Insightbanner
Insight Paper

Healthcare Interoperability – What is in “The Final Rule”?

Healthcare Interoperability

Important dates and capability impacts medical data providers and healthcare exchanges should know about.

Recently, the Center for Medicare & Medicaid Services (CMS) issued a new regulation that affects Interoperability in the healthcare industry, Final Rule, to enhance electronic sharing of medical data and streamline insurance approval processes for certain treatments. The goal is to expedite approvals for prior authorization and reduce administrative burdens for healthcare providers and patients, which would in turn generate an estimated savings of approximately $15 billion over a decade.

In healthcare, interoperability refers to the ability of different systems to interact with each other. It allows seamless exchange of Electronic Health Records (EHR) and other patient information and data between various providers and healthcare facilities irrespective of which provider created the record. Interoperability ensures continuity of care and comprehensive access to a patient’s medical history across multiple medical institutions.

Compliance and implementation of the operational provisions in The Final Rule must be completed by January 1, 2026. However, impacted payers have until January 7, 2027, to meet specific enhanced Application Programming Interface (API) requirements defined in the new final rule.

Provisions of the CMS Final Rule include:

1. Patient Access API – The regulation aims to improve patient access to information for better treatment and decision-making. From January 1, 2027, insurers are required to provide prior authorization data via the Patient Access API, enabling patients to understand their plan’s prior authorization procedures and request statuses. Insurers who are impacted by this also must submit yearly reports to CMS regarding the utilization of the Patient Access API and data requests.

2. Provider Access API – To promote better care coordination, affected payers must establish and uphold a Provider Access API. This API will enable sharing of patient information with in-network healthcare providers who are involved in the patient’s treatment. Impacted payers will be mandated to provide specific patient data through the Provider Access API. Insurers must create a system to connect patients with their in-network or registered providers, patients must also be allowed to opt out of sharing data. Insures must provide clear information to patients about the benefits of data sharing and their right to opt out.

3. Payer-to-Payer API – To ensure seamless care, impacted payers must establish and maintain a Payer-to-Payer API, allowing sharing of claims and encounter data (excluding certain details) within a five-year timeframe. A finalized opt-in/opt-out process will allow patients to grant permission for data sharing. Impacted payers must provide clear educational resources explaining the benefits and implementation of this API.

4. Prior Authorization API – Affected payers must establish and sustain a Prior Authorization API, which should contain a comprehensive list of covered items and services, outline documentation prerequisites for prior authorization approval, and facilitate prior authorization requests and responses. These APIs must convey approval, denial (with specified reasons), or requests for further information regarding prior authorization.

5. Improving Prior Authorization Process –

a. Prior authorization Decision Timeframes – Impacted payers must provide prior authorization decisions within 72 hours for expedited (urgent) requests and within seven calendar days for standard (non-urgent) requests.

b. Provider Notice Including Denial Reason – Impacted payers must provide specific reasons for denied prior authorization decisions, regardless of the communication method. This excludes decisions for medications. The goal is to enhance communication and transparency.

c. Prior Authorization Metrics – Impacted payers are required to report specific prior authorization metrics annually by publishing them publicly on their website.

6. Electronic Prior Authorization Measure for Merit-Based Incentive Payment System (MIPS), Eligible Clinicians and Hospitals, and Critical Access Hospitals (CAHs) – MIPS eligible clinicians, hospitals, and CAHs must report the Electronic Prior Authorization measure. This involves electronically requesting prior authorizations via a Prior Authorization API using data from certified electronic health record technology (CEHRT). The measure excludes medications and requires a yes/no response or claiming an applicable exclusion.

The required rules, specifications, implementation timelines, and dates for the implementation of Final Rule can be found on CMS website. To learn more about interoperability in your industry please reach out to Trexin here:

Help Desk

Let us help you "Get to Done"

We’ve been in your shoes. Let us help you find a better way.