Data Masking Configuration Integration Point

This integration supports configuring fields and their associated transformation functions for the Data Masking Process.

This integration point only supports message-based communication.

Data Model

Each entry in the data masking configuration contains:

Table 1. Data Model
Field Description

Entity Name

The name of the entity, for example, Person or Address.

Object Usage Name

The usage name for a dynamic field, a dynamic record, or a fixed field on the entity.

Record Object Usage Name

The usage name of a field that is part of a dynamic record (this is applicable when the object usage name is a dynamic record).

Transformation Category

The transformation function for the masking process.
The transformation category that you select must align with the data type of the object usage name or the record object usage name.

Operations

POST

/datamaskingdefinitions/ adds a new entry to the data transformation and masking process

PUT

/datamaskingdefinitions/{id} updates the configuration for an entity

POST

The POST operation on /datamaskingdefinitions/ adds a new entry to the data transformation and masking process.

Example Payload to Add a New Data Masking Definition
{
    "entityName": "Person",
    "objectUsageName": "medicareCard",
    "recordObjectUsageName": "cardNumber",
    "transformationCategory": "TXTHASH"
}

This payload creates a configuration for the cardNumber field on the medicareCard dynamic record of the Person entity using the TXTHASH transformation function.

PUT

The PUT operation on /datamaskingdefinitions/{id} updates the configuration.

Example Payload to Update a Data Masking Definition
{
    "transformationCategory": "TXTHASH"
}

This sample payload is an example. Create your payload based on the fields that you want to mask.

View Existing Configurations

To view the existing configuration, send a POST request to the generic endpoint:

generic/datamaskingdefinitions/{id}/search

Delete an Existing Configuration

To delete an existing configuration, send a DELETE request to the generic endpoint:

generic/datamaskingdefinitions/{id}

Transformation Functions

The application provides several built-in transformation functions for the masking process based on the field data type:

Text Fields

Table 2. Text Fields
Transformation Function Name Description Before After

TXTHASH (Text hash with seed)

This function:

  • Applies SHA-1 hash algorithm to the input value.

  • Removes any special characters/spaces from the output.

  • Truncates the output to match the maximum length of the associated field.

  • Capitalizes the output.

  • For extra security, this function concatenates a user-configured seed value with the input text before passing the value to the hash function. See Data Masking Process for more information.

You can also use this function to replicate the transformation outside the Oracle Health Insurance application.

123456789

x8dtyqbfDPS[vub_EvtY4bdbvDsuFB3T

TXTRPL (Simple text replacement)

This function replaces the field value with the field name.

Recommended only for non-unique columns.

A dynamic record with column name as firstName and stored value as John.

Replaces the stored values with the usage name, like the firstName in the example.

TXTRNDPSF (Random replace, preserves size format)

This function replaces the field value with a random value in the same format. The function replaces letters with letters, numbers with numbers, and preserves special characters.

AA-A001B

TY-U765C

TXTRNDRPL (Text random replace)

This function replaces the field value with a random character string.

John

DSGadjgadv8eog90

TXTHASHPS (Text hash with seed, preserve size)

This function:

  • Applies SHA-1 hash algorithm to the input value.

  • Removes any special characters/spaces from the output.

  • Truncates the output to match the length of the input.

  • Capitalizes the output.

  • For extra security, this function concatenates a user-configured seed value with the input text before passing the value to the hash function.

You can also use this function to replicate the transformation outside the Oracle Health Insurance application.

POL12345

682AF344 (trimmed from 682af344ebc9f789174dd5d86a2d339a71f36a77)

Number Fields

Table 3. Number Fields
Transformation Function Name Description Before After

NUMHASHADD / NUMHASHCON (Hash with seed add/concatenate)

This function:

  • Applies SHA-1 hash algorithm to the input value.

  • Removes any special characters/spaces from the output.

  • Truncates the output to match the maximum length of the associated field.

  • Capitalizes the output.

  • For extra security, this function concatenates a user-configured seed value with the input text before passing the value to the hash function.

You can also use this function to replicate the transformation outside the Oracle Health Insurance application.

10

93275

NUMNP (Nearest Prime)

This function replaces the value with the nearest, smaller prime number.

20

17

NUMRNDPSF (Random preserve format)

This function replaces the number with a random number, preserving the format.

10.99

24.65

NUMHASHADDPS / NUMHASHCONPS (Hash with seed add/concatenate, preserve size)

This function:

  • Applies SHA-1 hash algorithm and returns a number value.

  • Truncates the output to match the length of the input.

  • For extra security, this function concatenates a user-configured seed value with the input text before passing the value to the hash function.

You can also use this function to replicate the transformation outside the Oracle Health Insurance application.

93275

78545

Date Fields

Table 4. Date Fields
Transformation Function Name Description Before After

DATEDMYS (Day, month and year shift)

Day - Sets to 1
Month - Nearest quarter
Year - Nearest decade

2022-05-26

2020-06-01

DATEDMS (Day and month shift)

Day - Sets to 1
Month - Nearest quarter
Year - No change

2022-05-26

2022-06-01

DATEMPS (Day with partial month shift)

Day - Sets to 1
Month - Adds 1 if the day is the 16th or after
Year - No change

2022-04-26

2022-05-01

DATEDS (Day shift)

Day - Set to 1
Month - No change
Year - No change

2022-04-26

2022-04-01

DATERNDS (Random Date)

Day = 1-28 Month = 1-12
Year = Adds or subtracts up to 50 years from the current year

2022-04-26

2032-01-24
The values for Before and After columns under the Text, Number, and Date fields are sample values.

  • Oracle recommends using TXTHASH or TXTHASHPS for string fields and NUMHASHADD, NUMHASHCON, NUMHASHADDPS, or NUMHASHCONPS for number fields to mask data from unique fields like code on a Person, Policies, and so on.

  • This prevents any unique constraint errors during the masking process.

  • It also keeps the values consistent while masking data for the same fields across multiple entities, for example, policyCode for Policy, PolicyEnrollmentEvent, and EnrollmentFilePolicy.

  • Use TXTHASHPS (Text hash, preserve size) for fields with a size greater than 10 characters.

Other Functions

Table 5. Other Functions
Transformation Function Name Description

SETNULL (Set to Null)

Sets the value to Null for use with any field.

SETDEFAULT (Set to Default)

Only available for the Gender field; sets the value to unknown.

  • Oracle recommends using TXTHASH for string fields and NUMHASHADD or NUMHASHCON for number fields to mask data from unique fields like code on a Person, Claims, and so on.

  • This prevents any unique constraint errors during the masking process.

  • It also keeps the values consistent while masking data for the same fields across multiple entities, for example, Code for Claim and CtrClaim.

Native Fields

To protect the integrity of the application, only the native fields listed below are part of the masking process.

  • All the dynamic fields and dynamic records are part of the masking configuration.

  • Oracle recommends excluding any dynamic fields from tables that are purged as part of the Data Masking Process.
Table 6. Native Fields
Entity Name Object Usage Name Data Type Mandatory/Unique

Address

additionalPart1

String

Address

additionalPart2

String

Address

additionalPart3

String

Address

city

String

Address

numberAddition

String

Address

postalCode

String

Address

stateAndCountyCode

String

Address

street

String

Authorization

code

String

Unique for a version

Authorization

endDate

Date

Authorization

internalRemarks

String

Authorization

referenceCode

String

Authorization

requesterReference

String

Authorization

startDate

Date

Mandatory

AuthorizationConsumption

rootKey

String

Mandatory

AuthorizationConsumption

targetKey

String

Mandatory

AuthorizationLine

code

String

Unique within a authorization

AuthorizationLine

endDate

Date

AuthorizationLine

startDate

Date

Mandatory

BankAccountNumber

bankAccountNumber

String

Mandatory

BankAccountNumber

bankAccountNumberDebit

String

BankAccountNumber

specialName

String

Bill

authorizationCode

String

Bill

billDate

Date

Bill

locationAddress

String

Bill

locationFieldValue

String

Bill

locationName

String

Bill

payReceiverAddress

String

Bill

payReceiverDob

String

Bill

payReceiverFieldName

String

Bill

payReceiverFieldValue

String

Bill

payReceiverName

String

Bill

payReceiverRelCode

String

Bill

providerEntityReference

String

Bill

providerReference

String

Bill

servicedEntityAddress

String

Bill

servicedEntityCode

String

Bill

servicedEntityDate

Date

Bill

servicedEntityFieldValue

String

Bill

servicedEntityName

String

Claim

authorizationCode

String

Claim

claimantAddress

String

Claim

claimantDob

String

Claim

claimantFieldName

String

Claim

claimantFieldValue

String

Claim

claimantName

String

Claim

claimantRelCode

String

Claim

claimDate

Date

Claim

code

String

Unique

Claim

dueDate

Date

Claim

endDate

Date

Claim

entryDate

Date

Mandatory

Claim

externalRemarks

String

Claim

internalRemarks

String

Claim

locationAddress

String

Claim

locationFieldName

String

Claim

locationFieldValue

String

Claim

locationName

String

Claim

paidDate

Date

Claim

payBeneficiaryAddress

String

Claim

payBeneficiaryDob

String

Claim

payBeneficiaryFieldName

String

Claim

payBeneficiaryFieldValue

String

Claim

payBeneficiaryName

String

Claim

payBeneficiaryProvCode

String

Claim

payBeneficiaryRelCode

String

Claim

payReceiverAddress

String

Claim

payReceiverDob

String

Claim

payReceiverFieldName

String

Claim

payReceiverFieldValue

String

Claim

payReceiverName

String

Claim

payReceiverProvCode

String

Claim

payReceiverRelCode

String

Claim

precedingPayerCode

String

Claim

providerEntityReference

String

Claim

providerReference

String

Claim

receiptDate

Date

Claim

referenceCode

String

Claim

referralProviderAddress

String

Claim

referralProviderFieldName

String

Claim

referralProviderFieldValue

String

Claim

referralProviderName

String

Claim

servicedEntityAddress

String

Claim

servicedEntityCode

String

Claim

servicedEntityDate

String

Claim

servicedEntityFieldName

String

Claim

servicedEntityFieldValue

String

Claim

servicedEntityName

String

Claim

servicedEntityType

String

Claim

serviceProviderAddress

String

Claim

serviceProviderFieldName

String

Claim

serviceProviderFieldValue

String

Claim

serviceProviderName

String

Claim

specReceiverAddress

String

Claim

specReceiverDob

String

Claim

specReceiverFieldName

String

Claim

specReceiverFieldValue

String

Claim

specReceiverName

String

Claim

specReceiverRelCode

String

ClaimLine

authorizationCode

String

ClaimLine

benefitsProviderFieldName

String

ClaimLine

benefitsProviderFieldValue

String

ClaimLine

benefitsProviderName

String

ClaimLine

code

String

Unique within a claim

ClaimLine

endDate

Date

ClaimLine

episodeIdentifier

String

ClaimLine

locationAddress

String

ClaimLine

locationFieldValue

String

ClaimLine

locationName

String

ClaimLine

payReceiverAddress

String

ClaimLine

payReceiverDob

String

ClaimLine

payReceiverFieldName

String

ClaimLine

payReceiverFieldValue

String

ClaimLine

payReceiverName

String

ClaimLine

payReceiverProvCode

String

ClaimLine

payReceiverRelCode

String

ClaimLine

priceIndProviderName

String

ClaimLine

providerEntityReference

String

ClaimLine

providerReference

String

ClaimLine

referenceCode

String

ClaimLine

referralProviderFieldName

String

ClaimLine

referralProviderFieldValue

String

ClaimLine

referralProviderName

String

ClaimLine

servicedEntityAddress

String

ClaimLine

servicedEntityCode

String

ClaimLine

servicedEntityDate

String

ClaimLine

servicedEntityFieldName

String

ClaimLine

servicedEntityFieldValue

String

ClaimLine

servicedEntityName

String

ClaimLine

serviceProviderAddress

String

ClaimLine

serviceProviderFieldName

String

ClaimLine

serviceProviderFieldValue

String

ClaimLine

serviceProviderName

String

ClaimLine

startDate

Date

Mandatory

ClaimLineBenefitSpecification

coverageFamilyCode

String

ClaimLineEventHistory

claimLineCode

String

ClaimLineOverride

familyCode

String

ClaimLineRuleCoverage

familyCode

String

ClaimPendReasonHistory

claimLineCode

String

ClaimSet

code

String

Unique

ClaimUnfinalizeReason

sourceReference

String

CtrBill

authorizationCode

String

CtrBill

locationTypeDescription

String

CtrBill

payReceiverName

String

CtrBill

payReceiverRelCode

String

CtrBill

providerEntityReference

String

CtrBill

providerReference

String

CtrBill

servicedEntityCode

String

CtrBill

servicedEntityName

String

CtrBillMessage

alternativeMessageText

String

CtrBillMessage

messageText

String

CtrBillMessage

providerMessageText

String

CtrClaim

authorizationCode

String

CtrClaim

claimantName

String

CtrClaim

claimantRelCode

String

CtrClaim

claimDate

Date

CtrClaim

claimSetCode

String

CtrClaim

code

String

Unique

CtrClaim

dueDate

Date

CtrClaim

endDate

Date

CtrClaim

entryDate

Date

CtrClaim

externalRemarks

String

CtrClaim

internalRemarks

String

CtrClaim

largeClaimCode

String

CtrClaim

payBeneficiaryName

String

CtrClaim

payBeneficiaryRelCode

String

CtrClaim

payReceiverName

String

CtrClaim

payReceiverProvCode

String

CtrClaim

payReceiverRelCode

String

CtrClaim

providerEntityReference

String

CtrClaim

providerReference

String

CtrClaim

receiptDate

Date

CtrClaim

referenceCode

String

CtrClaim

servicedEntityCode

String

CtrClaim

servicedEntityDate

String

CtrClaim

servicedEntityName

String

CtrClaim

servicedEntityType

String

CtrClaim

specReceiverName

String

CtrClaim

specReceiverRelCode

String

CtrClaim

transactionSourceCode

String

CtrClaimLine

authorizationCode

String

CtrClaimLine

claimDate

Date

CtrClaimLine

classificationAuthorizationCode

String

CtrClaimLine

code

String

Unique within a claim

CtrClaimLine

endDate

Date

CtrClaimLine

episodeIdentifier

String

CtrClaimLine

familyCode

String

CtrClaimLine

payReceiverName

String

CtrClaimLine

payReceiverName

String

CtrClaimLine

payReceiverProvCode

String

CtrClaimLine

payReceiverRelCode

String

CtrClaimLine

productFamilyCode

String

CtrClaimLine

providerEntityReference

String

CtrClaimLine

referenceCode

String

CtrClaimLine

replacedByCode

String

CtrClaimLine

replacesCode

String

CtrClaimLine

reservationLineCode

String

CtrClaimLine

servicedEntityCode

String

CtrClaimLine

servicedEntityDate

String

CtrClaimLine

servicedEntityName

String

CtrClaimLine

startDate

Date

CtrClaimLine

transactionSourceCode

String

CtrClaimList

claimCode

String

CtrClaimPolicyProduct

servicedEntityCode

String

CtrPendReasonHistory

alternativeText

String

CtrPendReasonHistory

claimLineCode

String

CtrPendReasonHistory

claimLineCode

String

CtrPendReasonHistory

externalCode

String

CtrPendReasonHistory

providerText

String

EligibilityCheck

code

String

Unique

Episode

episodeIdentifier

String

Mandatory

Episode

startDate

Date

Mandatory

Episode

endDate

Date

InterfacedMessage

correlationId

String

LimitConsumption

description

String

LimitConsumption

displayName

String

LimitConsumption

externalId

String

LimitConsumption

referenceCode

String

LimitConsumption

rootKey

String

LimitConsumption

targetKey

String

LimitCounter

familyCode

String

Person

code

String

Unique

Person

dateOfBirth

Date

Mandatory

Person

emailAddress1

String

Person

emailAddress2

String

Person

endDate

Date

Person

faxNumber

String

Person

firstName

String

Person

gender

String

Person

initials

String

Person

middleName

String

Person

name

String

Mandatory

Person

namePartner

String

Person

phoneNumberBusiness

String

Person

phoneNumberMobile

String

Person

phoneNumberPrivate

String

Person

suffix

String

PolicyFamily

code

String

Mandatory

ProviderLimitConsumption

description

String

RegimeCounter

familyCode

String

RelationIdentifier

identifier

String

Mandatory

TaskAttribute

valueChar

String

TaskAttribute

valueDate

Date

User

alternateUserIdentifier

String

User

displayName

String

Mandatory

Response Messages

The application creates response messages for the request messages that it receives from external interfaces. For more details, see Response Messages.

Error Messages

The following error messages are specific to the data masking definition integration point.

Table 7. Error Messages
Code Severity Message Text

DID-IP-DIDM-001

Fatal

Entity name {entityName} is unknown

DID-IP-DIDM-002

Fatal

Object usage name {objectUsageName} is unknown

DID-IP-DIDM-003

Fatal

For the dynamic record {objectUsageName}, field {recordObjectUsageName} is unknown

DID-IP-DIDM-004

Fatal

Record object usage name can only be configured for dynamic records

DID-IP-DIDM-005

Fatal

Record object usage is mandatory for {objectUsageName} dynamic record

DID-IP-DIDM-006

Fatal

Flex codes, start date and end date columns cannot be part of the data masking process

DID-IP-DIDM-007

Fatal

Transformation function {transformationCategory} does not match the data type of the field

DID-IP-DIDM-008

Fatal

Fixed field {objectUsageName} cannot be part of the data masking process

Authorization

This API requires a grant for access restriction datamaskingdefinition IP.