Electronic Attachment Rule Still Going Begging at CMS

Proposed rule now slated for a December release, according to Unified Agenda.

This article was first published on Tuesday, August 28, 2019 in MedPage Today.

By Joyce Frieden, News Editor, MedPage Today

WASHINGTON -- "Standards for healthcare attachments." Those four words, contained in this year's Unified Agenda from the Office of Management and Budget, belie a long and unfinished struggle to get the federal government to help with one of physicians' biggest hassles: getting prior authorization from insurers for certain tests and procedures.

Electronic attachments -- test results, x-rays, or anything else that could be sent electronically as part of a prior authorization request -- have long been a hassle for providers because there is no standard format for including them with a prior authorization. Lack of a standard for electronic attachments was one of six barriers to improving the prior authorization process listed in a recent report from the Committee on Operating Rules for Information Exchange (CORE), a division of the Council for Affordable Quality Healthcare (CAQH). The six barriers cited by CAQH CORE included:

• The need for consistency in data content
   
• Lack of federally mandated standards for attachments and clinical documentation
   
• Lack of integration between clinical and administrative systems
   
• Limited availability of vendor products that readily support the standard transaction
   
• State requirements for manual intervention
   
• Lack of provider awareness

Voluntary Use a Success
 

The push to standardize handling of attachments began with the Health Insurance Portability and Accountability Act (HIPAA) back in 1996, according to Robert Tennant, director of health information technology policy at the Medical Group Management Association (MGMA).

HIPAA included a directive for the federal government to develop standards for electronic attachments, but that provision didn't seem to be getting any results, so when the Affordable Care Act (ACA) was passed in 2010, it too included a provision requiring the federal government to issue a final rule on standardizing electronic attachments. The ACA provision, which was included in Section 1104 of the law, even had a deadline: Jan. 1, 2014. But that day has long since passed without any action.

Seema Verma, administrator of the Centers for Medicare & Medicaid Services (CMS) "has called for reduction in the provider burden, for putting 'Patients Over Paperwork,' and for cutting red tape," Tennant said in a phone interview. "Here's a low-hanging piece of fruit that the administration could very easily get out in regulation."

Even now, some payers and providers are voluntarily using a standard known as 275 -- which is used by Medicare -- to exchange electronic attachments, "and it's working great," he said. "They both report savings and tremendous advantages. So it's not like it hasn't been tried. We just need a mandate so vendors will support it and all payers be required to offer it. Without a mandate, we can't move forward as an industry."

"About a year and a half ago, a group of us went to CMS to make the case for the 275," said Tennant. "Here's a rare example in which industry came together -- large health plans, EPIC, Cerner, MGMA, the American Hospital Association, and the clearinghouses. We all went to CMS, because they didn't see the industry was solidly behind this. We said, 'We are.' We went in and made the case for why we need this standard. CMS put it on its regulatory agenda, and [the rule] was supposed to come out [last] August, but it never did."

Why the Delay?
 

For now, the electronic attachment standard is listed in the Unified Agenda as a proposed rule targeted for release in December. But why has it been delayed for so long despite two mandates -- over 23 years -- for its release? That gets into the area of speculation, said Tennant, who has a few ideas of the reasons why. "It's a combination of a couple of things; one is that Medicare, as a health plan, doesn't require very much prior authorization," he said. "It would be an expensive upgrade to the CMS computer system ... to support this. Also, there's a new [interoperability] standard called FHIR [Fast Healthcare Interoperability Resources], and there's a prior authorization use case for FHIR."

"Some of us are thinking that the agency is delaying the 275 [assuming] that the FHIR standard will solve the problem down the road, and I think that's still a long way away and we could reap benefits in the here and now with 275 transaction standard," Tennant said. "Not to discount the opportunities FHIR presents, but there is no reason the two couldn't co-exist for some period of time."

However, other efforts are proceeding on several fronts. In May, CORE finalized rules addressing the consistency of data exchanged between plans and providers, explained April Todd, senior vice president at CORE. "Oftentimes on prior authorization, the provider sends in a request to the health plan saying, 'I'm requesting this particular service for this particular patient,' and the health plan immediately sends back a response that 'This is pended.' The provider doesn't know why it"s pended, and doesn't know what to do next, and it leads to a lot of manual work," such as calling the health plan or sending the plan unsolicited information, she said.

"These rules provide consistency about what data goes back to the provider to help them figure out what to do next," Todd explained. "So a plan would send back particular codes that tell the provider, 'This is pended because we need a lab result' or 'This is pended because we need you to do a certain test first,' so it will provide the information needed for the provider to move the claim along."

CORE is in the process of developing a certification test allowing plans, vendors, and others to test their system to make sure they're compliant with the new rules. "We anticipate we'll have early-adopter organizations that will come in later in the year to start testing their system," she said.

CMS Launches Compliance Review
 

In addition, a month before the CORE rules came out, the CMS launched its compliance review program to "ensure compliance among covered entities with HIPAA Administrative Simplification rules for electronic health care transactions," the agency said on its website. This includes the "278" rule for standardizing prior authorization transactions. After pilot-testing the program, CMS randomly picked nine health plans and claims to clearinghouses for review, to make sure they were compliant with standards for transaction formats, code sets, and unique patient identifiers.

"Covered entities found to be noncompliant will be given the opportunity to take actions to correct issues and achieve compliance," the agency said in a bulletin on the new program. "Covered entities who do not achieve compliance may be subjected to escalated enforcement actions."

CORE also has been trying to educate providers about their rights under current regulations through webinars as well as provider surveys and site visits, Todd said. "We very frequently will hear from a provider that they didn't understand that if they asked the health plan to use the 278 transaction standard to conduct prior authorization, the health plan needs to do that. They weren't aware that there is a standardized transaction to use for prior authorizations and that they could file a complaint with the Department of Health and Human Services when a plan refuses [to use the standard]."

Until CMS releases the electronic attachment standard, prior authorization remains "one task the physician and their staff do that almost inevitably leads to expletives, mainly because it directly impacts patient care," said Tennant. "It slows it down, it goes against the judgment of the physician ... and adds to the frustration level of the entire staff within the office."