Applied Policy ®

Menu

CMS Holds Webinar on Advancing Interoperability and Improving Prior Authorization Processes Proposed Rule 02.18.2023

On February 8, 2023, the Centers for Medicare & Medicaid Services (CMS) held a webinar on a recently proposed rule on advancing interoperability and improving prior authorization. The proposed rule, Advancing Interoperability and Improving Prior Authorization Processes for Medicare Advantage Organizations, was released on December 6, 2022 with a fact sheet and press release. The rule also proposed changes for Medicaid Managed Care Plans, State Medicaid Agencies, Children’s Health Insurance Program (CHIP) Agencies and CHIP Managed Care Entities, Issuers of Qualified Health Plans on the Federally-Facilitated Exchanges, Merit-Based Incentive Payment System (MIPS) Eligible Clinicians, and Eligible Hospitals and Critical Access Hospitals in the Medicare Promoting Interoperability Program. The rule was published in the Federal Register on December 13, 2022 and comments are due on March 13, 2023. The slides from the webinar can be found here.

Dr. Mary Greene (Director, CMS Office of Burden Reduction & Health Informatics) and Alexandra Mugge (Director and Deputy Chief Health Informatics Officer, CMS Health Informatics and Interoperability Group) led the webinar. Additional CMS representatives on the webinar included Lorraine Doo (Senior Health Policy Advisor), Shanna Hartman (Technical Expert), and Scott Weinberg (Advisor) of the CMS Health Informatics and Interoperability Group.

Dr. Greene began the webinar providing background on prior authorization. She described prior authorization as a utilization management tool to control costs and ensure claims are paid accurately. Plans verify through prior authorization that an item or service is medically necessary and meets coverage criteria and is consistent with standards to provide care. However, when the prior authorization process becomes burdensome it is a problem for everyone in the process and leads to burnout among clinicians. The current prior authorization process is outdated and complex, and the process is not the same across all payers causing more burden for providers. CMS is focused on the impact this process has on patients, causing them to abandon or delay treatment when prior authorization delays care. The goal of this rule is to ensure an efficient and transparent prior authorization process that is informed by interviews with stakeholders and comments on previous rules on the topic.

Background on the Proposed Rule

Next, Ms. Mugge described that CMS has been on a journey to interoperability and this rule is simply a step on that journey that will continue. CMS is focused on privacy and security, with the goal to streamline data exchange in healthcare to better serve patients. CMS will continue to evolve these policies as technology changes over time. This rule builds on two previous rules on interoperability:

  • CMS-9115-F: CMS Interoperability and Patient Access Final Rule
  • CMS-9123-P: CMS December 2020 Interoperability Proposed Rule (Withdrawn)

The proposed rule focuses on improving prior authorization processes, reducing burden, and attempting to streamline burdensome processes to save time for clinicians so that they can spend more time with patients. The rule includes requirements for both providers (including eligible hospitals and critical access hospitals under the Medicare Promoting Interoperability Program and eligible clinicians under the Promoting Interoperability performance category of the Merit-based Incentive Payment System) and payers (including Medicare Advantage, State Medicaid and CHIP agencies, Medicaid and CHIP Managed Care Plans, and Qualified Health Plans (QHPs) on the Federally-facilitated Exchanges).

The implementation date of all proposed provisions included in the proposed rule, if finalized, would be January 1, 2026. The proposed rule applies to medical items and services only and does not apply to drug prior authorizations. While there are costs associated with the proposed rule, CMS estimates over 15 billion in savings over a 10- year period based on a reduction in time spent on prior authorizations.

Ms. Mugge explained that the five requests for information (RFIs) in the rule may not seem directly related to prior authorization and interoperability, but all concern the use of technology and standards to drive better healthcare.

Next, Ms. Mugge reviewed the main provisions of the proposed rule:

Patient Access Application Programming Interface (API)

  • The goal of these proposals is to expand the already existing Patient Access API to require payers to include information about prior authorization requests and decisions through the FHIR (Fast Healthcare Interoperability Resources) API to give patients line of sight into the prior authorization process.
  • Information provided would include claims and encounter data, all data classes and elements in United State Core Data for Interoperability (USCDI), and information about prior authorization to provide a full picture of patient care and data that the payer has through the API.
  • Payers would also be required to report metrics about patient use of patient access API to CMS on annual basis (this data would not be publicly reported).

Provider Access API

  • This proposal would require impacted payers to build and maintain a FHIR API to facilitate the exchange of data between providers and payers.
  • This would also allow providers to request data on the patient from the payer to get a better view of the patient’s full healthcare record.
  • The Provider Access API would include the same data available to patient, including claims and encounter data, all data classes and elements in the USCDI, and information about patient prior authorization. This would allow patients and providers to look at the same set of data in order to engage in meaningful conversation based on the same understanding of the patient’s healthcare status.

Payer to Payer API

  • CMS previously finalized a payer-to-payer policy data exchange which was implemented Jan 1, 2022. CMS received feedback from impacted payers that the policy wasn’t achieving the desired outcome because it didn’t specify the mechanism for the data exchange. The lack of technical specificity led to differences in implementation, operational challenges, and increased administrative burden.
  • This proposed rule would rescind the previous payer to payer policy and replace it with proposed requirements for a FHIR API for the exchange of patient information between payers.
  • This information would include claims and encounter data, all data classes and elements in the USCDI, and information about patient prior authorization.
  • This would allow patients to bring data with them when changing payers and allow payers to get a better view of incoming patients and cater to the patient experience. For example, if an incoming patient has diabetes that can be seen in the patient record, the payer may choose to reach out proactively and offer the diabetes programs available to the patient under the plan. The proposals would also allow for prior authorization data to be shared, which could ease the transition for the patient.

Improving Prior Authorization

  • CMS proposes requiring impacted payers to implement an AP to support a two- way data exchange to facilitate electronic prior authorization.
  • The FHIR PARDD (Prior Authorization Requirements, Documentation, and Decision) API would include the payer’s list of covered items and services for which prior authorization is required and documentation requirements. The API would also be used to communicate prior authorization decisions.
  • These transactions would be required to follow HIPAA (Health Insurance Portability and Accountability Act) standards.
  • The goal of this proposal is to streamline several parts of the prior authorization process and take the burden off of providers.
  • The proposal would not automate the prior authorization decision process itself. Payers will still need to take time to make the decision, which requires manual review and effort. However, the proposal streamlines the process to submit prior authorization requests.
  • Other significant proposals include:

o Payers  must include reason for denial of prior authorization request to ensure providers and patients understand why the request was denied (no matter how the prior authorization was submitted).

o Proposal to standardize prior authorization decision timeframes to 7 days for non-urgent decisions and 72 hours for expedited decisions.

o Require payers to report prior authorization metrics on their websites, including how many prior authorization requests were approved, denied, and approved upon appeal for greater transparency.

Electronic Prior Authorization Measure – Requirement for Providers

  • To ensure adequate adoption and use of these new APIs, CMS needs providers to utilize them. As a result, CMS proposes a new measure, the Electronic Prior Authorization measure, to the Medicare Promoting Interoperability and Quality Payment Program Merit-based Incentive Payment System (QPP MIPS) to incentivize clinician and hospital use of the PARDD API starting Calendar Year 2026.
  • Eligible clinicians, hospitals, and critical access hospitals would be required to report on the number of prior authorizations requested using data from certified electronic health record (EHR) technology.

Interoperability Standards for APIs

  • CMS proposes specific technical standards with which each API would be required to comply. The proposal allows flexibility for payers wanting to use updated standards and recommends the use of certain implementation guides to support API development.

Questions & Answers

CMS representatives then answered questions from stakeholders on the webinar.

  • Does this rule apply to drugs? No, the proposals do not apply to drug prior authorizations because drugs already have their own standards and set of requirements. We also did not state in the rule that the proposals would or wouldn’t apply to drugs covered under the medical benefit, so payers are welcome to include those in the APIs but it is not required.
  • Are there exceptions available for state Medicaid programs? Yes, certain states can request an exception to API requirements based on their percentage of Medicaid members. This exception only lasts for a period of time and does not mean they will be excluded from the requirements forever. The exception acknowledges that states are currently dealing with the unwinding of the Medicaid continuous enrollment requirement under the public health emergency and allows the states time to determine what data and resources they need to meet the requirements.
  • My understanding is that prior authorization denials require a denial reason and rationale today. How is new regulation different? If making denial reasons mandatory, is CMS going to come up with specific denial reason codes? We have heard from providers that they often do not receive denial reasons, so we are reiterating this requirement in the proposed rule. There are certain codes for electronic transactions already established, but we have heard from providers that they appreciate more detail for denial reasons than just a code.
  • Many payers have prior authorization decision metrics, do plans have to explain the algorithm for approval/denial? Will there be more detail on which metrics will be required? CMS would like to hear more from stakeholders on this issue through the public comment process on the rule.
  • CMS staff stated they are also looking for comments on the recommended implementation guides for the APIs.
  • Can you compare/contrast this rule to the Dec 22 rule related to electronic attachments and e-signatures? All of this work comes out of office of Dr. Mary Greene and there are teams working on electronic standards for healthcare from every direction. The proposed rule we are discussing today is on FHIR based API for prior authorization and other FHIR based API to support the move to electronic prior authorizations. The rule “Adoption of Standards for Health Care Attachments Transactions and Electronic Signatures, and Modification to Referral Certification and Authorization Transaction Standard (CMS-0053-P)” focus on HIPAA requirements attachments, and is specific about standards that support electronic transactions. This proposed rule is broader and focused on APIs to support prior authorization overall and how standards would work within APIs, however these transactions will also need to be HIPAA compliant.

CMS noted that the Office of the National Coordinator for Health Information Technology (ONC) issued an RFI on the concept of adding prior authorization certification to its certification program. They are still processing the feedback received on that RFI, and the CMS Health Informatics and Interoperability Group is coordinating with them.

This Applied Policy® Summary was prepared by April Gutmann with support from the Applied Policy team of health policy experts. If you have any questions or need more information, please contact them at agutmann@appliedpolicy.com or at 202-558-5272.