January 18, 2023
On December 6, 2022, CMS proposed a new rule on healthcare interoperability titled “Advancing Interoperability and Improving Prior Authorization” (CMS-0057-P). The proposed rule was formally announced in the Federal Register on December 13, 2022, kicking off a 90-day public comment period that ends March 13, 2023. Following the comment period, CMS will review submitted comments with the aim of publishing a final rule, which may be available as early as mid-2023.
The proposed rule has a few provisions that would go into effect when the final rule is published, although most provisions are planned to go into effect at the beginning of 2026. CMS proposed effective dates three years into the future based on experience CMS and covered entities had to comply with previous interoperability rules. This window of time considers the time covered entities needed to recruit and train staff and to update or build APIs and operational procedures. Payers and providers will need to act soon and collaborate now through mid-2025 to meet the effective date.
The “Advancing Interoperability and Improving Prior Authorizations” proposed rule enhances provisions of the Interoperability and Patient Access Final Rule of 2020 (CMS-9115-F) and formally withdraws the December 2020 CMS Interoperability proposed rule (CMS-9123-P). Although there are some differences, much of the direction of the December 2020 proposed rule is included in the new proposed rule, particularly the sharing of prior authorization decisions/status with patients. The new proposed rule applies prior authorization requirements for items and services and excludes prescription drugs. It also includes five main proposals, five requests for information (RFIs), and CMS’ current position of recommending rather than requiring interoperability standards for APIs. To help clarify the new proposed rule, CMS has provided a fact sheet in addition to the formal publication in the Federal Register.
To help patients better understand payer processes for prior authorizations and the impact they have on care, CMS proposes to require impacted payers to include information about their prior authorization decisions. The proposed rule requires payers to include information about prior authorization requests and decisions (and related administrative and clinical documentation) for items and services available to patients via the Patient Access API. Additionally, payers are required to do so no later than one business day after the payer receives the prior authorization request or after another type of status change/update for the prior authorization. The proposed rule provides some general examples for any meaningful change payers make to the prior authorization request or decision that requires an update to the patient, such as:
When a prior authorization is denied, a specific reason for the denial is to be included.
Much like the Patient Access API from the final rule of 2020, the Provider Access API requires payers to make claims and encounter data available to providers. The data to be made available through the Provider Access API is specified in the US Core Data for Interoperability (USCDI) version 1, although excluding cost information and including prior authorization requests and decisions. In-network providers who have a treatment relationship with the patient would have access to data via the Provider Access API. Requirements for the Provider Access API also require payers to provide a mechanism for patients to opt out of making their data available to providers through this API.
With payer-to-payer data exchange, CMS aims to create a longitudinal health record for a patient that is maintained by the patient’s current payer. The new proposed rule requires payers to make standard HL7 FHIR APIs available for payer-to-payer data exchange, including claims and encounter data (while excluding cost information) as specified in USCDI version 1, and including prior authorization requests and decisions in these exchanges. Payers would further be required to make data received via payer-to-payer data exchange available to patients in the Patient Access API. The new proposed rule also requires payer-to-payer data exchange if the patient opts into data sharing. Additionally, for enrollees holding concurrent coverage with two or more payers, payers would be required to make the same data available to other concurrent payers on at least a quarterly interval. The provisions in the new proposed rule rescind payer-to-payer data exchange requirements and effective dates of the 2020 Final Rule.
The proposed rule calls for payers to make a single FHIR Prior Authorization Requirements, Documentation, and Decision API (PARDD API) available to providers, including:
This proposed FHIR PARDD API incorporates and does not modify the requirements of HIPAA standard prior authorization transactions (e.g., X12 278).
The proposed rule also calls for payers to specify a reason for a prior authorization request being denied. This requirement aims to improve communication between provider and payer to ensure the patient receives the right care, including — if necessary — a successful resubmission of the prior authorization request.
The proposed rule also requires impacted payers (excluding QHP issuers on the FFEs) to send prior authorization decisions within 72 hours for expedited requests and within seven days for standard requests. In proposing these time frames, CMS is seeking comment on reducing these, respectively, to 48 hours and five days.
The proposed rule also requires impacted payers to report metrics for prior authorizations on an annual basis on the payer’s website or another publicly accessible site.
The new proposed rule includes a new measure for electronic prior authorization for MIPS-eligible clinicians under the Promoting Interoperability performance category of MIPS and for eligible hospitals and CAHs under the Medicare Promoting Interoperability Program. To meet the measure, a prior authorization must be requested electronically from a payer’s PARDD FHIR API and use data from certified EHR technology (CEHRT). The measure would be reported by these providers as the number of prior authorization requests for medical items and services (excluding drugs) requested electronically from PARDD APIs using CEHRT.
The proposed rule specifically calls for the HL7 FHIR version 4.0.1, the US Core FHIR profile, and the Smart Application Launch Framework. The proposed rule calls for a single FHIR Prior Authorization Requirements, Documentation, and Decision API (PARDD API) without requiring specific FHIR implementation guides to meet this requirement. For the FHIR PARDD API, CMS recommends the use of the existing Coverage Requirements Discovery (CRD), Document Templates and Rules (DTR), and Prior Authorization Support (PAS) FHIR implementation guides from the HL7 Da Vinci Project. CMS is strongly recommending rather than requiring the use of specific FHIR implementation guides. Before requiring their use, CMS will monitor the progress made in refining, testing, and implementing FHIR PARDD APIs with these implementation guides.
The new proposed rule also makes changes to require what data are to be included in APIs by making specific reference to the ONC requirement of USCDI. As ONC is the custodian of USCDI, by referring to the ONC requirement of USCDI, CMS now aligns with ONC as future versions of USCDI are adopted and ensures the data payers are to include in required APIs follows future versions of USCDI.
In the Advancing Interoperability and Improving Prior Authorization proposed rule, CMS identified the following programs to comply:
The list of covered entities is greater than those originally in the Interoperability and Patient Access Final Rule of 2020 or the December 2020 CMS Interoperability proposed rule. MIPS-eligible clinicians and critical access hospitals were added in direct response to comments received on the December 2020 proposed rule.
Overall, the proposed timeframe to effective dates is intended to allow sufficient time for the impacted parties to plan and implement by the effective dates, taking into account states’ abilities to secure funding and qualified technical staff. While Medicare FFS is not included, CMS does seek comment on how the proposed provisions could apply to Medicare FFS. CMS also encourages other payers who are not directly impacted by this proposed rule to evaluate these proposals for voluntary adoption.
ZeOmega’s Jiva healthcare enterprise management platform provides a holistic, person-centric approach to health management and helps organizations meet evolving CMS requirements and succeed with value-based care. Contact ZeOmega to learn more.
Smart Authorization Gateway is the part of the HealthUnity portfolio that is available to help payers and providers meet interoperability compliance mandates – and beyond.