Streamlining Prior Authorization with the Prior Authorization API

The Prior Authorization API is a game-changer for healthcare providers and payers. It streamlines the prior authorization process, reducing administrative burdens and improving patient outcomes.

By leveraging the API, healthcare providers can automate the prior authorization workflow, eliminating manual data entry and reducing errors. This results in faster authorization decisions and improved patient access to necessary treatments.

Prior authorization is a necessary step in the healthcare process, ensuring that patients receive only the treatments that are medically necessary. The Prior Authorization API helps to facilitate this process, making it more efficient and effective.

With the Prior Authorization API, payers can also reduce the administrative costs associated with prior authorization, freeing up resources to focus on patient care.

The Patient Access API allows patients to obtain access to certain information. This API was mandated by the 2020 Rule, which required impacted payers to offer an API that third-party developers could use to design applications for plan enrollees to request access to their electronic protected health information.

Starting July 2021, impacted payers began publishing the API's rules and protocols on their public-facing websites. Health information technology developers could then use this information to create and offer apps for enrollees to download.

The API enables patients to request access to claims, encounters, and clinical information maintained by their health plan, with a date of service on or after January 1, 2016.

The Patient Access API allows patients to obtain access to certain information, including claims, encounters, and clinical data, starting from January 1, 2016.

By January 1, 2027, impacted payers must expand the Patient Access API to include prior authorization requests and decisions, such as the status of the request, whether it was approved or denied, and the specific reason for the denial.

Impacted payers must report annual metrics about Patient Access API usage starting January 1, 2026, and add information about prior authorizations to the data available through the API by January 1, 2027.

The Prior Authorization API is a bi-directional API that facilitates the administrative prior authorization process, allowing providers to identify when prior authorization is required, payer-specific requirements, and submit requests and receive responses.

This API must be implemented by impacted payers by January 1, 2027, and must support the creation and exchange of prior authorization requests from providers and responses from payers.

The Prior Authorization API will also allow providers to query the payer's prior authorization documentation requirements, easing one of the major points of administrative burden in the existing prior authorization process.

By using FHIR standards, the Prior Authorization API can reduce administrative burden for all parties and promote CMS and industry goals for interoperability.

Impacted payers must implement and maintain a Prior Authorization API populated with a list of items and services that require prior authorization and identify the payer's documentation requirements for all items and services that require a prior authorization request.

The Provider Access API is an "access only" API that impacted payers must implement to share certain patient prior authorization information with in-network providers by January 1, 2027.

This API will only have to be available to share patient data with in-network providers with whom the patient has a treatment relationship, and payers will be required to develop an attribution process to associate patients with their providers.

The data requirements for the Provider Access API are different from the data shared with patients through the Patient Access API, as impacted payers must make the enrollee's/beneficiary's claims and encounter data and specified prior authorization information available to providers.

When you need to trigger a prior authorization request, you have two options: prospective or retrospective.

A majority of prior authorizations today are still handled retrospectively at the pharmacy.

Prospective prior authorization requests are triggered by a doctor, but we'll cover that approach in more detail in our Telehealth API.

The retrospective approach, which we'll cover here, is more common.

Retrospective prior authorization requests are typically triggered after a claim rejection in the pharmacy.

It's usually handled at the pharmacy level.

A prior authorization API can initiate electronic PA requests at the point of claim rejection, making the process more streamlined for users.

To leverage this feature, you can set the initiate_prior_authorization field to true on the Copay Request object. This will automatically initiate electronic PA requests.

There are two types of PA requests: ePA and traditional PA. Both are managed in the Prior authorization API, but they have different workflows and status updates.

Traditional PA requests are used with payers who have not yet adopted the new digital standard, and you can determine which type of PA request applies to your request by referencing the prior_auth_type field.

You can trigger a prior authorization request prospectively by a doctor or retrospectively after a claim rejection in the pharmacy.

To create a prior authorization request, you can use the /prior_authorization API endpoint provided by Truepill. This will trigger a receipt confirmation of the request.

You can also initiate a prior authorization from within a copay request. To do this, set the initiate_prior_authorization field to true on the Copay Request object.

Once initiated, Truepill will automatically send electronic PA requests at the point of claim rejection. This streamlined approach can help manage the PA process more efficiently.

Truepill will notify you through webhook events at various stages of the PA process, keeping you informed throughout the lifecycle of your PA.

There are two types of PA requests: ePA, and a traditional PA. Both of them are managed in the Prior authorization API.

Traditional PA requests are used with payers who have not yet adopted the new digital standard.

The major difference between the two approaches is in the workflow as reflected in the different status updates you will receive.

Status updates are sent using a webhook event referencing your prior authorization request_id.

You can reference the prior_auth_type field to determine which type of prior authorization workflow applies to your PA request.

Different workflow statuses exist between the two types of PA request.

The first step in the request process is discovering coverage requirements, and it's crucial to get this right. This involves using the payer's FHIR-based CRD API to determine if authorization is necessary for the specified member and requested service.

The payer's system responds with a 'yes' or 'no', and if the response is 'yes', additional details are provided regarding the necessary information for submitting the authorization request.

Creating a direct, real-time connection is key in this automation, which simplifies the administrative work for providers and can reduce the turnaround time for an authorization decision.

If a prior authorization is needed, the payer's system communicates with the provider's EHR to request completion of a questionnaire or inclusion of supporting clinical information with the authorization request.

Prior authorization APIs typically use RESTful architecture, which allows for stateless communication between clients and servers. This means that each request from the client contains all the information necessary to complete the request, eliminating the need for server-side session management.

API keys are used to authenticate and authorize API requests, with most prior authorization APIs requiring a unique API key for each client. This key is used to identify the client and ensure that only authorized requests are processed.

Prior authorization APIs often use JSON Web Tokens (JWT) for authentication and authorization, which provides a secure and compact way to transmit information between parties.

The PA Final Rule has introduced some significant technical policy changes to promote interoperability in the healthcare industry. The rule requires payers to use APIs to send and receive electronic transactions.

In May 2020, CMS finalized the Interoperability and Patient Right of Access Rule, which mandated payers to implement three APIs: Patient Access API, Provider Access API, and Payer-to-Payer API. These APIs enable patients, providers, and payers to access claims, patient encounters, and clinical information.

The PA Final Rule builds on this foundation by adding more information about prior authorization requests, responses, and decisions to the existing APIs. It also introduces a new Prior Authorization API for impacted payers to design.

To encourage the use of FHIR-based APIs, CMS will exercise enforcement discretion if both the payer and provider are using the required APIs. This means that the National Standards Group won't enforce HIPAA requirements to translate electronic authorization transactions into the X12 278 standard transaction set if both parties are using the required APIs.

The use of APIs is expected to improve interoperability and streamline electronic prior authorization processes. By leveraging these technical policy changes, healthcare providers and payers can work together more efficiently and effectively.

The Approved Request Webhook is a game-changer for streamlining prior authorization processes.

Once a prior authorization request is approved, your webhook event for the Copay Request will look identical to a standard successful copay request. It will be processed seconds after receiving a PA approval.

If you're using Truepill's PA workflow, you can set the initiate_prior_authorization field to true on the Copay Request object to initiate electronic PA requests at the point of claim rejection.

This approach automatically initiates electronic PA requests, making the process more efficient and reducing manual errors.

You'll receive notification at various stages of the PA process through webhook events, keeping you informed and up-to-date on the status of your requests.

Providers will be able to report their implementation and use of the Prior Authorization API through a new MIPS measure called "Electronic Prior Authorization." This measure will be added to the Health Information Exchange objective for the MIPS Promoting Interoperability performance category and the Medicare Promoting Interoperability Program.

MIPS-eligible clinicians will be able to report the Electronic Prior Authorization measure beginning with the calendar year (CY) 2027 performance period and CY 2029 MIPS payment year. Eligible hospitals and critical access hospitals (CAHs) will start reporting with the CY 2027 EHR reporting period.

To successfully report the Electronic Prior Authorization measure, MIPS-eligible clinicians must attest "yes" to requesting a prior authorization electronically via a Prior Authorization API using data from CEHRT for at least one medical item or service (excluding drugs) ordered during the CY 2027 performance period.

The Provider Access API is an "access only" API that impacted payers must implement by January 1, 2027, to share patient prior authorization information with in-network providers.

Payers will only have to make the enrollee's/beneficiary's claims and encounter data, and specified prior authorization information available to providers with whom the patient has a treatment relationship. This means payers will need to develop an attribution process to associate patients with their providers.

The data requirements for the Provider Access API are different from the data shared with patients through the Patient Access API, and provider remittances and enrollee cost-sharing information are excluded.

Impacted payers will also be required to offer patients the opportunity to opt out of having their health information available and shared under the Provider Access API.

A new MIPS measure, called "Electronic Prior Authorization", will be available for eligible providers to report their implementation and use of the Prior Authorization API, starting with the calendar year (CY) 2027 performance period.

To successfully report the Electronic Prior Authorization measure, MIPS-eligible clinicians must attest "yes" to requesting a prior authorization electronically via a Prior Authorization API using data from CEHRT for at least one medical item or service ordered during the CY 2027 performance period.

Eligible hospitals and critical access hospitals (CAHs) will need to attest "yes" to requesting a prior authorization request electronically via a Prior Authorization API using data from CEHRT for at least one hospital discharge and medical item or service ordered during the 2027 EHR reporting period.

Impacted payers will be required to share specific information through the Provider Access API, including individual claims and encounter data, data classes and elements outlined in the United States Core Data for Interoperability (USCDI), and specific prior authorization details.

The Payer-to-Payer API is a game-changer for patients who switch plans. Under the PA Final Rule, impacted payers must implement this API by January 1, 2027.

This API allows patients to bring their past plan data with them when they switch plans. The new plan and the patient can then retain the information as they move from one payer to another.

A new payer must identify any previous payer or concurrent coverage and give the patient the opportunity to opt in to having the new payer request data from any previous or concurrent payer within one week of the start of coverage.

If the patient opts in, a previous payer will provide the data it maintains with dates of service within five years of the request, and it must provide this data within one day of receiving the request.

Concurrent coverage is when a patient has coverage with two or more payers. Impacted payers are required to exchange patient data within one week of the start of coverage and at least quarterly thereafter.

The Payer-to-Payer API must make available claims and encounter data, excluding provider remittances and enrollee cost-sharing information, in the USCDI format.

Availity is developing its Provider Authorization API solution in accordance with the Da Vinci implementation guides, which are recommended in the final rule.

Availity's solution, including its Prior Authorization Support (PAS), helps providers determine if an authorization is required, understand what the payer requires when submitting an authorization request, and submit and respond to prior authorization requests.

Availity AuthAI streamlines the prior authorization review process by using insights from clinical data and a health plan's unique medical policies to eliminate the manual review process.

Availity's Prior Authorization Support (PAS) and AuthAI can help providers navigate the prior authorization process, which is becoming increasingly complex.

Here's a summary of how Availity can help:

Impacted payers must deliver decisions for expedited requests within 72 hours and for standard requests within seven days, effective January 1, 2026.

The goal of process improvement in prior authorization is to make the process more efficient and transparent for all parties involved. By leveraging the Da Vinci Burden Reduction Implementation Guides, health plans and providers can work together to streamline the process.

One of the key objectives is to improve transparency into the prior authorization process, which can be frustrating and opaque for both health plans and providers. This can be achieved by providing clear and timely information about the status of requests.

To reduce administrative burdens, the process should focus on leveraging available clinical content and automating tasks where possible. This can help reduce the time and effort required for prior authorization, freeing up staff to focus on more critical tasks.

The current process for prior authorization is a major source of burden for both providers and payers, with 94% of physicians stating that it causes delays in patient care.

Physicians are not alone in their frustration, as 89% of respondents perceived prior authorization to significantly or somewhat negatively impact patient clinical outcomes.

Dissimilar payer policies and inconsistent use of electronic standards have created provider workflow challenges, making it difficult for providers to navigate the process.

A staggering 33% of physicians observed serious adverse events in patients due to prior authorization requirements, with 25% reporting instances where it resulted in hospitalization.

The prior authorization process can be a significant source of burnout for providers, with 80% of physicians noting that delays in patient care led to patients occasionally or frequently abandoning their recommended treatment.

In the world of healthcare, process improvement is crucial for reducing administrative burdens and improving patient outcomes. The Humana, athenahealth, and Availity collaboration aimed to address prior authorization pain points.

Their goals were to improve transparency into the prior authorization process. By doing so, they wanted to make it easier for both health plans and providers to navigate the process.

To reduce administrative burdens, the collaboration sought to leverage available clinical content. This would enable them to automate more tasks and free up staff to focus on patient care.

The collaboration also aimed to increase opportunities for automation. This would help reduce the time and effort required to complete prior authorizations.

Here are the specific goals of the collaboration in a nutshell: