Prior Authorization Proposal Would Establish Electronic Processes, Improved Interoperability, Other Reforms

December 13, 2022

On December 6, 2022, the Centers for Medicare & Medicaid Services (CMS) released a proposed rule on prior authorization (PA), entitled “Interoperability and Prior Authorization for MA organizations, Medicaid and CHIP Managed Care and State Agencies, FFE QHP Issuers, MIPS Eligible Clinicians, Eligible Hospitals and CAHs.” The proposal would establish electronic processes, improved interoperability, and other reforms to a greater number of federally regulated health plans in the United States.

Plans affected by the proposal include those under:

  • MA organizations
  • State Medicaid fee-for-service (FFS) programs
  • State Children’s Health Insurance Program (CHIP) FFS programs
  • Medicaid managed care
  • CHIP managed care entities
  • Qualified Health Plan (QHP) issuers on Federally facilitated Exchanges (FFEs)

The proposal’s prior authorization requirements do not apply to any drugs. Different electronic standards and requirements already apply to prescription drugs and other pharmaceutical products.

Proposed Prior Authorization Reforms

The proposal would implement a number of reforms to prior authorization processes in the following areas:

  • Prior Authorization Requirements, Documentation, and Decision API (PARDD API): Under the proposed rule, payers would need to establish an application programming interface (API) that would:
    • Automate the process for providers to determine if PA is required for an item or service
    • Query the payer’s PA documentation requirements and make those requirements available within the provider’s workflow
    • Compile the necessary data elements to populate the PA transaction
    • Enable payers to provide the status of the PA request, including whether the request has been approved (and for how long) or denied (and the reason), or request more information
  • Denials: Payers would need to include specific reasons for denying a PA request, regardless of the method used to send the decision.
  • Prior Authorization Timeframes: With the exclusion of QHP issuers on the FFEs, plans would need to send PA decisions within 7 days for standard requests and 72 hours for expedited (i.e., urgent) requests. For MA plans this shortens the response time for standard requests from 14 to 7 days but maintains the existing timeframes for expedited requests.
  • Transparency: Plans would need to publicly report PA metrics (e.g., approvals, denials, appeals) on the payer’s website or otherwise on an annual basis.

Additional API Requirements 

The proposed rule outlines several different API requirements that plans would need to establish to exchange information between patients, providers, and payers, including:

  • Patient Access API: CMS has proposed requiring plans to implement and maintain a Patient Access API that would allow patients to access information about their PA requests and decisions. The intent is to allow patients to track this information, not just payers and providers.
  • Provider Access APISimilar to the Patient API, CMS proposed requiring payers implement and maintain an API that makes patient data available to in-network providers who have a treatment relationship with the patient. The Provider Access API would allow a provider to initiate a request, for example, when the provider needs access to a patient’s data prior to or during a patient visit. It would require payers to share information related to PA requests and decisions (including related administrative and clinical documentation) for items and services (excluding drugs). The payer would then be required to share the requested data no later than 1 business day after the provider initiates a request.
  • Payer-to-Payer API:  To facilitate patient information exchange when a patient changes health plans or has dual coverage, the proposed rule establishes a Payer-to-Payer API. Data would include claims and encounter data (excluding cost information), data elements in the United States Core Data for Interoperability (USCDI), and PA requests and decisions. To ensure confidentiality, the proposal will require exchange only if the patient opts-in to data sharing. If an enrollee has concurrent coverage with multiple payers, payers must make the enrollee data available at least quarterly.

Proposed Three-Year Implementation Timeline

Most of the implementation dates in the proposed rule would begin in 2026, including those for the application program interface (API) proposals, prior authorization decision timeframes, and certain data reporting proposals.

In addition, the proposed rule allows state Medicaid and CHIP FFS programs to seek an extension of proposed implementation deadlines, or an exemption from meeting certain proposed requirements. There is also an exception process for issuers of QHPs on the FFEs for the API requirements.

Measures for Providers

To encourage providers to adopt electronic PA processes, the proposal would also add a new measure for eligible hospitals and critical access hospitals (CAHs) under the Medicare Promoting Interoperability Program and the Merit-based Incentive Payment System (MIPS) in the Promoting Interoperability performance category. Participating providers would report the number of PAs (excluding drugs) that are requested electronically from a PARDD API using certified EHR technology under these newly proposed measures.

The proposal was released as Congress considers the Improving Seniors’ Timely Access to Care Act, which would require Medicare Advantage (MA) plans to establish electronic PA processes and report information on PA processes (e.g., approval, denial, and overturn rates), among other requirements.  

For more information, read the full text of the proposed rule, CMS’ news release, or the agency’s fact sheet.

Stay tuned to ASCO in Action updates as well as news, advocacy, and analysis on cancer policy.