The CMS-0057-F rule, introduced by the Centre for Medicare and Medicaid Services (CMS), presents a significant opportunity for payers to enhance interoperability and streamline prior authorisation processes. It builds on previous regulations by introducing a set of technical and operational mandates designed to facilitate the seamless sharing of healthcare information. Despite the challenges of compliance, the rule provides opportunities for payers to improve care coordination, member engagement, and operational efficiency. HIMSS explored the core aspects of the CMS-0057-F rule, its impact on information sharing across payers, members, and providers, and the implementation of electronic prior authorisation (ePA) processes.
Payer-to-Payer Data Sharing: Enhancing Care Coordination
One of the main requirements of the CMS-0057-F rule is facilitating information sharing between payers to build comprehensive longitudinal health records. This provision aims to improve care coordination for members transitioning between plans or maintaining coverage from multiple payers. Impacted payers, which include Medicare Advantage organisations, Medicaid, and CHIP managed care entities, are mandated to share data through a FHIR-based Payer-to-Payer API.
The rule requires payers to support longitudinal health records by integrating clinical, claims, and social determinants of health data, effectively creating a unified patient profile that spans multiple coverage periods. This will benefit patients with chronic conditions who frequently change insurance plans, as payers can now ensure continuity of care and avoid redundant treatments. Additionally, payers must establish an opt-in mechanism, allowing members to consent to the exchange of their health information, as well as operational processes to identify previous and concurrent payers. Overcoming challenges like member identity alignment, educational resources, and data integration will be critical to successfully implementing these requirements.
Patient Access API: Empowering Members with Their Health Data
The CMS-0057-F rule reinforces the goal of providing members with access to their health records through the Patient Access API. Building upon the standards set by CMS-9115-F, this enhanced API allows patients and their representatives to access a wide range of data, including clinical history, claims, cost-sharing details, and prior authorisation information, through their chosen apps. Integrating prior authorisation details is expected to provide members with transparency and clarity around the status and history of their authorisation requests, excluding data related to drugs.
The rule also mandates that impacted payers report annual usage metrics of the Patient Access API to CMS starting in 2026. This includes reporting the number of patients who downloaded their data through the API and those who accessed it more than once. While many patients currently have low utilisation of health data applications, the expectation is that increased transparency in prior authorisation and enhanced access to comprehensive health records will boost patient engagement and lead to better-informed healthcare decisions.
Provider Access API: Enabling Better Care Through Information Sharing
The CMS-0057-F rule introduces the Provider Access API, a tool designed to enhance value-based care by enabling in-network providers to access their patients' health records from the payer. This data-sharing capability ensures that treating providers have relevant information to improve care coordination, close care gaps, and reduce unnecessary services. Providers can access the same core data elements available to members, such as adjudicated claims, clinical information, and prior authorisation details, except for remittances and cost-sharing data.
Before sharing information, payers must develop an attribution process to verify the treatment relationship between the provider and the member. This requires accurate member attribution, even for new patients without a claims history, and consideration of sources like provider rosters or attestation. Additionally, payers are required to implement an opt-out process, allowing members to prevent data sharing with specific providers. Education for both providers and members is essential to ensure understanding of the data access process, and payers must provide plain language materials about how data can be accessed, as well as the implications of opting out.
The CMS-0057-F rule introduces critical advancements in data interoperability and automation within healthcare, presenting challenges and opportunities for payers. While compliance requires significant investment in IT infrastructure and operational processes, these mandates ultimately drive the creation of comprehensive health records, enhance transparency in prior authorisation, and facilitate better care coordination. The long-term benefits include improved member experiences, reduced provider abrasion, and more efficient health plan operations, thereby maximising the return on investment from compliance efforts. With the right strategies and collaborative cross-functional efforts, payers can leverage the CMS-0057-F rule to advance value-based care and improve outcomes for all stakeholders in the healthcare ecosystem.
Source: HIMSS
Image Credit: iStock
