Breaking down the CMS proposed prior authorization rules

Why FHIR, X12, and CDA standard expertise are required for compliance

In December 2022, CMS proposed new rules that would push the industry toward solutions that reduce the most burdensome process in healthcare today, prior authorization.

These rules are:

Advancing Interoperability and Improving Prior Authorization Processes (CMS-0057-P) – for the remainder of this blog, we will refer to this rule as “Interop 3.”, and
Administrative Simplification: Adoption of Standards for Health Care Attachments Transactions and Electronic Signatures, and Modification to Referral Certification and Authorization Standard (CMS-0053-P). While this title really just rolls off the tongue, we will refer to this rule as simply “Attachments” for the remainder of the blog.

Disclaimer: If you are not familiar with healthcare standards like HL7^® Fast Healthcare Interoperability Resources (FHIR^®), HL7^® Clinical Document Architecture (CDA^®), or X12^®, check out our recent guide to familiarize yourself with their history and utility in healthcare interoperability.

Interop 3 Rule

The “Interop 3” rule is CMS’ third attempt at fleshing out regulations mandating payer interoperability and fully electronic prior authorization. “Interop 3” builds on two previous interoperability rules – Interoperability and Patient Access Final Rule (published in May, 2020), and Interoperability and Prior Authorization Rule (proposed in December 2020, but never finalized). Early indications are that the third time might just be the charm as broad support for the rule has come from both payer and provider audiences.

The rule, if finalized, has a required implementation date of January 2026 for all payers that are regulated by CMS (Medicare Advantage organizations, state Medicaid and CHIP Fee-for-Service programs, Medicaid managed care plans and Children’s Health Insurance Program, managed care entities, and Qualified Health Plan issuers on the Federally Facilitated Exchanges (FFEs)).

At the heart of the rule is a requirement that impacted payers build FHIR supported Prior Authorization Requirements, Documentation and Decision (PARDD) API to guide providers in determining if payer prior authorization is required, understand what information and documents must be provided for authorization, and facilitate electronic authorization requests and decisions.

The rule also requires that prior authorization information be provided to patients, providers, and other payers (when patients move to a new health plan). We won’t cover the patient, provider or payer API aspects of the rule in detail in this blog, but in general, this push demonstrates a commitment to information sharing across the landscape and confidence in the FHIR standard as it is the mandated method of exchange across all required APIs.

On the note of FHIR, it is easy to gloss over the 400+ pages of this rule and assume the direction is FHIR all day, every day, but you would be missing an important nuance that has significant implementation implications. The rule does not propose to modify HIPAA rules in any way, and HIPAA rules require that the X12 standard, specifically the X12 278, be used for prior authorization transactions. This effectively means that the PARDD API must be capable of sending and receiving in both FHIR and X12. Below is a visualization of this process provided by Da Vinci on a recent community roundtable.

FHIR X12 CDA Prior authorization chart — *Electronic prior authorization processing will require both FHIR and X12 standards to be compliant with both the proposed Interop 3 rule and HIPAA.*

While there are some exceptions being granted to Da Vinci members, X12 is not going away with this rule as written. All payers should be ready to continue to work in X12 while also expanding their competencies in FHIR. But, X12 and FHIR are not all… This is a good segue to talk about the “Attachments” rule.

Attachments Rule

Health plans frequently require providers to submit additional medical documentation beyond just transactional data to support authorizations and claim payments. While attempts have been made over the years, there has never been a final rule to specify how documents sent electronically during the prior authorization process can be compliant with HIPAA. Today providers use manual processes including web portals (ugh), fax (bleh), or snail mail (gasp). The proposed “Attachments”rule aims to rectify this. The solution includes some modifications to X12 and the inclusion of wait for it, CDA.

FHIR X12 CDA Prior authorization graph — *Both X12 and CDA standards are proposed for the exchange of documents and digital signatures during the prior authorization process.*

So if you are keeping track, to process a prior authorization with documents and signatures, three standards are required – FHIR, X12, and CDA.

Overall these two rules are encouraging and will fill significant gaps that impede a fully electronic prior authorization process. When finalized and implemented the rules are likely to improve patient outcomes, while saving payers and providers millions each year. This being said, the number of data standards required for compliance may be daunting, even for the most technically sophisticated payer organizations. The rules will be amended and streamlined before they are finalized (comments are due March 31st), but forward-thinking payers should be looking for solutions for compliance now. If you are one of those forward thinkers, you are in the right place.

Redox has been working with payers, providers, and vendors to implement fully electronic prior authorization, following the guidance provided in Da Vinci Prior Authorization Support (PAS), Coverage Requirements Discovery (CRD), and Documentation Templates/Rules (DTR) implementation guides for a number of years. Our experience with these guides, along with our deep standards expertise have helped to build and refine a platform that facilitates scalable compliance with the proposed rules, regardless of your prior authorization solution and/or in-house standards experience. Redox abstracts the complexity of working across multiple standards so your team can power the full workflow in FHIR. Further, our robust EHR integration experience will ensure your network providers can adopt the solution within their EHR-native workflows – dramatically speeding time to cost savings and improved patient experiences.

Check out our Prior Authorization Case Study to learn more about our work and capabilities.

If you’d like to learn more about our solutions. Let’s chat.

Healthcare security

Taking stock of healthcare security: A look at Redox’s zero trust maturity

More healthcare organizations are putting zero trust initiatives in place, but where do they fall on the maturity spectrum? We explain CISA’s model and share where Redox is on its zero journey, which started back in 2019.

By Bill Easton – March 20, 2024

Changelog

See into your Redox integrations with Translation Sets

What’s Translations? With Translations, analysts gain more control and flexibility in managing codes and values within any field of their integration. Learn more about how to use this new functionality.

By Elizabeth Ojo – March 19, 2024

IT strategy

10 must-know perspectives on digital transformation for healthcare IT leaders

Want your healthcare IT to accelerate your organization’s digital transformation? Knowing these 10 expert perspectives will put you several steps ahead.

By Shelly Lucas – March 15, 2024

Products

Explore Redox

Audience

Topics

Media