Receive urgent decisions within 72 hours. On Feb. 8, 2024, the Centers for Medicare & Medicaid Services (CMS) published its Interoperability and Prior Authorization final rule to the Federal Register. The new legislation brings much anticipated reforms to the prior authorization process, which predominantly affects diagnostic radiology services. Radiology Coding Alert examined the final rule to provide you with these highlights. Understand How Prior Authorization Affects Radiology Practices Payers say that prior authorization is necessary to maintaining healthcare’s affordability. However, healthcare providers feel that the process has become a burden. According to a 2022 AMA prior authorization survey, 89 percent of physicians interviewed thought that prior authorization had a negative impact on their patients’ care. At the same time, 88 percent of physicians associated the prior authorization process as a high or extremely high burden (www.ama-assn.org/system/ files/prior-authorization-survey.pdf). Plus, in a 2021 study published to JAMA Health Forum, researchers found that 91 percent of diagnostic radiology services are subject to prior authorization. Over the years, lawmakers and physician groups have urged CMS to make reforms to the prior authorization process. Some payers, like UnitedHealthCare, have already made adjustments such as reducing the number of prior authorizations. Figure out the Final Rule CMS expands on previously finalized policies with this 2024 ruling, where the agency is requiring impacted payers to deploy and maintain certain Health Level 7® (HL7®) Fast Healthcare Interoperability Resources® (FHIR®) application programming interfaces (APIs). The 2024 ruling includes provisions that apply to patient access API, provider access API, payer-to-payer API, and prior authorization API. The impacted payers mentioned in the ruling include: Each API listed above is required to include prior authorization information. Patient access API: According to the final rule, the agency requires impacted payers to add prior authorization information, except any drug-related information, to the patient access API. Payers must implement this requirement by Jan. 1, 2027. At the same time, CMS is requiring impacted payers to report annual patient access API usage metrics starting Jan. 1, 2026. Provider access API: CMS is requiring impacted payers to implement and maintain this API to share patient data with in-network providers with whom the patient already has an established treatment relationship. Payers must make the following information available in the API: Payers are also required to uphold an attribution process that connects patients to in-network or enrolled providers where the patient and provider have an established treatment relationship. The requirements also let patients choose to opt out of having their data shared with providers. Additionally, CMS requires payers to provide information to patients in easy-to-understand wording that covers the patients’ ability to opt out and the benefits of the API data exchange. CMS is also requiring impacted payers to implement all the provider access API requirements by Jan. 1, 2027. Payer-to-payer API: CMS is requiring payers to make the following available through a payer-to-payer API to “support care continuity:” The agency notes that impacted payers don’t have to share all of the patient data, just the data with a date of service within a 5-year period. “This will help improve care continuity when a patient changes payers and ensure that patients have continued access to the most relevant data in their records,” CMS wrote in a fact sheet (www.cms.gov/newsroom/fact-sheets/ cms-interoperability-and-prior-authorization-final-rule-cms- 0057-f). Similar to the provider access API requirements, the impacted payers must provide educational resources in easy-to-understand wording explaining the patients’ ability to opt in to the data exchange and the benefits of the API data exchange. Impacted payers must implement all the payer-to-payer API requirements by Jan. 1, 2027. Prior authorization API: According to the final rule, the agency requires payers to deploy and maintain a prior authorization API, which includes the following information: The API also needs to document whether the payer has approved the prior authorization request, denied the request, or has asked for more information. The approval should contain the date or a reason why the authorization expires, while a denial is required to cite a specific reason for the rejection. Payers are expected to comply with this requirement starting Jan. 1, 2027. Implement Prior Authorization Improvements In addition to establishing API requirements for data access and exchange, CMS addressed several prior authorization process improvements in the final rule. Impacted payers are now required to submit prior authorization decisions in a timely manner. Urgent or expedited requests need to receive decisions within 72 hours, while standard requests will receive a decision within seven calendar days. Note: QHP issuers on the FFEs are not subject to these timeframes. When the calendar turns to 2026, impacted payers are required to issue a specific reason as to why they denied a prior authorization request. Payers have several options to provide the decision and reason, such as a patient portal, fax, email, telephone call, or mail. “This requirement is intended to both facilitate better communication and transparency between payers, providers, and patients, as well as improve providers’ ability to resubmit the prior authorization request, if necessary,” CMS wrote in a fact sheet. Another prior authorization process improvement CMS is implementing is metrics reporting. Effective Jan. 1, 2026, the impacted payers are required to annually report select prior authorization metrics by posting the information publicly on payers’ websites. While payers should be compliant with this requirement by the start of 2026, the first metrics must be reported by March 31, 2026. Reactions to the news The healthcare industry was quick to react to CMS’ ruling. The AMA praised CMS’s decision that brings necessary efficiency to workflows and the prior authorization process. “The AMA also appreciates that the rule will significantly enhance transparency around prior authorization by requiring specific denial reasons and public reporting of program metrics as well as requiring that prior authorization information be available to patients to help them become more informed decision makers,” wrote Jesse M. Ehrenfeld, MD, MPH, president of the AMA, in a statement. The Department of Health and Human Services (HHS) also praised CMS’ final rule. “When a doctor says a patient needs a procedure, it is essential that it happens in a timely manner,” said Department of Health and Human Services (HHS) Secretary Xavier Becerra in a release. “Too many Americans are left in limbo, waiting for approval from their insurance company,” Becerra added. Resource: Read CMS Interoperability and Prior Authorization final rule in the Federal Register at: www.federalregister. gov/public-inspection/2024-00895/medicare-and-medicaid-programs-patient-protection-and-affordable-care-act-advancing-interoperability.