Payers face new rules around interoperability, prior authorizations

CMS is continuing to take on the challenge of interoperability across the payer-provider ecosystem with a new set of proposed rules aimed at digitizing and streamlining the prior authorization (PA) process.

The new Advancing Interoperability and Improving Prior Authorization Processes proposed rule builds on the framework introduced in 2020 but also incorporates public feedback from the intervening two years.

The draft rule contains five main provisions that would apply to Medicare Advantage (MA) organizations, state Medicaid and CHIP Fee-for-Service (FFS) programs, Medicaid managed care plans and CHIP managed care entities, and Qualified Health Plan (QHP) issuers on the Federally Facilitated Exchanges (FFEs).

Providers are also part of the plan, as the rule suggests a new electronic prior authorization measure for eligible hospitals and critical access hospitals (CAHs) participating in Merit-based Incentive Payment Systems (MIPS).

The overarching goal is to continue to improve data exchange while reducing the enormous clinical and financial burdens of prior authorization, including care delays, treatment abandonment, and provider workflow bottlenecks.

A central role for application programming interfaces (APIs)

As with many other recent interoperability initiatives from CMS and the ONC, APIs feature heavily in the framework. All of the proposals directly address the ideal use of APIs and HL7 FHIR to seamlessly exchange information.

In 2020, CMS finalized regulations around using APIs for patient data access—a provision that is coming into effect at the end of 2022 for providers but has been delayed for payers due to operational challenges tied to the COVID-19 pandemic. During the grace period, CMS is hoping to get payers to add information about patient prior authorization decisions to the data pipeline. This would help beneficiaries better understand the PA decision-making processes and how it affects their personal healthcare.

Under the new regulations, APIs would also be critical for enhancing payer-provider relationships. CMS would like payers to establish provider API access to share patient data with established care teams. Payers would need to transmit certain claims and encounter data, prior authorization requests, and data elements identified in the USCDI v.1 data set.

In addition, CMS is proposing that payers collaborate more closely when beneficiaries switch plans or have concurrent coverage. The rule would require that payers exchange key data when a beneficiary moves between coverage options, including USCDI v.1 data, claims and encounter information, and prior authorization requests and decisions. Beneficiaries would have the option to opt-in to this service.

For individuals with simultaneous coverage from two payers, the relevant payers would be required to make enrollee data available to their partner at least quarterly.

Stepping back on the required use of specific IG standards

 Despite the strong push for interoperability via shared data standards, CMS is shying away from requiring the use of specific implementation guides (IGs). The move is a step back from the 2020 proposals, which did name certain IGs that all impacted entities would have to use.

CMS now believes that it is not ready to require unity around standards to that degree, due to the variable development cycles for these guides as well as the changing role of regulators in overseeing interoperability and data exchange.

The agency still “strongly recommends” payers use relevant IGs for the various interoperability provisions but is not prepared to announce a mandate.

However, this cautious stance could make it more difficult for payers to stay aligned with their data exchange efforts, especially for those that are not actively participating in the interoperability and standards communities and may not have intimate access to the latest thinking on data exchange.

 Addressing the pervasive prior authorization problem

 Improving the prior authorization process is partly a technical challenge, but it is also an administrative issue.

On the interoperability side, CMS is looking to require the implementation of a Prior Authorization Requirements, Documentation and Decision (PARDD) API to automate foundational aspects of the PA process, including determining the need for a PA, identifying the information and documentation requirements, and facilitating data exchange between EHRs and/or practice management systems.

To reduce administrative burdens and speed up decision-making, payers would be required to send PA decisions within a 72-hour time frame for urgent requests and seven calendar days for routine requests. Payers would need to include specific and detailed justifications for any denials and would also be held to publicly reported metrics posted directly on the payer’s website on an annual basis.

MIPS-eligible clinicians and hospitals would be held to a similar measure gauging whether or not they used PARDD API technology to request prior authorizations.

Taken all together, the proposed guidelines have potential to guide the payer community in the right direction. CMS is actively seeking comment on its suggestions, and urges interested parties to contribute their thoughts during the comment period.

Jennifer Bresnick is a journalist and freelance content creator with a decade of experience in the health IT industry. Her work has focused on leveraging innovative technology tools to create value, improve health equity, and achieve the promises of the learning health system.