New Medicare Preauthorization Rules Leave Patient Out of Loop
The preauthorization speed requirements are supposed to take effect Jan. 1, 2026. Plans can start out meeting the requirements using paper or online processes that don’t comply with all of the standards set out in the new regulations.
Plans are supposed to begin providing regulation-compliant patient and provider access APIs by Jan. 1, 2027.
Some plans can qualify for exemptions from the API requirements, and others can apply for exemptions.
Officials note that they gave plans an extra year to meet the API requirements because of concerns about how quickly they could get the new technology in place.
CMS is also changing the rules to ensure that the new plan can easily get five years of patient information from the old plan through an API when a patient changes plans, and that two plans that cover the same patient can and regularly do exchange data through an API, to help ensure that the patient can get comprehensive coverage information through one portal or one app.
What the requirements leave out: The new requirements don’t apply to drug coverage decisions, because other, comparable speed guidelines already apply to plans’ communications about drug coverage decisions.
The new requirements also have no provisions that apply directly and clearly to “peer-to-peer reviews” of whether the care requested is medically necessary.
Physicians often complain that the peer reviewers tend to be physicians with no experience in the specialty involved in the discussion.
Officials acknowledge in the preamble, or official introduction, to the regulations that they received multiple comments express “frustration with… painful interactions during lengthy peer-to-peer review of medical necessity assessments with MA organizations.”
Medicare program rules for 2024 already require Medicare Advantage plans to set up utilization management committees to make sure Medicare Advantage preauthorization procedures are consistent with those around original Medicare, officials said.
Why no new patient preauthorization communication tools: CMS officials suggested that letting patients send information to plans through the preauthorization API would create confusion about who was responsible for submitting prior authorization requests and documentation.
“Providers are in the best position to understand the clinical requirements to obtain prior authorization and are responsible for using their clinical judgment to decide on the best course of treatment,” officials said. “As discussed, it is valuable for patients to have transparency into that process and be able to assist providers to submit necessary information. However, without a clinical understanding, patients may submit extraneous or irrelevant information.”
Health insurers’ view: America’s Health Insurance Plans, a group for health insurers, welcomed final approval of the preauthorization regulations, but it said health insurers need better, more standardized systems to comply, and that another HHS agency, the Office of the Coordinator for Health Information Technology needs to step up.
The technology office “should swiftly require vendors to build electronic prior authorization capabilities into the electronic health record so that providers can do their part, or plans will build a bridge to nowhere,” AHIP said.
The Centers for Medicare and Medicaid Services offices in Woodlawn, Maryland. Credit: Jay Mallin/Bloomberg