When the Office of the National Coordinator (ONC) for Health Information Technology released the 21st Century Cures Act, and the Centers for Medicare & Medicaid Services (CMS) released the Interoperability and Patient Access final rule on May 1, 2020, they presented several significant changes to modern health interoperability.
Last fall, Lightbeam’s Chief Medical Officer, Kent Locklear, MD, MBA, cohosted a presentation with then-ONC National Coordinator, Dr. Don Rucker. The two discussed ways that providers, patients, and developers can leverage these new regulatory updates to promote high-quality, transparent care.
From the beginning, CMS and the ONC laid out the critical timelines for adoption, and much to our disbelief, we are quickly arriving at one of the most important ones: July 1, 2021.
On July 1, the Patient Access Application Program Interface (API) and Provider Directory API are officially enforceable for all payers, including Medicare Advantage (MA), Medicaid, Children’s Health Insurance Program (CHIP), and Quality Health Plan (QHP) issuers. Let’s do a quick rundown of the important components of each.
Patient Access API
One of the primary objectives of the entire Cures Act Final Rule was the expansion of patient access to their personal health information. As such, with the Final Rule, patients must be able to see their claims and clinical data via third-party applications on personal devices with a secure Patient Access API.
The Patient Access API must be compliant with API technical standards adopted by the Department of Health and Human Services (HHS), which includes the Health Level 7 (HL7®) Fast Healthcare Interoperability Resources (FHIR®) standard. To be considered a valid Patient Access API, the minimum requirements are adjudicated claims data, clinical data, capitated provider encounters, enrollee cost-sharing, preferred drug lists, and provider remittances.
Part D MA plans have two additional requirements:
- Adjudicated claims data for Part D drug coverage must be available to view no later than one business day
- Any formulary structures or related procedures
Provider Directory API
In keeping with the “more power to the patients” mentality, payer organizations (except QHPs) must allow developers to create FHIR-based Provider Directory API tools that offer patients accurate information like network status, names, and more when selecting new care providers. QHPs must only maintain machine-readable files with the required information.
To quote CMS, “[h]aving this information available through an API will facilitate public access to accurate information about which managed care providers are in-network or accepting new patients, as well as current contact information for providers.”
The Provider Directory API must meet the exact requirements of the Patient Access API except those related to user authentication and authorization, as they are intended to be publicly available for those on the hunt for new physicians or insurance providers. The minimal requirements for Provider Directory APIs are:
- Provider names
- Pharmacy names
- Number and type of pharmacies (For MA Part D Plans)
- Phone numbers
This information must be correct and in provider directories within 30 calendar days of initial receipt or update to existing information.
Visit the Lightbeam Education Center for All Things Interoperability
For all commentary and takeaways on the 21st Century Cures Act, visit the Lightbeam Education Center and download our latest whitepaper “Overcoming the Challenges of Modern Health Interoperability” today.
Carrie Roth is Lightbeam’s Manager of HIE Implementation.