The Standard

The Official Blog of Health Level Seven® International


CMS New Rules to Address Prior Authorization for Patient and Provider Interests

[fa icon="calendar"] Feb 8, 2021 12:23:17 PM / by Shobhit Saran

Citius Tech Feb Blog

The Centers for Medicare & Medicaid Services (CMS) released the much-awaited Interoperability & Patient Access Rule in March 2020. The objective is to reinforce this rule by further improving health information exchange and obtaining member health records at a single location to reduce burden on payers, providers and members.

The enforcement date for this rule is January 1, 2023, and will be applicable to Medicaid programs, the Children’s Health Insurance Programs (CHIP) and Qualified Health Plan (QHP) issuers on the individual market Federally Facilitated Exchanges (FFEs). However, it will not be applicable to Medicare Advantage (MA) plans.

The CMS proposed rule will include policies to enhance the current Application Programming Interfaces (APIs) from its interoperability rule such as patient access API and payer to payer API. There are a few new APIs and requirements proposed to improve the overall prior authorization process.

Summary: Provisions of the Proposed Rule



API Status


Prior Authorization Support (PAS) API

For providers to send prior authorization requests and receive responses electronically, in coordination with existing HIPAA X12 transactions



Document Requirement Lookup Service (DRLS) API

For providers to electronically inquire about prior authorization requirements for a specific payer and items/services




Provider Access API – Claims, Clinical and Prior Authorization Data

Similar to patient access API, payers to expose an API for providers to access their attributed patient’s data, except for remittance and cost related data




Patient Access API – Active and Pending Prior Authorization 

Share member’s prior authorization details, in addition to existing patient access API to share claims, clinical & encounter data




Payer to Payer Data Exchange – Claims and Prior Authorization Data

In addition to clinical data, APIs to share claims as well as active and pending prior authorization data



Impacted payers will need to set-up the required infrastructure per CMS’ API guidelines (HL7 FHIR Version 4.0) and security requirements (OAuth2.0 and SMART app launch framework). The APIs will need to be based on industry standard implementation guides proposed by the CMS. In addition, the proposed rule includes the following HL7 Da Vinci Project implementation guides:

  • Prior Authorization Support (PAS)
  • Payer Coverage Decision Exchange (PCDE)
  • Documentation Templates and Rules (DTR)
  • Coverage Requirements Discovery (CRD)

In addition to building APIs, CMS has proposed further requirements to measure the impact of the rule and streamline certain processes:

  • Third Party Attestation Process: CMS expects payers to establish, implement and maintain an attestation process mandatorily for third-party application developers to attest to certain privacy policy provisions prior to retrieving data via the payer’s Patient Access API.
  • Patient Access API Metrics: Impacted payers to report metrics quarterly to CMS about list of unique patients that have requested data from the API, to assess impact of the patient access API.
  • Denial Reason for Prior Authorizations: Payers to provide specific reasons for denial when denying a prior authorization request, regardless of the method used to send the prior authorization decision, to facilitate better communication and understanding between the provider and payer.
  • Shorter Prior Authorizations Timeframes: Payers to shorten prior authorization decision for both urgent and standard requests.
  • Prior Authorizations Metrics: Impacted payers to publicly report (on website) on each plan's data against metrics proposed by CMS to improve transparency in the prior authorization process.

Impact of the CMS Proposed Rules

  • Members will be able to track their prior authorization requests and estimated treatment dates, which will provide them with a seamless experience.
  • Cost reduction for payers after the prior authorization workflow related APIs are established.
  • Prior authorization timeframes will be shortened, along with provider access to information on prior authorization requirements for a specific payer and service.
  • Payer-to-payer data exchange: current payers will have data on active prior authorizations for a member, which will eliminate duplication of prior authorization requests when members switch plans.

Attend Our Webinar on February 17!

Subject matter experts will discuss this topic in more detail, including potential steps for payers to meet the requirements, at a free webinar on February 17, 2021. Click here to register for the CMS Proposed Rule for Interoperability webinar.

This article was co-authored by Gati Patel, Healthcare Business Analyst, FAST+,  CitiusTech.

Topics: FHIR, interoperability, health IT, Payers, CMS, Da Vinci, prior authorization, ONC, payer data exchange, Patient Access API

Shobhit Saran

Written by Shobhit Saran

Shobhit Saran is the AVP of Health Plans at CitiusTech Inc.

Lists by Topic

see all

Posts by Topic

see all