API

Input Validation for POST Endpoints

What's New

Five POST API endpoints now enforce input validation on all string fields. Payloads containing invisible Unicode characters (such as zero-width spaces) or incorrectly typed fields (such as a number where a string is required) are rejected with a structured, field-level error response. Previously, these malformed payloads could cause silent internal errors while the API returned a success response to the caller.

Why This Matters

Malformed payloads reaching the system undetected could corrupt records, cause billing inaccuracies, and produce unreliable data in reports — all without the sending system being aware anything went wrong. Clear, immediate validation errors allow integration partners to identify and fix bad data at the source, improving data integrity across admissions, claims, assessments, and patient records.

Who It's For

• Integration partners and external systems submitting data via the Sunwave API

• Technical teams responsible for EHR/CRM integrations and data pipelines

• QA and implementation teams validating API payloads

How it works

Navigate: API integration layer — no UI navigation required. Validation applies at the point of request submission.

Affected endpoints:

• POST /api/opportunity

• POST /api/opportunity/active

• POST /api/assessments

• POST /api/claim

• POST /api/addforminpatientchart

Steps:

1. Submit a POST request to any of the above endpoints with a valid, well-formed payload — the request is accepted as normal. Standard ASCII spaces (U+0020) in string fields are permitted.

2. If a string field contains an invisible Unicode character such as zero-width space (\u200B), non-joiner (\u200C), joiner (\u200D), BOM (\uFEFF), or non-breaking space (\u00A0) the API returns 422 Unprocessable Entity with a field-level error and code CONTAINS_ZERO_WIDTH_CHAR.

3. If a field defined as a string type is submitted as a non-string (e.g., integer, boolean, null, or array), the API returns 422 with code INVALID_TYPE_EXPECTED_STRING identifying the exact field.

4. For violations in nested fields (e.g., forms[1].attachment_file_name), the error response reflects the full nested path.

5. When both account_id and sunwave_account_id are present, account_id takes precedence. If only sunwave_account_id is provided and no match is found, the API returns a validation error with code NO_SUCH_SUNWAVE_ACCOUNT.

   1. This is current behavior but remediates the issue of account being created while opportunity failed silently.

6. Review the structured error response to identify all offending fields and resubmit a corrected payload.

Example error response:

json

API Notes: This is a breaking change for any integration currently submitting malformed payloads that were previously returning a false success. Integration partners should audit existing payloads — particularly member_id, account_id, insurance_provider_id, name fields, and address fields — for invisible Unicode characters or incorrect field types before this release goes live. Existing valid payloads are unaffected.

Sunwave

PDF Footer Character Limit Increased to 2,000 Characters

What's New The PDF Footer field in Realm Setup now accepts up to 2,000 characters, increased from the previous limit of 1,300. This allows the complete federally required 42 CFR Part 2 confidentiality notice to be saved and printed on patient-document PDFs without truncation.

Why This Matters The full 42 CFR Part 2 "notice to accompany disclosure" statement — required under 42 CFR § 2.32 as updated February 16, 2024 — is approximately 1,334 characters and previously could not be saved in full. Truncated footers on distributed patient documents create compliance and audit exposure. This change allows organizations to meet the regulatory requirement consistently across all patient-facing PDFs without manual workarounds or shortened language.

Who It's For

• Compliance officers configuring legally required disclosure language

• Realm administrators managing PDF footer settings

• Any staff responsible for validating patient document output

How it works Navigate: Realm Setup → PDF Settings → PDF Footer

Steps:

1. Go to Realm Setup and open the PDF Settings section.

2. Locate the PDF Footer field.

3. Paste or type anything under 2,000 characters.

4. Save the settings.

Open

Calendar

Appointment Log Tab

What's New

The Appointment Details modal now includes a Log tab that displays a full audit trail for each appointment. Every creation and modification is recorded with a timestamp, the user who made the change, and the type of event: Appointment Created or Appointment Modified.

Why This Matters

When a patient calls about a canceled or changed appointment, schedulers previously had to run reports or manually cross-reference notes to piece together what happened. This is a slow manual process prone to error. The Log tab puts the complete change history one click away, enabling faster, more confident troubleshooting of scheduling discrepancies without leaving the appointment record.

Who It's For

• Schedulers and front-desk staff managing appointment creation and edits

• Clinical operations teams investigating scheduling discrepancies

• Supervisors reviewing who made changes and when

How it works

Navigate through Scheduling → Calendar → [Open any Appointment] → Log tab

Open

Tab will present rows displaying the Date/Time, the User who performed the action, and the Detail (Appointment Created or Appointment Modified).

For recurring appointments, log entries are scoped to the instance(s) affected — editing "This Appointment" only adds an entry to that instance, while "This and Following" or "All Appointments" adds entries to all affected instances.

Open

Notable behavior:

• Historical appointments that predate this release will show their creation event.

• The system captures field-level change data in the background to support more granular log display in a future release. The current UI shows event-level entries only.

CRM

Extend Reminder Functionality to CRM Opportunities

What's New

Reminders created from Waves sent within a CRM Opportunity now include a direct link to the originating form. When the reminder triggers, clicking the link opens a modal displaying the exact form instance from which the Wave was sent — without navigating the user away from their current page. This brings CRM Opportunity reminders in line with existing EMR reminder behavior.

Why This Matters

Previously, users receiving a reminder from a CRM Opportunity had to manually search for the correct patient record and form, increasing the risk of delays and errors. With this enhancement, one click takes the user directly to the right form in context, reducing time spent navigating and improving accuracy for time-sensitive tasks like pre-assessments and intake reviews.

Who It's For

• CRM Users: Admissions, Pre-assessment, and Intake Teams who send Waves from Opportunities

• Clinical and administrative staff who act on reminders from the dashboard

How it works

Navigate through CRM → Opportunity → and select any form. Utilize the wave feature to create a wave and request a specific date and time to trigger reminder workflow

Open

Open

When the reminder is triggered a link will be presented

Open

And can be used to navigate to the clients form

Open

Access Control Note: If the receiving user does not have access to the patient's service facility, existing access controls apply the link will not navigate the user.

Backward Compatibility: Reminders created prior to this release are not affected.

Marketing List - Bulk Update Contact Owner Fields for Referral Sources

What's New

Marketing List bulk update now includes two new fields — Primary Referral Source Contact Owner and Secondary Referral Source Contact Owner — when the list is based on RS Contacts or Referral Sources. Owner dropdowns are filtered to active users with CRM module access only. Each contact updated by a bulk update action generates an audit log entry. The field order in the bulk update modal has also been updated to group Status/Type fields together followed by account-level owner fields, then contact-level owner fields.

Why This Matters

Teams managing referral source outreach can now reassign contact ownership across an entire found set in a single action instead of opening and editing each contact record individually. This reduces the time and error risk associated with staff turnover, territory realignments, and campaign launches — and keeps contact-level ownership accurate for task routing and reporting.

Who It's For

• Marketing coordinators managing referral source outreach and ownership

• Intake and admissions operations users reassigning contacts after staff changes

• CRM managers and supervisors validating ownership alignment and reporting accuracy

How it works Navigate: CRM → Marketing Lists

Steps:

1. Open or build a Marketing List with List base on set to RS Contacts or Referral Sources.

2. Apply filters to define the found set of contacts you want to reassign.

3. Open the Bulk Update modal.

4. Select a value for Primary Referral Source Contact Owner, Secondary Referral Source Contact Owner, or both. You may update one field without affecting the other.

5. Click Send to apply the update to all contacts in the current found set.

6. Verify changes on individual contact records; an audit log entry is created per updated contact.

Open

EMR

Caseload Tracker & Compliance Report – Multi Active Program Support

What's New

When the Split Program/LOC flag is enabled, the Caseload Tracker and Caseload Compliance Report now display a patient under every Healthcare Team member assigned across all of the patient's active programs. Previously, shared-care assignments across multiple programs could result in a patient appearing under only one team member, leaving others without visibility into their responsibilities.

Why This Matters

Patients enrolled in multiple programs simultaneously may have different staff assigned to each. When those assignments weren't fully reflected in the Tracker and Compliance Report, team members missed follow-ups and compliance tasks went untracked. This update ensures every staff member responsible for a patient can see that patient in their caseload view, supporting complete accountability across shared-care arrangements.

Who It's For

• Clinical staff and care coordinators managing patients across multiple programs

• Compliance auditors reviewing staff-level caseload and task completion

• Supervisors overseeing shared-care team assignments

How it works

Navigate: Caseload → Caseload Tracker or Caseload → Compliance Report to view your caseload.

Patients with multiple active programs will now appear under each Healthcare Team member assigned to any of those programs.

Open

Open

When a program ends, the patient is removed from the team member groupings contributed by that program only. The patient remains visible under team members tied to any still-active programs.

Medication Report – Until Discharge & Discharge Date Support

What's New

The medication report now fully supports "Until Discharge" as a duration value. Orders configured with Duration = "Until Discharge" display correctly in the report, and the value is available as a filter and sort option. A new data point has also been added to the report: a Planned Transfer/Discharge Date bubble showing each patient's projected discharge date.

Why This Matters

Clients use projected and actual discharge dates to plan medication schedules and transitions of care. Previously, "Until Discharge" orders appeared inconsistently in reports, requiring manual date calculations and workarounds to interpret medication histories accurately. These additions bring reporting in line with real discharge-based workflows and improve planning accuracy for clinical and administrative teams.

Who It's For

• Clinical staff reviewing patient medication histories

• Administrative and care coordination teams performing discharge planning

• Reporting and compliance users who export medication data

How it works

Navigate: Reports → Medication Report and run the medication report as usual.

Orders with Duration = "Until Discharge" now display that value in the Duration bubble — no manual interpretation needed.

Open

Use the Duration filter to select "Until Discharge" and return only matching orders. Sort by Duration to group these orders consistently alongside other duration values.

Review the new Planned Transfer/Discharge Date bubble for each patient row. If no date is set, the field displays blank or N/A and does not affect report usability.

Open

Export to CSV or XLS — all new fields, including Duration = "Until Discharge" and Planned Transfer/Discharge Date, are included in the export and reflect the active filter set.

RCM

Member ID Added to Export Billable Report

What's New The Export Billable Report from the Census now includes a Member ID column. This field reflects the Member ID submitted to insurance and has been added as the last column in the export to avoid disrupting existing workflows.

Why This Matters Billing teams no longer need to cross-reference a separate source to confirm the Member ID being sent to the payer. Placing the column last ensures no existing integrations, automations, or downstream processes that rely on column position are affected.

Who It's For Billing staff, Revenue Cycle teams, Utilization Review coordinators.

How It Works Navigate: Census > Export Billable Report

1. Open the Census and apply any desired filters.

2. Select Export Billable Report.

3. Open the exported file.

4. Locate the Member ID column in the last column of the report.

Authorization Visit Usage Now Visible in the Auth Table

What's New The Insurance Authorizations table now displays how many visits have been used out of the total authorized amount, shown as a ratio (e.g., 5/6). This count reflects both billed and unbilled services tied to the authorization on the census. Clicking the used count opens a popup listing the specific services driving that number. A purple "?" tooltip appears next to the Visits column header to explain how the count is calculated, and a system warning triggers automatically when overlapping authorization dates are detected.

Why This Matters Previously, there was no way to see how many visits remained on an authorization without manually cross-referencing multiple areas of the system. This update gives billing, clinical, and utilization review staff a single, real-time view of authorization consumption reducing the risk of over-billing, missed auth limits, and claim denials caused by undetected overlaps.

Who It's For Billing staff, Utilization Review coordinators, Clinical Directors, Insurance/Auth teams.

How It Works Navigate: Client Chart> Insurance Authorizations

1. Open the Insurance Authorizations table for a client.

2. Open

   

    

3. Locate the Visits column — it displays current usage as a ratio (e.g., 5/6) where the first number is services used and the second is the total authorized.

4. Hover over the purple "?" icon next to the Visits column header to view the tooltip: "Count includes billed and unbilled services selected in the census."

5. Click the blue hyperlinked number in the Visits column to open a popup displaying the individual services tied to that authorization as they appear on the billable census.

6. Open

   

    

7. If no visit count has been entered on the authorization, the field displays blank which results in no change from prior behavior.

8. If two authorizations are entered with overlapping dates, a system warning will display.

Open

Patient Ledger – Patient Payment Date Displays for Claim-Associated Payments

What's New The Patient Ledger now displays the original payment date from Manage EOBs in the Date of Service column for payment rows associated with a claim. Previously, when a prepayment was made and later associated to a claim, the ledger only reflected the adjustment association date not the date the client actually paid. The payment date now populates in the same Date of Service column, correctly reflecting when the payment was originally made regardless of when it was associated to the claim.

Why This Matters When prepayments were recorded and later matched to a claim, the ledger previously showed only the adjustment date, making it impossible to identify when the patient actually paid. This caused reconciliation errors and confusion for clients and insurance payers reviewing exported ledgers. Displaying the original payment date in the Date of Service column gives billing staff, clients, and payers an accurate and complete payment history without ambiguity.

Who It's For

• Billing staff performing payment reconciliation

• Patients and clients receiving ledger PDFs

• Insurance payers receiving ledger documentation

How It Works Navigate:Patient Chart> Patient Ledger

Steps:

1. Navigate to the Patient Ledger for a patient who has an patient payment associated to a claim.

2. Locate a patient payment row where the payment was recorded as a prepayment prior or after the claim existing.

3. The Date of Service column displays the original payment date from Manage EOBs.

4. Export the ledger to PDF and confirm the Date of Service column displays the original payment date on all payment rows in the exported output.

Bulk Print Claims from the Claim Submission Screen

What's New Users can now generate and print bulk claims directly from the Claim Submission screen. Two new buttons — Print Claims (PDF Template) and Print to Submit Claims — have been added to the screen, matching the print options already available on individual claims. Once a print action is initiated, the system generates a batch file and links the user to Generated Files to retrieve and print their claims. After printing, a submit action is available directly within Generated Files to update all included claims to Submitted status. Batches are capped at 100 claims per file to protect system performance.

Open

Why This Matters Previously, users had no way to batch print claims from the Claim Submission screen, requiring manual processing of individual claims. This update streamlines paper claim workflows, reduces manual steps, and ensures claim statuses are updated to Submitted accurately and only after the user confirms the print action — preventing premature or missed status changes.

Who It's For Billing staff, Revenue Cycle teams, Claim submission coordinators.

How It Works Navigate: Claim Submission Screen

1. On the Claim Submission screen, locate the Print Claims (PDF Template) or Print to Submit Claims button — displayed consistent with the individual claim print UI.

2. Select the desired print option. The system processes the request and generates a batch file.

3. A popup appears linking the user to Generated Files where the batch can be retrieved and printed.

4. In Generated Files, locate the generated file. A submit arrow ("→") button appears next to the file labeled Claims for Paper Submission.

5. Click "→" and confirm the popup prompt by selecting Yes.

6. All claims included in the batch are updated to Submitted status.

Flags/Config: Batches are limited to 100 claims per generated file to prevent PDF server overload. Claims must be in Ready for Print status to be included in a batch.

Exports/Print/API Notes: Two batch types are supported — PDF Template batch and Claim Form batch — depending on the print option selected. Status updates to Submitted are triggered by the user confirmation step in Generated Files, not automatically upon file generation.

MARA Role Can Now Be Assigned Directly Within Role Permissions

What's New A MARA Role dropdown has been added to the Role Permissions screen, displayed on the same line as the Access MARA toggle. Administrators can now select a specific MARA Role such as Therapist, Physician, or another applicable role when assigning permissions to a user, without navigating to a separate screen. If the maximum number of MARA users allowed under the organization's license has been reached, the role template will not be applied and an error will display.

Why This Matters Previously, assigning a MARA Role required a separate step outside of the role permissions workflow, creating extra friction and increasing the risk of incomplete user setup. Placing the dropdown inline with the Access MARA toggle keeps the configuration in one place and ensures MARA Role assignment is part of the standard role template flow. The license quota validation prevents over-provisioning before it occurs.

Who It's For Practice Administrators, System Administrators, IT teams managing user setup.

How It Works Navigate: Practice Setup > Role Permissions

1. Open or create a Role Permission template.

2. Locate the Access MARA toggle.

3. On the same line, select the appropriate role from the new MARA Role dropdown (e.g., Therapist, Physician, or other available roles).

4. Save the role template.

5. When the template is applied to a user or permissions are copied from another user, the system validates whether the organization's MARA user quota has been reached before applying the role.

6. If the quota has been reached, the role template will not be assigned and an error will display. The template can be applied once the quota is increased.

7. Open

   

    

New Permission Fields Added to the Users Report

What's New The Users Report in Practice Setup now includes all previously missing user permission fields. Over 40 new permission columns have been added to both the on-screen report view and all export formats. Each field displays True when the permission is enabled on the user's profile and False when it is not. Fields that are not true/false such as Mara Role, Departments, Insights Admin, Qs, and text fields like Phone Number display their actual configured value rather than a True/False indicator.

Why This Matters Administrators previously had no way to see a full picture of user permissions in a single report. This update gives Practice Administrators a complete, exportable snapshot of every user's permission configuration, accurately reflecting what is saved in each user's profile.

Who It's For Practice Administrators, Compliance teams, IT/System Administrators.

How It Works Navigate: Practice Setup > Users Report

1. Open the Users Report from Practice Setup.

2. The report now displays all permissions available to add to your configurable report. Fields are displayed in new columns alongside existing fields.

3. True permission values indicates the permission is enabled; False indicates it is not enabled on the user's profile.

4. For fields with multi-value or text configurations, the report displays the actual saved value rather than True/False.

5. Export the report via CSV or Excel to retrieve the full permission dataset for all users.

Historical Year Filter Added to Un-Utilized Authorizations Report

What's New A Year dropdown has been added to the Un-Utilized Authorizations Report, positioned between the Report On and Unutilized Days filter fields. Users can now select a specific year dating back to 2023 to view un-utilized authorizations for historical periods. The current year remains the default, preserving existing forward-looking report behavior.

Why This Matters Previously, the Un-Utilized Authorizations Report only supported forward-looking queries, leaving teams without a way to analyze unused authorizations from prior periods. This update enables billing, utilization review, and leadership teams to identify historical patterns in unused authorizations, support audits, and make more informed decisions about authorization management going forward.

Who It's For Billing staff, Utilization Review coordinators, Revenue Cycle teams, Practice Administrators.

How It Works Navigate: Billing > Un-Utilized Authorizations Report

1. Open the Un-Utilized Authorizations Report.

2. Locate the new Year dropdown positioned between the Report On and Unutilized Days filter fields.

3. Select the desired year from the dropdown. Available years range from 2023 through the current year.

4. Apply any additional filters (Report On, Unutilized Days) as needed.

5. Run the report — results will reflect un-utilized authorizations for the selected year only.

6. Export results if needed; the selected year is reflected in the export output.

7. Open

   

    

UB-04 – Option to Suppress Diagnosis from Boxes 69 and 70

What's New A third option has been added to the diagnosis display dropdown on the UB-04 in Manage Services. Previously, users could only choose to display the diagnosis in Box 69 (No) or Box 70 (Yes). Users can now select Do Not Display in 69 and 70 to suppress the diagnosis from both boxes entirely on the generated UB-04 form. This option is only applicable when an Admission Date is not included on the claim.

Why This Matters Certain payers, reject outpatient UB-04 claims when a diagnosis appears in Box 69 or Box 70. This update gives billing staff a direct way to suppress the diagnosis from both boxes to meet payer-specific formatting requirements and reduce claim rejections.

Open

Who It's For

• Billing staff submitting outpatient UB-04 claims

• Billing administrators managing payer-specific claim configurations

How It Works Navigate: Master Data>Manage Services

Steps:

1. Navigate to Master Data>Manage Services and open a service that uses the UB-04 configuration.

2. Locate the move diagnosis code display dropdown.

3. Open

   

    

4. Select Do Not Display in 69 and 70 from the dropdown to suppress the diagnosis from both boxes.

Flags/Config: The Do Not Display in 69 and 70 option is only applicable when an Admission Date is not included on the claim. Existing dropdown behavior is unchanged — No continues to place the diagnosis in Box 69 and Yes continues to place it in Box 70.

Patient Engagement Forms Audit Report

What's New A new Patient Engagement Forms Audit Report is now available, giving staff a centralized view of all forms sent through Patient Engagement; including form status, key dates, and the staff members who sent, accepted, or canceled each form. The report is dynamic, supports up to a 3-month date range per query, and can be exported to CSV. This replaces the need to review individual patient charts to track form history or locate canceled forms.

Why This Matters Previously, once a Patient Engagement form was accepted there was no centralized way to track its history, and canceled forms could only be found by opening each patient chart individually. This report gives billing, admissions, and clinical teams full visibility into form activity across the organization including which staff sent or acted on forms and when supporting accountability, follow-up workflows, and audit readiness.

Who It's For Admissions staff, Clinical coordinators, Billing teams, Practice Administrators, Compliance teams.

How It Works Navigate: Patient Engagement> Forms Audit Report

1. Select a Sent On Date range to search — results are limited to a maximum of 3 months per query.

2. Both Opportunities and Patients are included in the report.

3. Run the report. Results are displayed in a table with one row per form send event, including a new row for each instance the same form was sent to the same recipient.

4. Open

   

User Transaction Report – Restricted View for Own Transactions

What's New Users who have a payment percentage configured in their User Profile now see only their own transactions when accessing the User Transaction Report. The report automatically filters to the logged-in user, the filter is locked so other users cannot be selected or searched.

Why This Matters This change protects sensitive compensation and transaction data by ensuring users can only view what belongs to them. It removes the risk of users inadvertently or intentionally accessing another user's payment transaction history while still giving each user full visibility into their own records and configured payment percentages.

Who It's For

• Any user with a payment percentage configured in their User Profile

• Billing staff with limited report access

• Providers and clinicians with personal payment percentage setups

How It Works Navigate: Reports → User Transaction Report

Steps:

1. Log in as a user with a payment percentage configured in your User Profile.

2. Navigate to Reports → User Transaction Report.

3. The report opens with the user filter automatically pre-selected and locked to your user account.

4. Review your transactions - only records associated with your user are displayed and transaction amounts reflect your configured percentage.