By EHRA Chair David Bucciferro (Foothold Technology)

Health information technology (IT) holds great promise for contributing to efforts to streamline and improve the efficiency of the highly complex prior authorization process, and the EHR Association is confident that electronic health record (EHR) systems have a vital role to play in doing so. However, the adoption of electronic prior authorization (ePA) is not without its challenges – challenges that will require time, significant cross-stakeholder coordination, and standardization of access to and exchange of related data to overcome.

As we laid out in the previous three blogs in this series, the EHR Association supports streamlining the ePA process, provided the effort is appropriately supported by accepted standards and care is taken to avoid past mistakes of rolling out policy requirements faster than standards have been developed to support the work. 

Standard Maturity

As we discussed in the second blog, standards are crucial to the successful adoption of ePA. We are seeing progress in the form of the Da Vinci Project’s Coverage Requirements Determination (CRD), Documentation Templates and Rules (DTR), and the Prior Authorization Support (PAS) implementation guides. However, in their current state, these standards are not mature enough to enable a robust, testable certification program as they do not yet cover all relevant interactions among critical health IT components within both the provider and payer infrastructures

Also problematic is the USCDI standard, which lacks agility when it comes to allocating the relevant subset of USCDI data for specific use cases. This is particularly germane considering that health IT solutions would need to be certified to support all USCDI even though ePA requires only some of the data. 

To that end, the EHR Association urges ONC not to assign responsibility for all provider-side interactions to any single health IT solution (e.g., EHRs). We recommend instead that ONC work first with CMS to focus on the adoption and certification of the implementation guides on the payer side and establish a clear implementation standard for any interactions with the payers supporting prior authorization. We also discourage the establishment of certification criteria for provider-focused health IT until there is clarity on how the specific functional needs addressed within the implementation guides map to the various systems supporting prior authorization that are in use at healthcare organizations. 

Pacing Policies

On the policy front, we laid out in the third blog the need for ePA to roll out at a pace and with a legal/regulatory cadence that aligns with the ability of stakeholders to deploy and use solutions that follow consistent standards – something that can’t happen if policy requirements outpace standards development. 

Further, policymakers need to approach the rollout of requirements with clear expectations. Any unintentional release of ambiguous definitions, the inclusion of unclear enforcement procedures, or failure to sufficiently address intersections between other federal, state, and local regulatory frameworks will weaken the ability of actors to have confidence that they are compliant.  

Thus, the EHR Association recommends a two-stage approach to ePA. Stage 1 would focus on working with CMS on the adoption and certification of the CRD and PAS Implementation Guides on the payer side – saving DTR for a later date – while establishing a clear implementation standard for any interactions with payers supporting prior authorization. It is important to note that while the CMS notice of proposed rulemaking (NPRM) appears to support this approach, we will not have a full understanding of what the proposed first stage for rolling out ePA support across CMS and ONC should be until the latter issues its own NPRM. 

Stage 2 would involve the establishment of EHR certification criteria based on the matured and evolved interaction distributions across health IT, with the typical interaction sets documented clearly within each Implementation Guide. Further, this should include extending the provider functional requirement for prior authorization engagement with the use of certified health IT to support the prior authorization workflow.

Next Steps

The path to ePA is one that intersects not only with patient care but also with every facet of the healthcare industry. The stakes are high. It is critical that we get it right the first time.

Proposed rulemaking has already been issued by CMS, and we expect related regulations from ONC shortly. As such, it is time to move past individual stakeholder issues and wish lists and dig into how the proposed implementation of ePA will span the entire healthcare industry, impacting patients, payers, providers, and even health IT developers. 

To that end, the EHR Association is interested in discussing the suggestions set forth in this blog series with all impacted industry stakeholder groups. We look forward to exploring and advancing a practical and deliberate ePA roadmap in order to establish a more efficient and effective process for providers and payers, and ultimately the ability to improve the provision of timely patient care. 

In addition to Bucciferro, contributing authors to this blog series are Ex officio EHRA Executive Committee member Hans Buitendijk (Oracle Cerner), EHRA Executive Committee member and Information Blocking Workgroup Vice Chair Leigh Burchell (Altera Digital Health), and SDOH-Health Equity Workgroup Chair Janet Campbell (Epic).