Onboarding & Registration
35sandbox, participant codes, HFR, ABHA, callbacks
A1We’ve already completed ABHA integration for all our clients. For first-time NHCX onboarding, what is the procedure — can we use the same credentials?
hcx.abdm.gov.in and on the home page click “Apply for sandbox integration.” Since you’ve already done the ABHA work, you just register with NHCX and enter your client ID. When you enter the client ID a backend API hits the server and detects whether you’ve already completed the ABHA milestone(s), and auto-populates information such as nature of activity and registered address. Sometimes the registered address contains commas or special characters that aren’t allowed — remove those, fill all the details, and submit; you’ll get a “request submitted successfully” message. Registry code = your client ID (in sandbox). Role: select “provider.” Important role codes: provider, payer, and the general EUE role = 10009. Encryption key: same as the ABDM/ABHA encryption — generate the encryption certificate, encrypt it in base64 and paste it in. Endpoint URL: supply your public, accessible callback URL (you can reuse the same ABHA M1/M2 callback URL, but it must be registered on the NHCX server separately). Ignore the signing-cert path.A2We’re a software provider with ~20 hospital clients. Do we create each separately, and will all callbacks come to a single URL?
A3How do I apply for the HFR ID so I can communicate it to insurers and TPAs? Is it the same as the ABDM/NDHM hospital ID?
Dr.harikrishnan@hp.abdm); (5) once the facility is approved, a certificate is issued — that certificate is the HFR ID, which you communicate to insurance companies and TPAs. To add a facility not yet listed, use “Add new facility,” enter your Rohini registration ID, search for your hospital, enter a pincode, and update ownership/facilities/manpower/photographs/registration certificates. You also need to link the Health Bridge ID, provided by your EMR supplier.A4How do I actually get started with NHCX integration — what’s the very first API call?
A5What is the full onboarding / go-live path?
A6We’ve completed M1 and are working on M2. Is there documentation for how to take M1/M2 live? Is there a technical video showing how M1/M2/M3 work for NHCX?
A7Is NHCX Level 1.1 the same as ABHA M1? And how do you create ABHA in bulk (e.g. for group health insurance)?
name@abdm ABHA Address for user-facing communication).A8At any given time, can a hospital have two competing HMIS softwares submitting claims? What stops a rival from onboarding “my” hospital?
A9If our software runs at multiple hospitals, do we get one credential or many? Can we use the same bridge URL and same client ID across all of them?
A10How do we set up the callback URL for a participant, and how do we know which callback maps to which participant ID (as with ABDM’s “get services”)?
A11If we have any question at integration time, whom do we contact?
hcx.integration@nha.gov.in (also given as hcx.integration@nhai.gov.in in one session) — send your queries there. There is also a WhatsApp integrator group; the link is shared on request. Session recordings are uploaded to the sandbox website.M1What are the ABHA creation methods, and how does the mobile-OTP flow work?
M2When we’ve already captured eKYC, can we create ABHA from the back end without sending the beneficiary online again?
M3With demo auth, isn’t there a risk of creating a duplicate ABHA each time?
M4Is the biometric / driving-licence auth API available to us?
M5Is one mobile number unique to one ABHA, or can it map to multiple ABHAs?
M6Can a single person have multiple ABHA numbers? And what exactly is the ABHA address?
narendra.singh1743), used when a person doesn’t remember/carry their number and for linking of health records across systems. It has nothing to do with a communication/postal address.M7Which name is captured, and what if the CKYC name (via PAN) differs from the ABHA/Aadhaar name?
M8Can the mobile number linked to an ABHA be changed later?
M9As a payer, what do we actually do with the ABHA login/actions?
M10Do we need OTP consent to search for an ABHA by phone number, and how does the agent journey work?
M11In a group policy with four insured members, how do we link ABHA to the policy for all four?
M12How does policy information flow to NHA — is linking done on our side or via API? Is it retrospective?
M13Should we link our core policy-issuance platform directly, or via an intermediary?
M14Final consent — the customer chooses an ABHA address to give consent for claim documents. Do we test data-share in the sandbox?
M15If we just capture an ABHA without verifying it, what are the cascading effects? Will records be rejected by NHCX without a valid ABHA?
M16For long-term/renewal policies whose forms didn’t mention ABHA — must we insist on ABHA at renewal?
M17If we do a CKYC search-and-download from CERSAI, will it also return the ABHA linked to that Aadhaar?
M18In bancassurance we have no direct customer contact to send the OTP — how do we create ABHA?
M19For policies coming via aggregators like PolicyBazaar that pass an ABHA — do we re-verify it?
M20As a TPA, do we also need M1, or can we go straight to M2? What is our role?
M21What exactly defines “M1 compliance,” and what is the scope for the deadline?
M22We have a million+ policies whose users already have ABHA — is there a bulk API to link them, or bulk ABHA creation?
M23Which API version should we use — can we proceed with V3? Is the NHCX version compatible?
M24Is sandbox registration enough, and who do we contact for NHCX technical help (e.g. the UID header parameter)?
Technical, APIs & FHIR IG
16encryption, headers, routing, FHIR, tokens, IG
A12Is there a standard encryption methodology used across the whole insurance sector, and how does the digital handshake work?
A13If NHCX can’t read the encrypted claim, what does it actually validate, and how does it know which payer to route to?
A14What data does NHCX store in its own ecosystem, and what is in the IRDAI registry?
A15How do we track a claim’s status?
A16Which doctor identifier must be sent, and which diagnosis/procedure code systems are accepted?
A17Why are the APIs asynchronous, and is the claim resource different for each use case?
request↔on-request, check↔on-check, submit↔on-submit. The same Claim resource is used across all use cases from pre-authorization to claim submission — the system distinguishes new pre-auth vs resubmission vs enhancement vs discharge vs claim by the workflow ID in the protocol, not by a different bundle. Coverage Eligibility Request uses purposes validation/benefits/other; the Claim resource uses purposes pre-authorization/predetermination/claim. Each action also has a specific workflow ID (e.g. request initiated = 10, patient admitted = 11).A18Can integrators add extra/custom fields to the protocol (e.g. for regulatory reporting)?
X- naming convention, e.g. X-ABHA-ID, X-use-case-name, X-amount-preauthorized, X-procedure-code/X-benefit-ID. This lets a regulator query e.g. “how many claims from ABC hospital exceeding ₹10,000 with benefit code AB12345.” These are not mandatory in general (some may be mandatory for PMJAY), and only fields within the privacy framework are allowed — NHCX refuses fields like name, age, gender.A19The callback bearer token was an empty string in sandbox — is that expected? And is the token now a real token we must validate?
A20On the NHCX website there are many Postman collections and it isn’t as consolidated as ABDM. Is everything in one place?
A21Who explains the FHIR bundle, and can you show a realistic insurance policy in FHIR format?
A39Are the v1.5.0 (FHIR 6.5) changes breaking? Will old code still run, and how do I update my validation tooling?
example bindings (not mandatory), but NRCeS recommends adoption. New implementers on 6.5.0 can interoperate with 6.0 systems (backward compatible), but not vice-versa; adopt the latest for richer analytics. To update tooling, set the package identifier to ndm.in#NDHM version 6.5.0, and in programmatic validation change the package version 6.0 → 6.5.0. Published example artifacts are reference-only — do not use them directly as templates; adapt them to your scenario. A feedback form is on the IG website (error in examples / change request / comments / technical corrections).A40In the Task bundle, what value do I use for input/output type?
include; when it is a string identifier, use the exact type name (claim-number, policy-number, etc.); when it is a status acknowledgement, use type status. Examples: Reprocess → input claim-number (string), output include (ClaimResponse); Payment Notice → input include (PaymentNotice), output status; Insurance Plan → input policy-number (string), response is the InsurancePlan resource directly; Communication → input include (CommunicationRequest), output include (Communication).N1Can we see a comparative analysis of the new IG version vs the old — what changed in each FHIR bundle?
identifier cardinality 1..1 → 1..*; ClaimResponse adjudication.reason made optional 1..1 → 0..1; Claim request element made must-support; Task reasonCode made must-support (with its own value set); PM-JAY extensions claim-condition and claim-supporting-info-requirement added at benefit and plan level.N2We found an example where “ambulance” is listed as equipment rather than a service — an insurer copied it and sent it to us. What do we do about wrong examples?
N3We recommended adding form codes for enhancement approval, discharge, etc. Have those been taken up?
N4When a claim is rejected/partially approved and we build the Task bundle, do we also include the revised claim? And must we adopt v1.5.0 immediately?
Use-cases & Claim Workflow
17eligibility, pre-auth, communication, payment, PMJAY
A22When a patient registers, how does policy/patient data flow — do I push policy data or pull the profile back? Where does ABHA fit?
A23How does a provider discover a patient’s policy in an emergency when they carry no documents?
A24If get-policies already returned the policy, why run a separate coverage-eligibility check?
A25How do I know which documents a pre-authorization requires, and whether Aadhaar eKYC is needed?
A26When and why is the Communication API used?
A27What is predetermination and when do we use it?
A28How do I test against a payer? On the dummy payer, how do I trigger a communication/query?
check method and it responds. For pre-auth (PR), first submit/send the payload, then hit the process request API with access = approval / reject / query. If you send query, you then receive a communication request on your end; you prepare your payload and send it on on_request. The same applies to the claim case. If the payer raises no query, you simply get the approval status.A29After a claim is approved, how does the hospital know money was actually paid, and how do we contest a partial payment?
payment-notice/request to your system; you read it and update your records with the paid amount, UTR and TDS. This solves the pain point where insurers pay in bulk (e.g. ₹10 lakh for three patients) with no per-patient breakdown. To contest a partial approval, deduction or rejection, use a reprocess request (PMJAY calls appeals “erroneous claims”) — a Task resource carrying the claim number and reason; it goes to the payer, who reopens and re-adjudicates and responds via reprocess on-submit.A30Our HMIS is used by multiple hospitals dealing with multiple insurers. How can one application serve all of them?
A31Will there still be a need for TPAs once NHCX is at scale? Can hospitals drop the TPA desk?
A32Coders add ICD/CPT medical coding, and wrong coding causes rejections. Will NHCX help with coding accuracy?
A33How does the payer share its list of services/benefits to providers, and which API is that?
A34How will reimbursement claims work, and can I send documents to any insurer via a PHR?
A35PMJAY is mostly northern India; southern states have their own schemes (Aarogyasri, Maharashtra’s Rajiv Gandhi). Will each state scheme need separate modification?
A36PMJAY has complex billing logic (e.g. discounts on the 2nd/3rd procedure). Will NHCX APIs handle this? What extra APIs does PMJAY need?
A37Where can I download the ~700 (or 2,700) PMJAY procedures, and what is the PMJAY family cover?
A38How should GIPSA / PM-JAY standard treatment packages be represented when they don’t map to SNOMED CT?
Policy, Adoption & Panels
43is NHCX live, incentives, adoption, panels, DPDP
A41Is NHCX actually live, or not? (asked repeatedly)
A42Is there any financial incentive for hospitals to onboard NHCX?
A43What is NHCX in one line, and how much does it cost to process a claim today?
A44Can NHCX/HFR help detect fraud (e.g. blacklisted facilities)? Should M3 be mandated?
A45Small hospitals fear ABDM/data transparency means losing patients to competitors — why comply?
A46Under the DPDP Act, how can NHCX data be used for secondary purposes without violating privacy?
A47Startups report ~6-month NHCX empanelment delays and doctors resist digital data entry — what’s being done?
A48What is the single remaining challenge for NHCX, and how is private-hospital onboarding going?
A49Can standards move claim settlement from a dispute-driven to a data-driven process, and is going digital-first worth it?
A50Can claim adjudication be fully automated, and how far away is full NHCX maturity?
A51Who is already connected to NHCX, and what data formats can flow through it?
A52How is NHCX asynchronous / how does it not read the payload — and does it store adoption/surveillance data?
BJ1You said beneficiaries can also hook onto the platform — what’s in it for them?
BJ2Adoption really depends on the HIS/health-informatics companies, not hospitals. Are you running a session to orient them and create urgency?
BJ3Will the TAT be defined for the whole journey (pre-auth → settlement), and who sets it?
BJ4Can patients or hospitals raise grievances on the same platform?
D1[NHA → audience] The doctor says “good to go” at 9–10 am but discharge happens at 4 pm — have you seen this?
D2[Audience → TCS] How does the encryption ensure NHCX itself cannot read patient health data?
D3What claim-variability trends does the national data show, and how should IIB’s registry connect to NHCX?
D4Having digitized Aarogyasri, what improvement do you see, and why do hospitals resist automation?
D5How is NABH helping small and mid-size hospitals digitize?
D6How do NHCX profiles ensure payer-/provider-agnostic submissions, and can SNOMED CT be used for billing?
D7How does AI transform claim processing once data is standardized, and what national insights become possible?
D8Should standards be voluntary, incentivized, or mandatory — can technology enforce discipline?
D9[Audience] Data-quality initiatives have failed for decades — wouldn’t a greenfield build beat fixing legacy data?
D10[Audience] What’s the biggest barrier to standardization, and where can an insurtech help?
D11[AI & Insurance panel] How can AI improve risk modeling and underwriting for health insurance?
D12[Audience] What’s the cost of the same treatment with insurance vs without, and who’s solving that?
E1What must-adopt infrastructure does an insurer need for NHCX, and what real value will it create?
E2What operational-risk constraints make insurers cautious about rule-based auto-adjudication?
E3What internal tech investment does a large network like Apollo need to cut claim time (6h → 3h)?
E4Are we underestimating the interoperability/integration complexity across diverse hospital systems?
E5How do we galvanize the digital-service-provider ecosystem to speed ABDM/NHCX adoption?
E6How do we onboard small, non-digitized hospitals that have almost nothing in place?
E7[Audience] Under DPDP, which claims workflows are primary use (no consent) vs secondary (consent needed)?
E8[Audience] Could there be an incentive every time data is shared, and should incentive schemes be long-term?
E9How does Andhra Pradesh align public and private hospitals onto one digital platform?
E10What role and guardrails does IRDAI envisage for the NHCX “UPI moment”?
E11How much inefficiency is due to lack of standardization, and if digital-first helps everyone, why the delay?
E12Is there resistance in hospitals to adopting this — behavioral, technological, or fear of transparency?
E13Give one global example where the manual→digital shift succeeded and one where it didn’t.
E14In one sentence, what single reform must the ecosystem do immediately?
E15[Audience] How do startups get empanelled with NHCX faster, is doctor training being addressed, and what’s NHA’s closing plan?
Hackathons
15rules, models, evaluation, prizes, deadlines
A53[Posed by NHA] What are the five NHCX-hackathon problem statements?
A54For the ideathon PS4/PS5, do we need working code? Where and how must deliverables be submitted?
README.md (scope, architecture, setup, dependencies) must be zipped with an MD5 hash and uploaded to Google Drive, with the link shared to NHA’s Gmail ID. Process: download artifacts → initial screening → shortlisting → demo on the participant’s own environment → final evaluation. For PS2, create the FHIR DiagnosticReport bundle and optionally embed it in a pre-auth/claim bundle.A55What is the prize pool, is open-source required, and when is the jury demo?
A56What IRDAI SLAs must the solutions respect, and how much claim intimation still bypasses the portal?
B1Which models can we use? Can we bring our own / quantized / fine-tuned models, and use Hugging Face?
B2Is GPU allowed? What about RAM/compute limits, and inference throughput as a scoring factor?
B3How is the sandbox set up (Python env, internet, dependencies), and can we host our own solution on GCP/Azure?
B4Are labels provided? How do we evaluate locally, and how does our code run on the hidden dataset?
B5How do we save token usage, and are tokens counted in evaluation?
B6How are teams formed and registered? How many winners, and how many submissions are allowed?
B7Do we build a UI, and who owns the IP of the solution?
B8Can we use ChatGPT / AI to write our code? And can we use datasets that are research-only (not commercial)?
B9What are the timelines — when do we get platform access, and when is the submission deadline?
B10How should winners be decided if no team reaches the benchmarks?
B11The provided PDFs have redaction/black dots (PII masking) that get flagged — how is that handled in scoring?
Clinical & Domain
12documents, radiology, STGs, forgery, clinical
B12Can we assume PMJAY/ABHA IDs are unique with no fakes — and if there’s a fraud PS, doesn’t that imply fake IDs?
B13How do the three PS connect, and if a query is raised and the hospital responds, do the rules re-run? Is it all via TMS or NHCX?
B14What does “procedure-agnostic / STG-agnostic” mean, and will we get all ~1,900 procedures?
B15Are handwritten prescriptions in scope for PS1, or is the printed discharge summary enough?
B16For PS2, what should the model check in radiological reports, and in what file format are the images?
DDMMYYYY.B17If a radiologist already reported an image, why re-verify it — and is radiology AI even available in India?
B18Is document classification based on the NHA/NRCeS health-information types, and is the coding ICD-10 or ICD-11?
B19For PS3, how do the forgery categories differ (e.g. overwriting vs adding text), and what are the output formats?
.yml). Categories C1–C10 (C1 copy-paste; C2 overwriting; C3 added stamp/signature/text; C4 removing/erasing; C5 merging documents; C6 watermark removal; C7 irregular spacing; C8 fully AI-generated page; C9 partial AI edits; C10 no discrepancy). Multiple categories on a page use a double-pipe || separator, most dominant first. C8 and C10 need no YAML. Invalid JSON = automatic rejection; missing bounding boxes for C1–C7/C9 invalidate the submission.