VHIEC Blog

From the Desk of Shreya Patel – CMS Prior Authorization Proposed Rule

This month, CMS released their long-awaited proposed rule on Prior Authorization, Provider Access API, and Payer to Payer Exchange.

Initially released in December 2020, CMS proposed an expansion of the Patient Access Final Rule. As a reminder, the CMS Patient Access Final Rule required certain Federal payers to share clinical and claims information they maintained with their enrollees or beneficiaries through the use of open APIs and mobile applications. The expansion to this rule would have built upon the open API infrastructure that payers put in place for the patient access component. This would be achieved by allowing providers to have access to the same information patients would through a Provider Access API. In addition, payers would be required to share information with other payers as their enrollees or beneficiaries changed plans or had concurrent enrollment. Lastly, through the new Prior Authorization API, CMS urged payers to release information to patients, providers, and new payers on prior, current, pending, and denied prior authorization requests. This rule had a set compliance date of 2023, but it was never finalized after many voiced concerns surrounding the ability for payers to meet this deadline. Further, there was much ambiguity on the payer to payer exchange, which required drafters of the proposed rule to revisit…. Read Full Post>

From the Desk of Shreya Patel – Information Blocking Rule Update

On September 30, 2022, the Office of the National Coordinator for Health Information Technology’s (ONC) released recent guidance surrounding the Information Blocking Rule through a Blog Post on their website.

In the blog post, the ONC stated they would be launching an dedicated webpage toward information blocking, which would be live on October 6. Further, they emphasized that actors under the rule could expect to see “periodic, experience- driven updates” to the rule as time went on… Read Full Post>

From the Desk of Shreya Patel – TEFCA Update

The Sequoia Project, the entity charged with operationalizing the framework for national interoperability titled the Trusted Exchange Framework and Common Agreement (TEFCA), has released a Standard Operating Procedure (SOP) on how Individual Access Service Providers (IAS) and actors under the framework will have to respond to Individual requests for information.

VHIEC was able to read through this SOP, which predominantly revolves around identity verification and the best practices IAS Providers must use when they receive requests from individuals. IAS Providers must have a credential service provider (CSP) that is approved by Sequoia Project as the RCE and the identity proofing must meet NIST IAL2 (Identity Assurance Level 2), which is defined under NIST SP800-63A. Additionally, the SOP delves into minimum and additional demographic categories IAS Providers are required and should use respectively… Read Full Post>