CMS Interoperability Final Rule

This policy requires CMS-regulated payers to use standardized, open APIs to make claims and encounter data available to patients.

According to the policy, payers will need to:

• Devise a micro services architecture for API enablement strategy.
• Establish an end-to-end API operating model, including security.
• Implement, configure, and maintain security functionalities of the API and the electronic information systems it connects to.
• Review and possibly update security policies to address this need.
• Have a validation/approval plan for third party developers (Apple Health, Coral, etc.) before accessing their systems’ APIs.

Note Providers having their own health plan including Medicare Advantage will also need to address this policy.

Benefit: Having claims data along with clinical data offers a better approach to understand the healthcare system and leads to better health facilities to patients.

This policy directs CMS-regulated payers to make provider directory information available publicly via a standards-based API. The directory information would include the names of providers, addresses, phone numbers, and specialty.

Note This policy does not take Qualified Health Plan (QHP) issuers in the Federally Facilitated Exchanges (FFEs) into its ambit as they are already required keep provider directory information available.

Benefit: Making providers directory information publicly available enables third-party application developers to access the information to build services that can help patients to seek providers for care and treatment. It also generates coordination among different care providers so that patients get the best treatment. Accessibility of information in this way improves its quality, accuracy, and timeliness. The deadline to implement the Provider Directory API is by January 1, 2021. It is mandatory for MA organizations, Medicaid and CHIP FFS programs, Medicaid managed care plans, and CHIP managed care entities to implement it by the said date. QHP issuers on the FFEs are already directed to make provider directory information available in a specified, machine-readable format.

According to this policy, patients can request CMS-regulated payers to exchange certain clinical data (specifically U.S. Core Data for Interoperability (USCDI) version 1 data set) to carry their information with them in case of a change in payers over the period of time. It helps them to have a consolidated health record with their current payer.

Benefit: Having consolidated health information of a patient leads to informed decision-making, efficient care, and ultimately a better health outcome.

This policy directs each state in the US to:

• Exchange Medicare and Medicaid enrollee data daily with CMS.
• Implement system changes to support daily enrollee exchanges with CMS.

The policy also directs the states to notify about the patients who have dual - Medicare and Medicaid - coverage.

Note Providers who have their own health plan that includes Medicare Advantage also need to address this requirement.

Benefit: Implementation of this policy will help beneficiaries to get access to appropriate services and billed them appropriately at the first time, eliminating waste and burden.

This policy enables CMS to display names of eligible clinicians, hospitals, and critical access hospitals (CAHs) publicly that are involved in information blocking based on their attestation to the CMS Promoting Interoperability (PI) program or CMS Merit-based Incentive Payment System (MIPS). It requires:

• Providers to answer 3 prevention of information blocking attestation statements while submitting data to the CMS PI program or MIPS. Their answers to these statements will be disclosed publicly.
• Providers to create policies and procedures to ensure information blocking practices are prevented.
• Payers to publish information blocking attestation statements for their provider network, though it is not mandatory for them.

Benefits: Helping patients to choose providers based on the fact of accessing their health information electronically.

This policy requires providers to list or update their digital contact information, such as secure digital endpoints like a Direct Address and/or a FHIR API endpoint, in the National Plan and Provider Enumeration System (NPPES). CMS has started publicly reporting names of the providers, who have failed to comply with the policy, from late 2020.

• All individual health care providers and facilities are required to update their NPPES record online to add digital contact information.
• For a commercial payer who also owns and manages provider practices, the payer may need to ensure that NPPES is updated appropriately for their providers who see Medicare patients.
• Providers need to establish a monitoring and maintenance process to ensure internal provider dictionaries include the most up to date digital contact information.
• Providers should work with their electronic health record (EHR) vendors to help them clean up provider master files to ensure up-to-date digital information and current National Provider Identifier (NPI) has been updated.

Benefit: A list of providers without their digital contact information available publicly directs them to keep it available to leverage care coordination and data exchange.