CMS Interoperability and Prior Authorization Final Rule: On January 17, 2024, the Centers for Medicare and Medicaid Services (CMS) published the CMS Interoperability and Prior Authorization final rule (CMS-0057-F). The final rule aims to reduce the burden on patients, providers, and payers by consolidating the authorization process and moving the industry electronically. Affected payers must implement the non-technical provisions by January. By January 1, 2026 Complete API development and extension requirements by January 1, 2027.
On March 26, 2024, CMS held an online consultation on the final rule. CMS Chief Information Officer and Director of the Healthcare Interoperability Group (HIIG) moderated the discussion and questions.
Affects everyone:
The CMS Interoperability and Prior Authorization Final Rule affect patients, providers, and payers.
Note: The final rule does not include a policy regarding prior authorization for drugs. “When I talk about the pre-licensing of this law, I am only talking about the pre-licensing of medical devices and services, not drugs,” the HIIG director said. “It is important to note that payers are not prohibited from pre-authorizing medications under this policy; they can do this voluntarily. However, according to this rule, this is not necessary. We are considering creating a separate rule for obtaining prior permission.
Provisions include:
- Patient Access API
- Provider API
- Payer API
- Pre-Authorization API
- Improvements to Prior Authorization Procedures
- New electronic pre-authorization strategies based on payment systems (MIPS) Development Phase
Participant’s payers include:
- Medical Associations (MA)
- State Institutes of Health and Child Health (CHIP)
- Medicaid health plans and CHIP-managed care facilities
- Qualified health care plan providers (QHP) have flexible exchanges ( FFEs)
Participating providers include:
- Qualified hospitals and participating hospitals (CAHs)
- MIPS-eligible physicians who will participate in the MIPS Performance Improvement Division
Programs excluded from the scope of the final rule include:
- Paid – service
- QHP providers offering standalone dental plans
- Easy Lifecycle Program for Small Businesses
- State Exchange
Patient Access API:
The Patient Access API allows patients to access their information. This API was previously created in 2021, but in this final rule, CMS expands the API to include authorized data. After the implementation on January 1, 2027, patients will first gain their rights.
They can check whether the initial license is pending, approved, or rejected. If approved, the patient will know acceptable height and limitations. If rejected, Patients will be able to find the reason for rejection.
Payers must also provide an API that uses statistics to aggregate and anonymized data in CMS so that the agency can determine how many patients can access their data through the API.
Provider API:
Provider API allows healthcare providers to share patient information with network providers and the patients with whom they have a therapeutic relationship. The API will be available on January 1, 2027. Must provide requirements and contact information for individuals (excluding fees submitted by information providers for cost-sharing), information categories and information elements, elements approved by ONC (USCDI), and information submitted before issuance of authorization, in a format that includes.
Payers need to develop systems of linkage between patients and providers to ensure that payers only send information about relevant patients to providers. Patients can opt out of such information sharing if they wish.
Payer-to-Payer API:
Beginning January 1, 2027, payers are required to implement and maintain a payer-to-payer API to provide certain information to other payers. This API provides existing and data-compatible information (excluding transfer and registration fee sharing data), data categories, and data elements in a Standard format approved by ONC (USCDI), and prior rights information (excluding drugs and disclaimers).
This is important to improve compliance for the patients who changed their health insurance or maintained the same insurance. “This way, patients can bring their history information to new payers so they don’t lose that information, and the payer understands the patient’s needs when they come in as new enrollees.” Director of HIIG.
This is a privacy policy. Affected payers should contact patients to pre-identify and collaborate with payers to identify APIs collect data and initiate data sharing. This should usually be done no later than one week after the start of deployment.
Depending on the patient’s preference, new payers should request information from previous payers no later than one week after coverage begins.Prepayers must provide information regarding dispositions and service dates within five years of the application date andMust provide this information within one day of receipt of the application. Patient information must then be entered into the new patient billing record.
If a patient has insurance coverage with two or more payers, the risk payer is required to share patient information within one week of the inception of coverage and at least quarterly thereafter.
Patient and Provider Educational Resources:
Educational materials must be provided by January 1, 2027.
API Providers: Payers should provide plain language materials to:
- Patients about the benefits of sharing API information with healthcare providers. ; and
- Providers regarding the process of requesting patient information and payment methods.
Payer-to-pay API: Payers must provide plain language information to patients about the benefits of the payer-to-pay API, their ability to enable or revoke prior authorization, and instructions on how to do so.
Pre-Authorization API:
Beginning January 1, 2027, taxpayers will be required to create and maintain a Pre-Authorization API, which initiates a three-part pre-authorization process:
- Determine whether an item or service requires prior authorization;
- Special damages shall be paid; and
- Exchange of preliminary claims for the granting of rights and consequences.
To use this API, healthcare providers first ask the payer whether the product or service the patient needs requires prior authorization. The payer answers yes or no. If prior authorization is required, the API supports provider access to certain medical billing information; so healthcare providers can understand what must be provided to request authorization. Once available, the provider can send a pre-approved request and receive a response from the payer via the API. “So this is true from start to finish,” said the HIIG director, “a complete transaction API that simplifies and transforms the original authorization process.”
Please note: Healthcare workers need to know the location (i.e. email address) of their last pay slip to be able to send authorization earlier. These addresses and personnel’s telephone numbers etc. There has been much speculation about its collection. Comments on this CMS Interoperability and Prior Authorization final rule noted that it is not appropriate to contact beneficiaries individually at their addresses. CMS is currently seeking a solution to support the national online database to facilitate data exchange.
Improvements to the Initial Authorization Process:
In addition to the technological advances introduced by this CMS Interoperability and Prior Authorization final rule, CMS believes that automation is not sufficient to update such a process. Starting from January. Additional procedures and cultural changes will also be implemented starting January 1, 2026.
The following non-technical requirements will apply to payers: Reduction in initial decision time: Some at-risk payers will be required to submit regular approvals within seven calendar days and expedited approvals within 72 hours. The period begins when the payer receives the issuer’s request. (Policy changes to standard approvals do not include QHPs for FFEs.)
Provide a specific reason for denying: This applies to all methods, not just APIs. Payers must provide certain information regarding pre-authorization denials, regardless of how the original request was made.
Licensing Criteria: Grantees must meet certain criteria each year for the initial licensing of public websites. This includes the percentage of applications previously approved, approved upon appeal, rejected and approved, and the average time from application to decision.
Electronic Preauthorization:
CMS finalized a new Electronic Preauthorization Strategy in 2027 under which providers will report their use of preauthorization APIs. Payers implement one side of the API, while providers implement the other side of the API. Both payers and providers are responsible for the use of the API.
Based on public feedback received by CMS, this measure was changed from number/count to yes/no. Providers will report yes if they are using the API, or can request to be blocked if they do not have permission; or say ‘no’ and get zero points. CMS will explore ways to reference/count voice recordings in the future.
Participating Programs:
- MIPS Improvement Category Performance (under HIE goal)
- Medicare Improvement Program Interoperability of Eligible Hospitals and CAHs (based on HIE goal)
Required standards for APIs:
Required for all Fee and Payment Systems supporting standards are available to provide APIs on both sides. This final rule ensures that health information is easily accessible using leveraging Health Level 7® (HL7®) Fast Healthcare Interoperability Resources (FHIR®). See the last command (link in Resources) for API interoperability standards and recommended implementation guides (IGs).
Discover How Allzone Can Transform Your Revenue Cycle Management
We are specializes in medical billing and coding services. The ad focuses on two key benefits:
- Streamline Your Billing: This implies that Allzone can help you make your billing process faster, easier, and less error-prone.
- Boost Your Revenue: This suggests that Allzone’s services can help you collect more money from insurance companies and patients.
If you’re a medical practice or revenue cycle management company that’s struggling with billing and collections, then Allzone could be a good solution to consider. your claims we can reduce costs by up to 50% and keep denials below 8%, which could significantly improve your bottom line.
Here are some additional questions you might want to consider:
- Does Allzone offer a free consultation or trial?
- What are their fees like?
- What kind of security measures do they have in place to protect patient data?
You can find more information: Medical billing company in USA