Application Programming Interfaces (APIs) and Relevant Standards and Implementation Guides (IGs)
Application Programming Interfaces (APIs) and Relevant Standards and Implementation Guides (IGs)
Application Programming Interfaces (APIs) and Relevant Standards and Implementation Guides (IGs)
The Centers for Medicare & Medicaid Services (CMS) Interoperability and Patient Access Final Rule (85 FR 25510) requires Medicare Advantage (MA) organizations, Medicaid Fee-for-Service (FFS) Programs, Medicaid managed care plans, Children's Health Insurance Program (CHIP) FFS programs, CHIP managed care entities, and Qualified Health Plan issuers on the Federally-Facilitated Exchanges (FFEs) to implement application programming interface (API) technology to advance health data exchange. The CMS Interoperability and Prior Authorization Final Rule (CMS-0057-F) builds on CMS' previous rule by outlining requirements for additional information that certain payers must provide via the Patient Access API and new requirements for certain payers to implement three additional APIs: Provider Access API, Payer-to-Payer API, and Prior Authorization API. The APIs finalized in CMS-9115-F and CMS-0057-F must meet certain technical standards to drive interoperability and increase provider and patient access to health information. The APIs are described below along with standards required by rulemaking and the Implementation Guides (IGs) CMS recommends payers use to support implementation—eliminating the need to develop an independent approach, which will save time and resources. In addition, the reference implementations available on the applicable websites allow payers to see the APIs in action and support testing and development.
Patient Access API
Through the already established Patient Access API, impacted payers are required to make information available to patients about prior authorization requests and decisions (excluding those for drugs) by January 1, 2027.
Provider Access API
Impacted payers are required to implement and maintain APIs for payer to provider data sharing of individual claims and encounter data (excluding provider remittances and enrollee cost-sharing information), data classes and data elements in a content standard adopted by ONC (USCDI) and specified prior authorization information (excluding those for drugs) by January 1, 2027.
Payer-to-Payer API
Impacted payers must implement and maintain a Payer-to-Payer API to make available claims and encounter data (excluding provider remittances and enrollee cost-sharing information), all data classes and data elements in a content standard adopted by ONC (USCDI), and information about prior authorizations (excluding those for drugs and those that were denied).
Provider Directory API
Under the CMS Interoperability and Patient Access Final Rule and the CMS Interoperability and Prior Authorization Final Rule, Medicaid FFS programs, CHIP FFS programs, Medicaid managed care plans, and CHIP managed care entities are required to make provider directory information available via the Provider Directory API. The CMS Interoperability and Patient Access Final Rule includes MA organizations. This API must be accessible via a public-facing digital endpoint on the payer’s website.
Prior Authorization API
The CMS Interoperability and Prior Authorization Final Rule requires impacted payers to implement and maintain a Prior Authorization API to automate the process for providers to determine whether a prior authorization is required, identify prior authorization information and documentation requirements, as well as facilitate the exchange of prior authorization requests and decisions from their electronic health records (EHRs) or practice management system. We note that under the Health Insurance Portability and Accountability Act (HIPAA), covered entities are required to use the currently adopted standard for prior authorization transactions. The name of the HIPAA prior authorization transaction is the X12 278. The final rule does not propose to modify the HIPAA rules or hinder the use of that standard.
Bulk Data Access API
The 21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program Final Rule (85 FR 25642) first covered the requirement for the Health Level 7® (HL7®) FHIR® Bulk Data Access API or Flat FHIR API, which enables access to patient-level data across a patient population, supporting many use cases across the healthcare ecosystem, including integration of an internal clinical system with an EHR.
Page Last Modified:
01/18/2024 01:18 PM