Prior Authorization Turnaround For Insurers Finalized By CMS


Federally regulated health insurers, such as the one in Medicare Advantage plans, will have to turn around the prior authorization decisions much more quickly as per a rule that has been finalized by the CMS on January 17.

It is well to be noted that starting in 2026, health insurers will have to either approve or deny an immediate prior authorization request within 72 hours. For standard as well as non-urgent requests, payers will have 7 calendar days in order to respond. These deadlines go on to cut the current timeframes for some payers so as to issue decisions in half, regulators said.

Payers will also have to offer a valid reason for denying the prior authorization request, which should go on to help doctors resubmit or even appeal the request if needed, the CMS remarked. The rule, which was first proposed in December 2022, happens to have the support from payers as well as providers and is most likely going to create almost $15 billion in savings in the next decade.

Prior authorization happens to be a process wherein a doctor has to get prior approval from the patient’s health insurer before offering a medical service such as prescribing a drug or performing surgeries.

Payers go on to argue that prior authorization happens to be a necessary evil so as to curb nonessential healthcare expenditures. But doctors as well as patients opine that the process adds to the physician burnout by elevating the paperwork, while leaving the patients in a catch-22 situation as they go on to wait for an unknown bureaucrat to give a final nod to their care plan.

It is well to be noted that recent cases of patients facing serious health outcomes and even death due to prior authorization delays have elevated the pressure on health insurance companies so as to roll back the policies. Due to this, and in anticipation of the rulemaking, many major payers have walked back the needs, such as UnitedHealthcare as well as CVS-owned Aetna, although the physicians argue more reform happens to be required.

The CMS said that the recent final rule does not restrict payers’ usage of prior authorization; however, the shorter timeline so as to turn the decisions around and the need to include the rationale in their decisions can as well streamline the entire process.

In addition to the timeframe changes, the 822-page rule needs the payers to post certain authorization metrics on their websites in advance, such as which services need prior authorizations, the number of denials as well as approvals, and advance authorization denials overturned after the appeal is made.

Notably, the payers will also have to execute a standardized application programming interface- API for advance authorization by January 2027. APIs happen to be sets of rules that let varied computer programs to communicate with one another.

It is well to be noted that setting a standardized API will go on to enable the providers as well as payers to automate the end-to-end advanced authorization process, the CMS opined.

Payers as well as providers came out against the government’s rule to set that standard, called HL7 FHIR, in the last summer, thereby debating whether it would conflict with another data exchange standard named X12. In response to the concerns raised, the HHS said it would not enforce the X12 standard for organizations that happen to comply with the recent prior authorization rule.

But the regulators will go on to continue to evaluate advanced authorization standards for future rulemaking, said the HHS. Along with an API for prior authorization, payers will also be needed to expand their API when it comes to patient access so as to include information pertaining to prior authorizations and also create an API for provider access that can be made use to retrieve patients’ claims, encounters, and clinical data along with the prior authorization data.

Apparently, if in case, a patient moves between payers or happens to be covered by more than one, insurers will have to exchange the data with one another by way of using a payer-to-payer API.

The CMS initially required payers to transfer the patient data to one another at a patient’s request within the information blocking rules that were finalized in 2020, with the idea of creating a longitudinal health record that could go on to follow patients in a healthcare system, in spite of the coverage changes.

But the regulators said in 2021 that they would not put forth the policy after payers happened to raise concerns in terms of operational challenges and risks to the quality of data, given a dearth of specificity within the rule.

The January 17 rule goes on to apply to MA plans, Medicaid and CHIP managed care plans, state Medicaid and Children’s Health Insurance Program agencies, and plans on the Affordable Care Act exchanges. In the case of MA plans, the alterations come in addition to the April final rule, which was meant to stop them from enacting more strict prior authorization processes than what has been allowed in the Medicare’s coverage requirements.

It is well to be noted that the regulators have zeroed in on using management reform in MA especially after a prior authorization rule that was proposed at the time of the Trump administration controversially left out the plans.

Interestingly, an HHS Office of Inspector General report went on to find that some MA plans consistently do not take the prior authorization requests, even the ones that should have been given the nod under Medicare. Apparently, a 2018 audit by the OIG inferred that MA plans, following an appeal, went on to finally approve 75% of the requests that were initially denied.