Electronic Prior Authorization
Table of Contents
💡 Maverick’s Quick Hit
By automating multiple manual tasks, electronic prior authorization presents an opportunity to improve upon slow and labor-intensive decisions about which medical services and products are covered under a particular health insurance benefit package. Federal regulations relating to electronic prior authorization are in proposed form only, so interested parties should follow this important public policy issue to prepare for a dramatic change in this daily activity that impacts everyone involved in the health care system.
What is Electronic Prior Authorization?
Prior authorization requires healthcare providers to obtain pre-approval from payers before delivering certain items and services to confirm reimbursement. Managed care organizations implemented these processes in the 1980s in response to rising costs from patients receiving medically unnecessary care. Historically, prior authorization is a manual process involving paper-based forms, phone calls, faxes, and lengthy back-and-forth communication between providers and payers – leading to significant patient care delays. Due to its labor-intensive nature, prior authorization is an administratively burdensome process that is prone to errors, like incomplete forms and missing information, impacting patients’ ability to receive the necessary care.
Due to the inefficiencies and challenges associated with manual prior authorization processes, electronic prior authorization (ePA) – the digital process enabling providers to obtain treatment approval – emerged as a solution. Stakeholders advocate for ePA because of its ability to:
- Streamline communications – eliminate paper-based inefficiencies.
- Decrease turnaround times – enable near real-time electronic submission and review of requests, leading to quicker decisions.
- Reduce errors – provide structured electronic forms with pre-populated patient data, ensuring all required information is included and accurate.
- Reduce administrative costs – enables efficient utilization of health care resources and allows physicians to spend more time with patients.
- Increase consistency – incorporates standardized guidelines and criteria, reducing variation in decisions.
- Integrate with electronic health record (EHR) systems – allows unencumbered access to patient information and clinical documentation, improving the efficiency and accuracy of prior authorization decisions.
Despite the significant growth and increased emphasis on the digitization of health care, the apparent advantages of ePA, and the disadvantages of conducting manual prior authorization processes, the adoption of electronic prior authorization processes lags.
Current Adoption and Savings Opportunities
Each year, an increasing number of health plans adopt electronic administrative transaction processes. According to the Council for Affordable Quality Healthcare’s (CAQH) 2022 Index Report, however, the lowest adoption rates are for prior authorization and health care attachments – with only 28% and 24% of plans fully adopting these tools, respectively. In contrast, the next lowest adoption rate is for claim status inquiries, with that transaction reaching 72% adoption, highlighting the industry’s general hesitancy to fully embrace electronic prior authorization tools.
While the adoption of fully electronic prior authorization processes increased by 2% in 2022, 33% of health plans continue using only manual processes, like phone, mail, fax, and email, for prior authorization. The largest share, a little over one-third of health plans, use a blend of both electronic and manual tools.
Both health plans and providers can earn significant savings from adopting ePA. CAQH estimates that ePA process are estimated to save $449M annually — manual prior authorization transactions cost $4.25 more than ePA. In addition to cost savings, ePA can save an estimated 11 minutes per transaction. Despite these clear incentives, delays in adoption persist.
Delays in ePA Adoption
The current state of health care data makes it difficult for health plans and providers to exchange information and make ePA fully possible. Health care data is stored in various systems and formats across different healthcare organizations, like hospitals, laboratories, and insurance companies. These formats are not always compatible with one another, making it difficult to move that information from one organization’s system to another’s system. Because health plans and providers need to exchange data to make prior authorization decisions, difficulty in exchanging this information electronically is a major aspect of why fully adopting ePA is challenging.
As a result of compatibility issues, transaction standards are crucial for healthcare data exchange, as they provide a common language and structure for exchanging data between different systems – like those of payers and providers. Some of these transactions, primarily those related to the administrative and financial aspects of health care, are under the oversight of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA requires covered entities, such as providers, health plans, and clearinghouses, to use standardized transaction formats and code sets for these information exchanges.
In May 2020, under the Trump Administration, the Centers for Medicare and Medicaid Services (CMS) published the first phase of CMS interoperability rulemaking – the CMS Interoperability and Patient Access final rule. Following that action, in December 2020, the Trump administration released an additional rule designed to further health information exchange and reduce payer, provider, and patient burden. One of the specific aspects of this rules sought to improve prior authorization processes. Although proposed rule comment periods traditionally offer 30 to 60 days for stakeholders to submit comments, the December 2020 proposed rule only included a 17-day window for industry players to analyze the nearly 350-page document and draft comments. Despite efforts from stakeholders to extend the comment period, the Trump Administration released a final rule in January 2021, expediting the process to codify its health agenda just days before President-elect Joe Biden was inaugurated.
On the inaugural day of the new presidency, the Biden Administration issued a series of regulatory directives, including a pause on federal rulemaking and rescinding Trump-era executive orders on the regulatory process. So, regulations that were not yet implemented, like the final rule on ePA, were temporarily frozen. In a FAQ document released in 2021, the Biden Administration made it clear that the ePA final rule was withdrawn but remained a policy issue it intended to pursue later.
As of June 2023, the Biden Administration took several steps to address ePA, including:
- Office of the National Coordinator for Health IT (ONC) Request for Information (RFI): Electronic Prior Authorization Standards, Implementation Specifications, and Certification Criteria
- Health Information Technology Advisory Committee (HITAC) ePA RFI Task Force published recommendations
- CMS Advancing Interoperability and Improving Prior Authorization Processes Proposed Rule
- CMS Administrative Simplification: Adoption of Standards for Healthcare Attachments Transactions Proposed Rule
The following is an overview of each federal agency action in 2022-
ONC REQUEST FOR INFORMATION (RFI) (January 2022)
ONC released an RFI seeking input on electronic prior authorization technical standards, implementation specifications, and certification criteria that could be adopted. Specifically, ONC requested information on what criteria could be adopted within the Health IT Certification Program.
What is the Health IT Certification Program?
A voluntary program in which health IT developers have the opportunity to obtain certification for their products, which are usually EHRs, by meeting certain technical standard requirements. Generally, developers seek certification because health care providers are required to use certified EHR technology (CEHRT) to avoid a downward adjustment on their Medicare reimbursement. The Certification Program currently addresses ePA, but only for medications under “electronic prescribing.”
What changes to certification did ONC seek comment on?
In the RFI, ONC asked for comments on a core set of capabilities for ePA. If these capabilities were added to the Certification Program as criteria, certified EHR technology would be required to have the ability to do the following:
Was ONC considering any specific guidance on enabling these capabilities?
ONC proposed to adopt three implementation guides (IG) relevant to ePA, including:
What do CRD/DTR/PAS stand for?
When were comments due?
March 25, 2022 – two months after the January 24, 2022, RFI release.
Task Force Recommendatons
In March 2002, HITAC’s Task Force submitted 13 recommendations to ONC’s RFI, which are summarized in the following Q&A:
CMS PROPOSED RULE - ELECTRONIC PRIOR AUTHORIZATION PROVISIONS (December 2022)
Medicare Advantage (MA) plans, state Medicaid and CHIP fee-for-service programs, CHIP managed care plans, and Qualified Health Plans (QHPs) on Federally Facilitated Exchanges (FFEs)
New API Requirements
CMS proposed to require impacted payers to build and maintain a FHIR Application Programming Interface (API) – the Prior Authorization Requirements, Documentation, and Decision (PARDD) API.
Additional Information Required
Impacted payers would be required to include a specific reason for prior authorization denials.
New Time Frames
Impacted payers, excluding QHPs on FFEs, would be required to send prior authorization decisions within:
Impacted payers would be required to provide information about prior authorization requests through the patient access API within 1 business day of any update to ePA request or decision and make decisions available for one-year post-decision.
The proposed rule did not include any corollary requirements on providers, instead establishing new measures to incentivize using payers’ PARDD APIs.
Requirements do not apply to ePA requests for drugs.
January 1, 2026
CMS ATTACHMENTS PROPOSED RULE - TRANSACTION STANDARDS PROVISIONS (December 2022)
Payers and providers
Support the implementation of ePA transactions by creating standards that allow providers to submit additional clinical documents electronically to health plans in the case the health plan requires additional information outside the original HIPAA-compliant transaction, such as additional medical documents or referral authorizations.
Standards for Health Care Attachments and Electronic Signatures
CMS proposed to adopt seven standards:
24 months after the effective date of the final rule
What’s Coming Next?
- As of July 2023, no rules have been finalized related to electronic prior authorization or healthcare attachment transactions. Maverick will update the manual when those are available.
- Some lawmakers are pushing for gold carding-like proposals, when payers relax or reduce ePA requirements for providers who demonstrate a consistent pattern of compliance with prior authorization procedures and have very low denial rates. While some states, like Texas, allow gold carding, it is unclear if and when this may become a federal policy.
- On April 18, 2023, ONC proposed the “Health Data, Technology, and Interoperability: Certification Program Updates, Algorithm Transparency, and Information Sharing” (HTI-1) Rule.
- The provisions build on previous health IT advances and include proposals for new data standards that help guarantee information can be understood when it enters and leaves a system.
- In the comment period, payers quickly criticized ONC for failing to impose ePA requirements on providers’ CEHRT.
Q1: WHAT IS GOLD-CARDING?
- Gold carding is when payers relax or reduce ePA requirements for providers who demonstrate a consistent pattern of compliance with prior authorization procedures and have very low denial rates. Gold-carding is not required under the proposed rule, but CMS is considering including a gold-carding measure as a factor in quality ratings for MA organizations and QHPs as a way for payers to raise their scores in the quality star ratings.
- Some payers have implemented gold carding programs already. In addition, some states have also enacted gold-carding programs to address provider and patient complaints about access to health services.
- Texas enacted a “gold card” law that took effect in October 2022, but they are not seeing the results they anticipated. The rule applies to Texas in-network physicians and providers serving fully insured, commercial businesses in the individual, small, and large group markets. The law exempts the physicians who have a 90% PA approval rating over a 6-month period for certain services from PA requirements for those services.
- Groups such as MGMA support CMS requiring gold-carding programs as part of the final CMS rule.