism Security Admins
Adding additional pSAs to your provider group
To add a prism security admin to your group, submit a General Request and select prism Security Admin (pSA) Assignment under the Web Tools & Services section. We’ll review the request for additional pSAs.
Removing or changing your group’s pSA
To remove additional pSAs from your group, you can remove their affiliation, which will remove their pSA access.
If you need to remove a pSA from your group without removing their affiliation to the group, submit a General Request and select prism Security Admin (pSA) Assignment under Web Tools & Services to remove their pSA status.
Note: If your role changes within your organization or a different pSA needs to be assigned, please follow the steps above to submit a replacement pSA for your group. A new pSA must be assigned before removing the current pSA user.
prism Security Administration (pSA) FAQs
General FAQs
A: A pSA is a prism user assigned through their organization to review and approve or deny prism users who request access to their group or facility. Previously, users could automatically get access in prism by adding an NPI and TIN.
A: To improve the security of your practice and patient data, we’ve implemented additional security within prism and created the prism Security Administrators role. This allows your group to review and approve all affiliation requests, and access your data, instead of Priority Health.
A:Yes, it's required for all provider organizations, including practices, facilities and hospitals to have at least one pSA assigned to their group (NPI/TIN). We strongly recommend several pSAs be assigned for larger provider entities who may have more than 20 users affiliated.
A: If a group doesn’t meet the pSA requirement, their affiliation requests will be approved following the previous process.
FAQs for prism Security Admins
A: You should be a prism user who’s already affiliated to your group and in an administrator role at your organization or facility. To gain access, submit a request through prism under General Requests, then prism Security Admin (pSA) Assignment. Note: Contracted Third-party administrators (TPAs) for provider groups can't request themselves or others to become a pSA.
A: When you’re designated as a pSA in prism, you’ll receive an email about your assignment and emails for affiliation requests for access to your group or facility. When you log in to prism, you’ll see Security Admin on your prism homepage.
A: Yes, and they can all view requests and see a list of other pSAs at the group, along with who’s approved each request. We recommend groups have at least two pSAs.
A: Yes, you’ll need to submit a General Request in prism to add additional pSAs to your group. Select prism Security Admin (pSA) Assignment.
A: No, pSAs need to be assigned for each individual provider group and facility (unique NPI) under the ACN.
A: You’ll receive a daily email with a summary of all requests and can see all affiliation requests on your prism Security Administration page.
A: Yes. pSAs can remove users from your list of approved affiliations anytime by clicking the trash can icon next to the user. If an employee leaves your organization, it’s the responsibility of the pSA to remove their access to your group in prism.
A: No, only Priority Health Tech Support can change the pSA designation for a user. To remove yourself as your group’s pSA, you’ll submit a General Request under prism Security Admin (pSA) Access. Note: if you’re the only pSA for your group, another user must request pSA access prior to your access being removed.
A: pSAs will be prompted to review their users access annually, but you should be making updates as soon as someone requests access or needs to be removed.
FAQs for prism users
A: If you've submitted a request for access to a provider group or facility, you can see your status and follow-up with your pSA by clicking on your profile, then selecting Follow-Up on the far right of the page. Your pSA's contact information will appear in the pop-up window.
A: No; however, affiliations will be reviewed annually by the group’s Security Admin and you may need to resubmit an affiliation request or be contacted by the pSA.
A: If you’re a new prism user, once your account is approved, you won’t have access to any provider groups/affiliations until your affiliation request is approved by the group’s pSA.
A: The group’s pSA will be responsible for reviewing and approving all requests for access to their data. We ask pSAs to approve requests within two business days. Users will have the option to send a follow-up reminder to the group’s pSA through their prism account.
A: You’ll receive an email that your request for access is approved. You can also see the status of your request in your profile page in prism.
A: You can reach out to the pSA listed on your profile page.
A: Follow up with the group’s pSA by going to your pending requests in your profile, and selecting “Follow up”, which will send an automatic reminder to all the pSAs of that group that there’s a pending request. Users can follow up with the pSA as much as they’d like through this feature. You can also reach out to them directly through your organization’s communication channels.
A: If you’ve made more than three attempts (follow-ups) to the pSA, contact Tech Support at 800.942.4765 for next steps.
A: Yes, but each provider group has a pSA that has to approve access to their organization or facility.
A: You should work with your human resources of compliance teams to ensure the users who have access to your group should.