Skip to content
theCodeFlash

Scenario 05: ClearView Medical Center

Work in Progress

This content is currently being reviewed for accuracy and will be updated soon.

Scenario Snapshot

FieldDetail
DifficultyMedium
IndustryHealthcare (regional medical group)
Heavy domainsSecurity and Data
Prep window150 minutes total: 90 min preparation + 30 min presentation + 30 min Q&A
CoverageQuestion + Solution

Recommended Approach

Read this scenario twice using the Two-Pass Reading Method: first for understanding, second for implicit requirements. Build your architecture before opening the solution page.

Project Overview

ClearView Medical Center is a regional, physician-owned medical group with three facilities in North Carolina: ClearView Main (hospital campus), ClearView West (specialist outpatient), and ClearView North (two acquired urgent care clinics, still running their pre-acquisition systems 18 months post-acquisition). The executive team has approved a 14-month consolidation onto Salesforce Health Cloud. A signed Business Associate Agreement (BAA) is required before any PHI enters any Salesforce environment.

AttributeDetail
Facilities3 (ClearView Main, ClearView West, ClearView North, 2 acquired)
Clinical staff130 (physicians, NPs, PAs)
Admin and billing staff320 (front desk, schedulers, billing, compliance)
Total staff450
Active patients~62,000 across all three facilities
Overlapping patients~9,000 patients appear in two or more facility systems
Annual encounters~290,000
Revenue~$78M annual
Growth plan2 additional acquisitions targeted in years 2-3
RegulatoryHIPAA Privacy Rule, HIPAA Security Rule, NC state regulations, BAA required

Stakeholder Perspectives

Dana Hollis, CISO: “BAA first, everything else second. I have seen breaches start in sandbox. I need every access event logged in a way I can pull for an OCR audit without calling IT.”

Dr. Marcus Webb, CMO: “Providers need to see a patient’s full history regardless of which facility originally holds that record. But I do not want providers browsing records for patients they have no care relationship with.”

Sandra Paez, VP Revenue Cycle: “Three billing teams, each working their own patients. Facilities compete on productivity metrics; mixing financial data across facilities creates real friction.”

James Okafor, IT Director: “Four people on IT, no deep Salesforce background. The HL7 feed from AthenaPrime is my biggest integration worry (high volume, clinical data, different MRN formats from the acquired clinics). The lab SFTP batch needs a clear error path; failed lab results going unnoticed is a patient safety issue.”

Current Systems and Pain Points

AthenaPrime EHR (Main and West)

System of record for clinical documentation; will not be replaced. Health Cloud is the coordination layer on top.

  • Outbound HL7 v2.x (ADT, ORM, ORU) over HTTPS POST: ~1,400 messages/day from Main, ~600/day from West
  • No EHR-side message queuing. The integration layer must handle retries.

NorthCare Legacy System (Acquired Clinics)

On-premise NorthCare Clinic Manager v4.1, being decommissioned as part of this program.

  • ~24,000 active records; ~9,000 also appear in AthenaPrime (the overlap population)
  • Exports via XML or CSV; no HL7 support
  • Known issues: inconsistent MRN formats vs. AthenaPrime, 7% missing insurance, 4% internal duplicates, free-text notes in BLOB column (read-only migration required)

ClearBill Billing Platform

Centralized claims platform for all three facilities; separate tenant partition per facility.

  • REST API v3, OAuth 2.0 client credentials; acknowledgement within ~90 seconds
  • Billing staff scoped to their own partition; failed/pended claims must surface as tasks

LabConnect SFTP Interface

Two reference labs (LabCore and Regional Path Group) deliver fixed-width flat files via SFTP.

  • File drops at 06:00, 12:00, 18:00 daily; ~780 result records/day combined
  • Files use NorthCare MRN for acquired-clinic patients, AthenaPrime MRN for main-facility patients
  • No lab API available; SFTP is the only channel

Business Requirements

Patient Data and Migration

  1. Migrate all active patient records from AthenaPrime (Main and West) and NorthCare (acquired clinics) into Health Cloud, preserving demographics, insurance, allergy records, medications, and PCP assignments; migrate five years of historical encounter summaries with free-text notes in read-only form.
  2. Before migration, establish a Master Patient Index (MPI) assigning each unique patient a ClearView Master Record Number (CMRN); store all facility-specific MRNs as cross-reference identifiers so incoming HL7 messages and SFTP lab files can resolve to the correct Health Cloud record.
  3. For the ~9,000 overlapping patients, apply a survivorship rule: retain the most complete demographic record, consolidate all encounter history under the CMRN, and flag merged records for clinical reviewer confirmation within 30 days of go-live.
  4. Resolve within-NorthCare duplicates (~960 records, 4% of 24,000) using the same survivorship logic before MPI assignment; flag records missing insurance (~7%) for front desk remediation tracked on a go-live readiness dashboard.
  5. All records migrated from NorthCare must carry a source-of-origin tag identifying the originating clinic, retained for at least 7 years.
  6. Patient records inactive for more than 5 years must remain accessible to authorized clinical and compliance users but must not appear in standard provider search results.

Security and Compliance

  1. A signed BAA must be in place before any PHI is loaded into any Salesforce environment, including full sandbox; the implementation must satisfy all four HIPAA Security Rule technical safeguard categories.
  2. Providers at any facility must be able to view the full clinical record for any patient presenting at their site, regardless of which facility originally holds that record; cross-facility access must be logged with user, record ID, timestamp, and accessing facility.
  3. Outside an active patient encounter, providers have visibility only into patients assigned to their primary facility; browsing across facility records without a care relationship is not permitted.
  4. Billing staff are restricted to encounter records for their own facility’s partition and may read claim-submission fields (date of service, procedure codes, diagnosis codes, rendering provider NPI, insurance ID) but must not access clinical notes, allergy details, medication lists, or assessment fields.
  5. Front desk and scheduling staff can view and update demographics, insurance, and appointment data but must not access clinical notes, diagnosis codes, billing amounts, or lab results.
  6. Every read, create, and update event on patient records must be captured in a full access audit log (user, record ID, field-level changes, action, timestamp, originating IP); logs retained 6 years, queryable by the compliance team without IT involvement.
  7. PHI must be encrypted at rest and in transit; field-level encryption must cover Social Security Number, date of birth, and financial account fields, enforced at both UI and API layers.
  8. Staff termination must trigger automatic Salesforce access revocation within 4 hours of HR notification, with no manual IT steps required.
  9. External contractors and temporary staff must receive time-limited access profiles that expire automatically without IT action.

Integration Architecture

  1. Health Cloud must receive and process inbound HL7 v2.x messages (ADT, ORM, ORU) from AthenaPrime idempotently, resolving all patient identifiers against the CMRN cross-reference before writing to Health Cloud; EHR retry duplicates must not create duplicate records.
  2. Inbound HL7 messages referencing an unrecognised patient identifier must park in an error queue with a task for the integration team; messages unmatched for more than 4 hours must escalate to the IT Director.
  3. On encounter finalisation, encounter data (date of service, procedure codes, diagnosis codes, rendering provider NPI, insurance ID, facility code) must submit to ClearBill REST API (v3, OAuth 2.0) within 20 minutes, targeting the correct facility partition.
  4. ClearBill acknowledgements (accepted/rejected/pended) must write back to the encounter record; rejected or pended claims must generate a billing queue task, and no encounter should end the business day without a recorded transmission status.
  5. LabConnect SFTP files must be processed automatically at each drop window (06:00, 12:00, 18:00): parse the fixed-width format, resolve identifiers via the CMRN cross-reference, and attach results to the correct patient and encounter record.
  6. Lab results unmatched within 2 hours of the file drop must alert the ordering provider’s care team; results still unmatched after 8 hours must escalate to the IT Director and the CMO’s office.
  7. All three integration channels must maintain a transmission log (message/file ID, timestamps, status, retry count, resolution) accessible to IT and the CISO without a developer query; the design must accommodate two additional facility onboardings without re-architecture.

Reporting and Analytics

  1. Each facility manager requires a daily operational dashboard scoped to their facility: scheduled encounters, completions, no-shows, open data quality items, and pending lab results.
  2. The CMO requires a monthly cross-facility summary: encounter volumes by facility and specialty, top 15 diagnosis codes, and patients with no encounter in the past 12 months.
  3. The CISO requires an on-demand audit report for any patient record showing all access events over a user-specified date range, exportable to CSV for OCR submission.
  4. The VP Revenue Cycle requires a weekly claims performance report per facility (encounters submitted, acceptance rate, pended/rejected aging, open tasks); each facility’s data visible only to that facility’s billing leadership unless the VP Revenue Cycle role is used.
  5. The integration team requires a daily health dashboard showing message volumes, error counts, retry rates, and unmatched record queues across all three channels.

Constraints

  • BAA must be signed before any PHI is loaded into any Salesforce environment; pre-go-live migration testing must use anonymized or synthetic data
  • NorthCare must be decommissioned within 14 months; all active patient data must be migrated and verified before decommission
  • IT team has four people with limited Salesforce experience; the solution must be maintainable post go-live without ongoing implementation support
  • ClearBill integration must use ClearBill API v3 with OAuth 2.0 client credentials; no changes to ClearBill are permitted
  • A flu season production freeze runs from November 1 to January 15; no production configuration changes are allowed during this window
  • Program budget is $1.4M covering licenses, implementation, migration, and year-1 support; no budget for a separate enterprise middleware platform
  • The two planned future acquisitions must be factored into integration and sharing model design now, even though they are out of scope for Phase 1

Implicit Requirements

  • Requirements 8 and 9 are in direct tension: providers need cross-facility access during an encounter but must not browse freely otherwise. Role hierarchy alone will not resolve this.
  • The CMRN cross-reference is load-bearing for all three integrations. A gap here makes every inbound HL7 message and every SFTP lab file a potential unmatched record.
  • Object-level access will not prevent billing staff from reading clinical fields through the API. FLS must be enforced at both UI and API layers.
  • Sandboxes cannot hold real PHI; dedup and MPI logic must be tested with synthetic data that mirrors production complexity.
  • Three facility-scoped billing populations cannot be achieved through a single profile, and the design must hold as two more acquisitions are onboarded.
  • The SFTP lab interface has no server-side retry; all error handling is the Salesforce integration layer’s responsibility.
  • The November production freeze is a hard deadline. A migration running close to November has no post-go-live hotfix window.

Deliverables Checklist

  • System landscape: current state and future state; show AthenaPrime staying in place, NorthCare decommissioned, Health Cloud as coordination layer
  • Data model: Patient (Person Account with CMRN), Encounter, Insurance Policy, Facility, Provider; note Health Cloud standard objects used
  • MPI and dedup strategy: survivorship rules for the 9,000 overlapping patients, CMRN cross-reference design, identifier resolution across all three integration channels
  • Security model: role hierarchy, profiles, permission sets, OWD, sharing rules, FLS per user population; address cross-facility access directly
  • Integration design: trigger/schedule, payload, error handling, retry, and logging for each of the three channels
  • Migration plan: NorthCare field mapping, dedup sequencing, incomplete record remediation, BAA-compliant sandbox data strategy, decommission criteria

Time Management: 150-Minute Practice Session

Prep , first 30 min: Read twice. Extract explicit and implicit requirements. Flag the cross-facility access tension (Requirements 8 and 9) and the CMRN cross-reference as the two load-bearing design decisions.

Prep , middle 30 min: Design your architecture. Settle the security model (how cross-facility access works during vs. outside an encounter), the MPI and survivorship rules, and the three integration patterns (HL7, ClearBill REST, LabConnect SFTP).

Prep , final 30 min: Build your artifacts. Prioritize the security model, MPI design, and integration architecture diagram , these drive the most Q&A.

Presentation (30 min): Lead with decisions. Cover MPI and dedup, the security model (cross-facility access in particular), all three integration channels, and the migration plan. Trim reporting detail if running short.

Q&A (30 min): Expect probing on the cross-facility access tension (Requirements 8 and 9), what happens when HL7 arrives for an unmatched patient, how billing stays scoped per facility as the org grows, and how you test dedup at scale without PHI in sandbox.

Always verify against official Salesforce documentation

This content is study material for CTA exam preparation. Content compiled and presented with AI assistance. Not affiliated with Salesforce.

Personal study notes for the Salesforce CTA exam. Content compiled from VJ's study notes, official Salesforce documentation, community sources, and online publicly available content, then organized and presented with AI assistance. Not affiliated with Salesforce. © 2025–2026 VJ Srivastava.