Linkedin-in

Final Rule Against Injustice Disguised as Paper Work

For healthcare providers, prior authorization is an absolute necessity to ensure their claims are paid. But the reality is, physicians are forced to spend countless hours each week completing an average of 43 prior authorizations per week – time that could be spent providing crucial care to their patients. On the one hand, it causes delays in accessing necessary care leading to life-threatening events for the patients; on the other hand, it increases administrative burden causing physician burnout. According to AMA release, 94% of physicians reported delays in access to necessary care due to prior auth and 95% held it responsible for the burnout. Denied prior auth requests often exacerbate the situation for both patients and providers. resulting in higher overall costs and forcing patients to either forego necessary treatment or seek urgent and sometimes emergency care instead. More than 9 in 10 physicians said that prior authorizations have a detrimental impact on patient outcomes. Instead of being compliant in evidence-based care, prior authorization procedure is impeding proper care by delaying diagnosis and treatment.

 To ease the situation, the Centers for Medicare & Medicaid Services (CMS) released the Prior Authorization final rule on Jan 17, 2024 (effective from April 8, 2024) to improve the process to ensure better patient care. The final rule has improved the prior auth practice by increasing the interoperability and data sharing and reducing the overall burden on all parties involved in the process. 

Impacted payers are required to implement certain provisions by January 1, 2026, and the compliance date to meet API requirements in the final rule is January 1, 2027. 

 Pros of the new REGULATIONS:- 

  • Increase EHI exchange of healthcare data
  • Streamline the prior auth process
  • Help to address provider burden and burnout
  • Improve patient’s access to timely care
  • Improve coordination of care across the care continuum 
  •  Movement toward value-based care

Four APIs

Payers are required to implement and maintain Prior Authorization (PA) application programming interface (API) on four levels:-

  • Patient Access API
  • Provider access API
  • Payer-to-Payer API
  • Prior Auth API

The Patient Access API must enable patients to readily access claims and associated information, as well as clinical data including as lab results, provider remittances, and patient cost-sharing, via their preferred health applications. The payer must provide all of the following information regarding the prior authorization requests using the Patient access API:

  • The prior authorization status.
  • The date the prior authorization was approved or denied.
  • The date or circumstance under which the prior authorization ends.
  • The items and services approved.
  • If denied, a specific reason why the request was denied.
  • Related structured administrative and clinical documentation submitted by a provider.

Provider Access APIs allows providers to access current patient data from the payer, adjudicated claims, encounter data (excluding remittances and patient cost-sharing information), and prior authorization information. Provider Access API should adhere to the technological requirements outlined in the CMS interoperability and patient access final regulation, including Health Level Seven (HL7).

  • Impacted payers must maintain an attribution procedure to associate patients with their in-network or enrolled providers, ensuring that data is only sent to providers with whom the patient has a treatment connection. Attribution processes relate to many other functions, including contracts, payments, financial reconciliation, reporting, and continuity of care.

Payer-to-Payer API for exchanging patient data when a patient switches payers to assure ongoing access to health data and promote continuity of care between payers. All impacted payers must develop and maintain a Payer-to-Payer API to exchange claims and encounter data in a content standard. Using standard content standards across APIs improves efficiency and minimizes overall strain.

  • Impacted payers need to obtain data from a patient’s former payer, with the patient’s agreement, no later than 1 week after the commencement of coverage or at the patient’s request.
  • The payers must exchange 5 years of patient data, which is adequate for treatment continuation.
  • If the patient has two or more concurrently impacted payers, the data must be exchanged at least quarterly.

Prior Auth API will assist providers in determining if a certain payer requires prior authorization for certain commodities and services. API will allow providers to query the payer’s pre-authorization documentation need directly from the provider’s system, facilitating the automated compilation of essential information to submit the prior authorization request.

  • Regardless of the request received through the Prior Auth API, impacted payers are required to send notice to the provider when they make a prior authorization decision, including reasons for denial.
  • Payers are required to respond to PA requests within a certain timeframe. Impacted Payers are required to make available prior auth information in the Patient access API, no later than 1 business day after receiving the request and update that information no later than 1 business day after any status change. Certain payers are required to make decision within 7 calendar days for standard requests, and 72 hours for expedited requests.
  • Prior auth information must be available via Patient Access API for as long as authorization is active and at least 1 year after the last status change including the denied or expired request.
  • Publicly reporting certain metrics about their PA processes to enhance transparency.
  • Payers are required to report certain metrics to CMS on an annual basis about patient usage data and requests made via the Patient Access API, in the form of aggregated, de-identified data. This will help to evaluate whether the API policies are achieving the desired goals.

Note:- Drugs of any type that could be covered by an impacted payer, are excluded from the PA policies. But the supplies dispensed at the pharmacy and durable medical equipment(DME), that are considered medical benefits and are not prescription drugs, are subject to the PA requirements of this final rule.

Gold Carding

One big time and effort saver for providers is the Gold Carding option. It exempts high-performing providers from the often cumbersome prior authorization requirements for certain medical services, procedures, or medications. Under this, physicians who have reached a certain prior authorization approval rate over a six-month period will be exempt from pre-authorization of certain services. They can only submit a prenotification to schedule services, and approval is granted immediately.  By providing instant approval at the point of care, Gold Carding eliminates the need for phone calls, emails, and delays. Patients leave your office knowing their treatment is approved.

To know more about the pre-authorization final rule relating to your specific practice and state, please visit CMS website or you can contact our revenue cycle expert by booking a 1:1 call to know how we can save you from all the burnout in receiving your payments, leaving you which you do 

FAQ's

What is the main goal of the CMS Prior Authorization Final Rule?

The main goal is to streamline the prior authorization (PA) process by increasing interoperability and data sharing among payers, providers, and patients. This aims to reduce administrative burden on physicians, combat burnout, and ensure patients get timely access to necessary care.

Which payers are impacted by this new final rule?

The rule applies to:

  • Medicare Advantage (MA) Organizations
  • Medicaid Fee-for-Service (FFS) programs
  • Medicaid Managed Care Plans
  • Children’s Health Insurance Program (CHIP) FFS programs and Managed Care Entities
  • Qualified Health Plan (QHP) issuers on the Federally Facilitated Exchanges (FFEs).

What are the key compliance deadlines for the new requirements?

  • January 1, 2026: Payers must implement certain operational provisions, including new timeframes for decision-making and providing a specific reason for denials. They also start public reporting of metrics.
  • January 1, 2027: Payers must be compliant with the new Application Programming Interface (API) requirements (Patient Access, Provider Access, Payer-to-Payer, and Prior Auth APIs).

What are the new required timeframes for prior authorization decisions?

Starting January 1, 2026, impacted payers (excluding QHP issuers on the FFEs) must respond to prior authorization requests within:

  • 72 hours for expedited (urgent) requests.
  • 7 calendar days for standard requests.

What are the four new APIs required by the rule, and what do they do?

The rule mandates four APIs, primarily for electronic data exchange:

  • Patient Access API: Allows patients to view their claims, clinical data, and the status/details of their PA requests (including denial reasons) via third-party applications.
  • Provider Access API: Allows in-network providers to access current patient data, adjudicated claims, and PA information to facilitate care coordination.
  • Payer-to-Payer API: Facilitates the exchange of up to five years of patient data between a patient’s old and new payers when they switch plans, with patient consent.
  • Prior Auth API: Allows providers to check if a service requires PA, identify necessary documentation, and submit requests directly from their Electronic Health Record (EHR) system.

Does the Final Rule apply to all types of prescriptions and services?

No. The PA policies in this final rule explicitly exclude drugs of any type that could be covered by an impacted payer. However, durable medical equipment (DME) and supplies dispensed at the pharmacy that are considered medical benefits are subject to the new PA requirements.

What is “Gold Carding,” and how does it help providers?

Gold Carding is a concept that exempts high-performing providers from certain prior authorization requirements. It is a time and effort saver for providers who achieve a high PA approval rate (e.g., over a six-month period). They only need to submit a prenotification, and approval is granted immediately for the exempted services, significantly reducing administrative work and delays.

Linkedin-in
COSE AI
Hey! I'm COSE AI 👋
Need help? Let's chat!
Cosentus
THINK GROWTH
Powered by COSE AI - Responses are informational only

Get a Free Demo

We will do our best to respond to your inquiry in a timely manner, but in some cases may not respond until the next business day. If you need immediate assistance please call us directly.