{"description":"Documents matching 'hipaa authorization documentation showing they'","count":420,"total_pages":21,"next_page_url":"https://www.federalregister.gov/api/v1/documents?conditions%5Bterm%5D=hipaa+authorization+documentation+showing+they&format=json&page=2","results":[{"title":"Medicare and Medicaid Programs; Patient Protection and Affordable Care Act; Interoperability Standards and Prior Authorization for Drugs for Medicare Advantage Organizations, Medicaid Managed Care Plans, State Medicaid Agencies, Children's Health Insurance Program (CHIP) Agencies and CHIP Managed Care Entities, and Issuers of Qualified Health Plans on the Federally-Facilitated Exchanges","type":"Proposed Rule","abstract":"These proposals are intended to improve the electronic exchange of health care data and streamline processes related to prior authorization by increasing the interoperability of systems used across the health care industry. We are proposing new requirements for Medicare Advantage (MA) organizations, state Medicaid fee-for-service (FFS) programs, state Children's Health Insurance Program (CHIP) FFS programs, Medicaid managed care plans, CHIP managed care entities, and Qualified Health Plan (QHP) issuers on the Federally-facilitated Exchanges (FFEs), including issuers that offer small group market QHPs on the Federally-facilitated Small Business Health Options Program (FF- SHOP) Exchanges (hereinafter referred to as \"small group market QHP issuers on the FF-SHOPs\") (collectively \"impacted payers\"), to make available electronic prior authorization for drugs. We are also proposing to extend many existing interoperability requirements for the prior authorization of non-drug items and services to include prior authorizations for drugs to further reduce patient and provider burden. We are also proposing to require impacted payers to report their application programming interfaces (API) endpoints and related information for the Patient Access, Provider Directory, Provider Access, Payer-to-Payer, and Prior Authorization APIs to CMS. To help assess the impact of our policies, we are proposing to collect API usage metrics. In addition, we are proposing to apply the existing interoperability requirements to small group market QHP issuers on the FF-SHOPs as impacted payers. To improve impacted payers' ability to exchange health information while continuing CMS's drive toward interoperability, we are proposing to require certain Health Level Seven (HL7[supreg]) Fast Healthcare Interoperability Resources (FHIR[supreg]) implementation guides (IGs) that are currently recommended. In addition, HHS is proposing to adopt the HL7 FHIR base standard and certain associated specifications and IGs as the Health Insurance Portability and Accountability Act of 1996 (hereinafter referred to as \"HIPAA\") (Pub. L. 104-191, enacted Aug. 21, 1996) standards for dental, professional, and institutional \"referral certification and authorization\" transactions and \"eligibility for a health plan\" transactions associated with prior authorization. We are proposing to add a definition for \"failure to report,\" which would allow CMS to impose a civil monetary penalty (CMP) on applicable manufacturers or applicable group purchasing organizations (GPOs) if those entities fail to grant CMS timely access to documents for the purposes of an audit. Finally, ONC is using this rulemaking to propose to adopt updated versions of certain health information technology (health IT) standards and specifications for HHS use, such as CMS's interoperability requirements, to support a more robust health IT infrastructure.","document_number":"2026-07205","html_url":"https://www.federalregister.gov/documents/2026/04/14/2026-07205/medicare-and-medicaid-programs-patient-protection-and-affordable-care-act-interoperability-standards","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-04-14/pdf/2026-07205.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-07205.pdf?1775852111","publication_date":"2026-04-14","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"},{"raw_name":"Office of the Secretary"}],"excerpts":"proposals for <span class=\"match\">HIPAA</span> Administrative Simplification. As discussed in section II.H. of this proposed rule, the <span class=\"match\">HIPAA</span> Administrative Simplification proposals would apply to <span class=\"match\">HIPAA</span> covered entities, as described in section 1172(a) of the Act and defined in 45 CFR 160.103. \n Some plans that participate in those CMS programs may not be permitted to use prior <span class=\"match\">authorization</span> (such as Private FFS MA plans) or may choose not to use prior <span class=\"match\">authorization</span>. Our prior <span class=\"match\">authorization</span> proposals only apply to the extent that a payer (or plan) uses prior <span class=\"match\">authorization</span>. Therefore"},{"title":"HIPAA Security Rule To Strengthen the Cybersecurity of Electronic Protected Health Information","type":"Proposed Rule","abstract":"The Department of Health and Human Services (HHS or \"Department\") is issuing this notice of proposed rulemaking (NPRM) to solicit comment on its proposal to modify the Security Standards for the Protection of Electronic Protected Health Information (\"Security Rule\") under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act). The proposed modifications would revise existing standards to better protect the confidentiality, integrity, and availability of electronic protected health information (ePHI). The proposals in this NPRM would increase the cybersecurity for ePHI by revising the Security Rule to address: changes in the environment in which health care is provided; significant increases in breaches and cyberattacks; common deficiencies the Office for Civil Rights has observed in investigations into Security Rule compliance by covered entities and their business associates (collectively, \"regulated entities\"); other cybersecurity guidelines, best practices, methodologies, procedures, and processes; and court decisions that affect enforcement of the Security Rule.","document_number":"2024-30983","html_url":"https://www.federalregister.gov/documents/2025/01/06/2024-30983/hipaa-security-rule-to-strengthen-the-cybersecurity-of-electronic-protected-health-information","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-01-06/pdf/2024-30983.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-30983.pdf?1735334119","publication_date":"2025-01-06","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Office of the Secretary"}],"excerpts":"Covered Entities,” <span class=\"match\">HIPAA</span> Security Series, Centers for Medicare &amp; Medicaid Services, p. 6 (Nov. 2004, revised Mar. 2007), \n https://www.hhs.gov/sites/default/files/ocr/privacy/<span class=\"match\">hipaa</span>/administrative/securityrule/security101.pdf?language=es; “Controlling Access to ePHI: For Whose Eyes Only?,” Cybersecurity Newsletter, \n Office for Civil Rights, U.S. Department of Health and Human Services (July 14, 2021), \n https://www.hhs.gov/<span class=\"match\">hipaa</span>/for-professionals/security/guidance/cybersecurity-newsletter-summer-2021/index.html; and “<span class=\"match\">HIPAA</span> Security Rule Facility"},{"title":"Administrative Simplification: Modifications of Health Insurance Portability and Accountability Act of 1996 (HIPAA) National Council for Prescription Drug Programs (NCPDP) Retail Pharmacy Standards; and Modification of the Medicaid Pharmacy Subrogation Standard","type":"Rule","abstract":"This final rule adopts updated versions of the retail pharmacy standards for electronic transactions adopted under the Administrative Simplification subtitle of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). These updated versions are modifications to the currently adopted standards for the following retail pharmacy transactions: health care claims or equivalent encounter information; eligibility for a health plan; referral certification and authorization; and coordination of benefits. This final rule also adopts a modification to the standard for the Medicaid pharmacy subrogation transaction.","document_number":"2024-29138","html_url":"https://www.federalregister.gov/documents/2024/12/13/2024-29138/administrative-simplification-modifications-of-health-insurance-portability-and-accountability-act","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-12-13/pdf/2024-29138.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-29138.pdf?1734011124","publication_date":"2024-12-13","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Office of the Secretary"}],"excerpts":" we sometimes refer to this statute as the “original” <span class=\"match\">HIPAA</span>. \n Section 1172(a) of the Act states that “[a]ny standard adopted under [<span class=\"match\">HIPAA</span>] shall apply, in whole or in part, to . . . (1) A health plan. (2) A health care clearinghouse. (3) A health care provider who transmits any health information in electronic form in connection with a [<span class=\"match\">HIPAA</span> transaction],” which are collectively referred to as “covered entities.” Generally, section 1172 of the Act requires any standard adopted under <span class=\"match\">HIPAA</span> to be developed, adopted, or modified by a standard setting"},{"title":"Administrative Simplification; Adoption of Standards for Health Care Claims Attachments Transactions and Electronic Signatures","type":"Rule","abstract":"This final rule implements requirements of the Administrative Simplification subtitle of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and the Patient Protection and Affordable Care Act, as amended by the Health Care and Education Reconciliation Act of 2010, enacted on March 30, 2010--collectively, the Affordable Care Act. Specifically, this final rule adopts standards for health care claims attachments transactions, which will support health care claims transactions, and a standard for electronic signatures to be used in conjunction with health care claims attachments transactions.","document_number":"2026-05676","html_url":"https://www.federalregister.gov/documents/2026/03/24/2026-05676/administrative-simplification-adoption-of-standards-for-health-care-claims-attachments-transactions","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-03-24/pdf/2026-05676.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-05676.pdf?1774037709","publication_date":"2026-03-24","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Office of the Secretary"}],"excerpts":"Interchange (EDI) and Transaction Standards \n In the <span class=\"match\">HIPAA</span> Standards for Health Care Attachments proposed rule, we discussed how <span class=\"match\">HIPAA</span> transactions involve the electronic transmission of information between two parties to carry out health care-related financial or administrative activities (87 FR 78441). These activities include health insurance claims submissions and prior <span class=\"match\">authorization</span> requests, and <span class=\"match\">HIPAA</span> standards for those transactions require uniformity for EDI of those transmissions. \n \n The benefit of <span class=\"match\">HIPAA</span> standards is that they use a common interchange"},{"title":"HIPAA Privacy Rule To Support Reproductive Health Care Privacy","type":"Rule","abstract":"The Department of Health and Human Services (HHS or \"Department\") is issuing this final rule to modify the Standards for Privacy of Individually Identifiable Health Information (\"Privacy Rule\") under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act). The Department is issuing this final rule after careful consideration of all public comments received in response to the notice of proposed rulemaking (NPRM) for the HIPAA Privacy Rule to Support Reproductive Health Care Privacy (\"2023 Privacy Rule NPRM\") and public comments received on proposals to revise provisions of the HIPAA Privacy Rule in the NPRM for the Confidentiality of Substance Use Disorder (SUD) Patient Records (\"2022 Part 2 NPRM\").","document_number":"2024-08503","html_url":"https://www.federalregister.gov/documents/2024/04/26/2024-08503/hipaa-privacy-rule-to-support-reproductive-health-care-privacy","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-04-26/pdf/2024-08503.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-08503.pdf?1713816919","publication_date":"2024-04-26","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Office of the Secretary"}],"excerpts":"be for a prohibited purpose. \n A few commenters asserted that a <span class=\"match\">HIPAA</span> <span class=\"match\">authorization</span> is the safest approach to ensuring an individual is aware of and agrees to the use or disclosure of their PHI. One of those commenters recommended that the Department permit a regulated entity to disclose PHI pursuant to a valid <span class=\"match\">authorization</span> unless the covered entity has actual knowledge that an <span class=\"match\">authorization</span> was not voluntary. A commenter recommended adding a disclaimer or warning to the <span class=\"match\">authorization</span> to provide assurances that an individual was not coerced into"},{"title":"Confidentiality of Substance Use Disorder (SUD) Patient Records","type":"Rule","abstract":"The United States Department of Health and Human Services (HHS or \"Department\") is issuing this final rule to modify its regulations to implement section 3221 of the Coronavirus Aid, Relief, and Economic Security (CARES) Act. The Department is issuing this final rule after careful consideration of all public comments received in response to the notice of proposed rulemaking (NPRM) for the Confidentiality of Substance Use Disorder (SUD) Patient Records. This final rule also makes certain other modifications to increase alignment with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule to improve workability and decrease burden on programs, covered entities, and business associates.","document_number":"2024-02544","html_url":"https://www.federalregister.gov/documents/2024/02/16/2024-02544/confidentiality-of-substance-use-disorder-sud-patient-records","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-02-16/pdf/2024-02544.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-02544.pdf?1707408916","publication_date":"2024-02-16","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Office of the Secretary"}],"excerpts":" \n See \n “How OCR Enforces the <span class=\"match\">HIPAA</span> Privacy &amp; Security Rules,” \n supra \n note 97.\n \n \n \n \n 121 \n  \n See \n “What are the Duties of a <span class=\"match\">HIPAA</span> Compliance Officer?” The <span class=\"match\">HIPAA</span> Journal, \n https://www.hipaajournal.com/duties-of-a-<span class=\"match\">hipaa</span>-compliance-officer/; \n U.S. Dep't of Health and Human Servs., “The <span class=\"match\">HIPAA</span> Privacy Rule”, \n https://www.hhs.gov/<span class=\"match\">hipaa</span>/for-professionals/privacy/index.html; \n U.S. Dep't of Health and Human Servs., “Submitting Notice of a Breach to the Secretary” (Feb. 27, 2023), \n https://www.hhs.gov/<span class=\"match\">hipaa</span>/for-professionals/breach-notif"},{"title":"Medicare and Medicaid Programs; Patient Protection and Affordable Care Act; Advancing Interoperability and Improving Prior Authorization Processes for Medicare Advantage Organizations, Medicaid Managed Care Plans, State Medicaid Agencies, Children's Health Insurance Program (CHIP) Agencies and CHIP Managed Care Entities, Issuers of Qualified Health Plans on the Federally-Facilitated Exchanges, Merit-Based Incentive Payment System (MIPS) Eligible Clinicians, and Eligible Hospitals and Critical Access Hospitals in the Medicare Promoting Interoperability Program","type":"Rule","abstract":"This final rule will improve the electronic exchange of health care data and streamline processes related to prior authorization through new requirements for Medicare Advantage (MA) organizations, state Medicaid fee-for-service (FFS) programs, state Children's Health Insurance Program (CHIP) FFS programs, Medicaid managed care plans, CHIP managed care entities, and Qualified Health Plan (QHP) issuers on the Federally-facilitated Exchanges (FFEs). This final rule will also add new measures for eligible hospitals and critical access hospitals (CAHs) to report under the Medicare Promoting Interoperability Program and for MIPS eligible clinicians to report under the Promoting Interoperability performance category of the Merit-based Incentive Payment System (MIPS). These policies, taken together, will reduce overall payer and provider burden and improve patient access to health information while continuing CMS's drive toward interoperability in the health care market.","document_number":"2024-00895","html_url":"https://www.federalregister.gov/documents/2024/02/08/2024-00895/medicare-and-medicaid-programs-patient-protection-and-affordable-care-act-advancing-interoperability","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-02-08/pdf/2024-00895.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-00895.pdf?1705612517","publication_date":"2024-02-08","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"},{"raw_name":"Office of the Secretary"}],"excerpts":"use the Prior <span class=\"match\">Authorization</span> API to determine whether a specific payer requires prior <span class=\"match\">authorization</span> for a certain item or service, thereby easing one of the major points of administrative burden in the existing prior <span class=\"match\">authorization</span> process. The Prior <span class=\"match\">Authorization</span> API will also allow providers to query the payer's prior <span class=\"match\">authorization</span> <span class=\"match\">documentation</span> requirements directly from the provider's system, which could facilitate the automated compilation of necessary information to submit a prior <span class=\"match\">authorization</span> request. For the Prior <span class=\"match\">Authorization</span> API policy,"},{"title":"HIPAA Privacy Rule To Support Reproductive Health Care Privacy","type":"Proposed Rule","abstract":"The Department of Health and Human Services (HHS or \"Department\") is issuing this notice of proposed rulemaking (NPRM) to solicit comment on its proposal to modify the Standards for Privacy of Individually Identifiable Health Information (\"Privacy Rule\") under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act). The proposal would modify existing standards permitting uses and disclosures of protected health information (PHI) by limiting uses and disclosures of PHI for certain purposes where the use or disclosure of information is about reproductive health care that is lawful under the circumstances in which such health care is provided. The proposal would modify existing standards by prohibiting uses and disclosures of PHI for criminal, civil, or administrative investigations or proceedings against individuals, covered entities or their business associates (collectively, \"regulated entities\"), or other persons for seeking, obtaining, providing, or facilitating reproductive health care that is lawful under the circumstances in which it is provided.","document_number":"2023-07517","html_url":"https://www.federalregister.gov/documents/2023/04/17/2023-07517/hipaa-privacy-rule-to-support-reproductive-health-care-privacy","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2023-04-17/pdf/2023-07517.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2023-07517.pdf?1681328717","publication_date":"2023-04-17","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Office of the Secretary"}],"excerpts":"clarifying that <span class=\"match\">authorizations</span> are permitted to be submitted and signed electronically. \n See \n <span class=\"match\">HIPAA</span> FAQ #475, and <span class=\"match\">HIPAA</span> FAQ #554, \n \n https://\n \n www.hhs.gov/<span class=\"match\">hipaa</span>/for-professionals/faq/554/how-do-<span class=\"match\">hipaa</span>-<span class=\"match\">authorizations</span>-apply-to-electronic-health-information/index.html.\n \n \n \n \n Unlike the <span class=\"match\">authorization</span> provision, the proposed attestation would be limited to the specific use or disclosure. Generally, when a regulated entity receives a valid <span class=\"match\">authorization</span>, they may continue to use or disclose PHI to such requestor pursuant to that <span class=\"match\">authorization</span> after the"},{"title":"Medicare Program; Hospital Inpatient Prospective Payment Systems for Acute Care Hospitals (IPPS) and the Long-Term Care Hospital Prospective Payment System and Policy Changes and Fiscal Year (FY) 2026 Rates; Changes to the FY 2025 IPPS Rates Due to Court Decision; Requirements for Quality Programs; and Other Policy Changes; Health Data, Technology, and Interoperability: Electronic Prescribing, Real-Time Prescription Benefit and Electronic Prior Authorization","type":"Rule","abstract":"This final rule revises the Medicare hospital inpatient prospective payment systems (IPPS) for operating and capital-related costs of acute care hospitals; makes changes relating to Medicare graduate medical education (GME) for teaching hospitals; updates the payment policies and the annual payment rates for the Medicare prospective payment system (PPS) for inpatient hospital services provided by long-term care hospitals (LTCHs); updates and makes changes to requirements for certain quality programs; and makes other policy- related changes. We are also finalizing the provisions of the interim final action with comment period regarding the changes to the FY 2025 IPPS rates due to the court decision in Bridgeport Hosp. v. Becerra. Lastly, it finalizes certain updates to the ONC Health Information Technology (IT) Certification Program.","document_number":"2025-14681","html_url":"https://www.federalregister.gov/documents/2025/08/04/2025-14681/medicare-program-hospital-inpatient-prospective-payment-systems-for-acute-care-hospitals-ipps-and","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-08-04/pdf/2025-14681.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-14681.pdf?1753992911","publication_date":"2025-08-04","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"},{"raw_name":"Office of the Secretary"}],"excerpts":"the <span class=\"match\">HIPAA</span> Security Rule does not currently prescribe a specific methodology for conducting and documenting a risk analysis or managing risk, and we reiterate our proposal was not intended to exceed or extend beyond what is required under the <span class=\"match\">HIPAA</span> Security Rule. We have modified the measure text accordingly. \n In addition, with respect to risk management <span class=\"match\">documentation</span>, we appreciate the recommendation to provide guidance modeled after OCR's <span class=\"match\">documentation</span> requirements for demonstrating implementation of RSPs; however, we note that the <span class=\"match\">HIPAA</span> Security"},{"title":"Administrative Simplification: Adoption of Standards for Health Care Attachments Transactions and Electronic Signatures, and Modification to Referral Certification and Authorization Transaction Standard","type":"Proposed Rule","abstract":"This rule would implement requirements of the Administrative Simplification subtitle of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Patient Protection and Affordable Care Act, as amended by the Health Care and Education Reconciliation Act of 2010, enacted on March 30, 2010--collectively, the Affordable Care Act. Specifically, this proposed rule would adopt standards for \"health care attachments\" transactions, which would support both health care claims and prior authorization transactions, and a standard for electronic signatures to be used in conjunction with health care attachments transactions. To better support the use of the proposed standards for attachments transactions with prior authorization transactions, this rule also proposes to adopt a modification to the standard for the referral certification and authorization transaction (X12 278) to move from Version 5010 to Version 6020.","document_number":"2022-27437","html_url":"https://www.federalregister.gov/documents/2022/12/21/2022-27437/administrative-simplification-adoption-of-standards-for-health-care-attachments-transactions-and","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2022-12-21/pdf/2022-27437.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2022-27437.pdf?1671138929","publication_date":"2022-12-21","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Office of the Secretary"}],"excerpts":"Prior <span class=\"match\">Authorization</span> Process.” \n 6 \n \n There, CAQH CORE reported how, for even the HHS-adopted prior <span class=\"match\">authorization</span> transaction standards, health care industry uptake \n \n lagged that of other transaction standards, and remained largely paper-based, due in large measure to a lack of infrastructure supporting electronic transmission of attachments that frequently serve as necessary supporting <span class=\"match\">documentation</span> in the prior <span class=\"match\">authorization</span> transaction.\n \n \n \n 6 \n  “Moving Forward: Building Momentum for End-to-End Automation of the Prior <span class=\"match\">Authorization</span> Process"},{"title":"Administrative Simplification: Modifications of Health Insurance Portability and Accountability Act of 1996 (HIPAA) National Council for Prescription Drug Programs (NCPDP) Retail Pharmacy Standards; and Adoption of Pharmacy Subrogation Standard","type":"Proposed Rule","abstract":"This proposed rule would adopt updated versions of the retail pharmacy standards for electronic transactions adopted under the Administrative Simplification subtitle of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). These updated versions would be modifications to the currently adopted standards for the following retail pharmacy transactions: health care claims or equivalent encounter information; eligibility for a health plan; referral certification and authorization; and coordination of benefits. The proposed rule would also broaden the applicability of the Medicaid pharmacy subrogation transaction to all health plans. To that end, the rule would rename and revise the definition of the transaction and adopt an updated standard, which would be a modification for state Medicaid agencies and an initial standard for all other health plans.","document_number":"2022-24114","html_url":"https://www.federalregister.gov/documents/2022/11/09/2022-24114/administrative-simplification-modifications-of-health-insurance-portability-and-accountability-act","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2022-11-09/pdf/2022-24114.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2022-24114.pdf?1667855716","publication_date":"2022-11-09","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Office of the Secretary"}],"excerpts":" we sometimes refer to this statute as the “original” <span class=\"match\">HIPAA</span>. \n Section 1172(a) of the Act states that “[a]ny standard adopted under [<span class=\"match\">HIPAA</span>] shall apply, in whole or in part, to . . . (1) A health plan. (2) A health care clearinghouse. (3) A health care provider who transmits any health information in electronic form in connection with a [<span class=\"match\">HIPAA</span> transaction],” which are collectively referred to as “covered entities.” Generally, section 1172 of the Act requires any standard adopted under <span class=\"match\">HIPAA</span> to be developed, adopted, or modified by a standard setting"},{"title":"Medicare Program; Alternative Payment Model Updates and the Increasing Organ Transplant Access (IOTA) Model","type":"Proposed Rule","abstract":"This proposed rule describes a new mandatory Medicare payment model, the Increasing Organ Transplant Access Model (IOTA Model), that would test whether performance-based incentive payments paid to or owed by participating kidney transplant hospitals increase access to kidney transplants for patients with end-stage renal disease (ESRD) while preserving or enhancing the quality of care and reducing Medicare expenditures. This proposed rule also includes standard provisions that would apply to Innovation Center models whose first performance period begins on or after January 1, 2025, and also would apply, in whole or part, to any Innovation Center model whose first performance period begins prior to January 1, 2025 should such model's governing documentation incorporate the provisions by reference in whole or in part. The proposed standard provisions relate to beneficiary protections; cooperation in model evaluation and monitoring; audits and records retention; rights in data and intellectual property; monitoring and compliance; remedial action; model termination by CMS; limitations on review; miscellaneous provisions on bankruptcy and other notifications; and the reconsideration review process.","document_number":"2024-09989","html_url":"https://www.federalregister.gov/documents/2024/05/17/2024-09989/medicare-program-alternative-payment-model-updates-and-the-increasing-organ-transplant-access-iota","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-05-17/pdf/2024-09989.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-09989.pdf?1715199328","publication_date":"2024-05-17","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"}],"excerpts":"without the individual's <span class=\"match\">authorization</span>. The Medicare FFS program, a “health plan” function of the Department, is subject to the <span class=\"match\">HIPAA</span> Privacy Rule limitations on the disclosure of PHI without an individual's <span class=\"match\">authorization</span>. IOTA participants are also covered entities, provided they are health care providers as defined by 45 CFR 160.103 and they or their agents electronically engage in one or more <span class=\"match\">HIPAA</span> standard transactions, such as for claims, eligibility or enrollment transactions. In light of these relationships, we believe that the proposed disclosure"},{"title":"Medicare and Medicaid Programs: Hospital Outpatient Prospective Payment and Ambulatory Surgical Center Payment Systems; Quality Reporting Programs, Including the Hospital Inpatient Quality Reporting Program; Health and Safety Standards for Obstetrical Services in Hospitals and Critical Access Hospitals; Prior Authorization; Requests for Information; Medicaid and CHIP Continuous Eligibility; Medicaid Clinic Services Four Walls Exceptions; Individuals Currently or Formerly in Custody of Penal Authorities; Revision to Medicare Special Enrollment Period for Formerly Incarcerated Individuals; and All-Inclusive Rate Add-On Payment for High-Cost Drugs Provided by Indian Health Service and Tribal Facilities","type":"Rule","abstract":"This final rule with comment period revises the Medicare Hospital Outpatient Prospective Payment System (OPPS) and the Medicare Ambulatory Surgical Center (ASC) payment system for calendar year 2025 based on our continuing experience with these systems. We describe the changes to the amounts and factors used to determine the payment rates for Medicare services paid under the OPPS and those paid under the ASC payment system. Also, this final rule updates the requirements for the Hospital Outpatient Quality Reporting Program, Rural Emergency Hospital Quality Reporting Program, Ambulatory Surgical Center Quality Reporting Program, and Hospital Inpatient Quality Reporting Program. We also summarize information received in response to a Request for Information on potential modifications to the Safety of Care measure group in the Overall Hospital Quality Star Rating methodology. In this final rule, we are also finalizing our proposal to narrow the description of \"custody\" in the Medicare payment exclusion rule and to revise the special enrollment period criteria for formerly incarcerated individuals. We are also finalizing our Medicaid and Children's Health Insurance Program (CHIP) continuous eligibility provisions. We are also finalizing the proposal to reduce the review timeframe for standard prior authorization requests for certain covered outpatient department services paid under the OPPS from 10-business days to 7-calendar days. Further, this rule finalizes updates to the Conditions of Participation (CoPs) for hospitals and critical access hospitals (CAHs) in an effort to advance the health and safety of pregnant, birthing, and postpartum women. This rule also finalizes our proposed policy to separately pay Indian Health Service (IHS) and Tribal hospitals for high-cost drugs furnished in hospital outpatient departments through an add-on payment in addition to the all-inclusive rate (AIR) under the authorities used to calculate the AIR starting January 1, 2025. Finally, we are finalizing exceptions to the Medicaid clinic services four walls requirement for IHS and Tribal clinics, and, at state option, for behavioral health clinics and clinics located in rural areas.","document_number":"2024-25521","html_url":"https://www.federalregister.gov/documents/2024/11/27/2024-25521/medicare-and-medicaid-programs-hospital-outpatient-prospective-payment-and-ambulatory-surgical","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-11-27/pdf/2024-25521.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-25521.pdf?1730492130","publication_date":"2024-11-27","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"}],"excerpts":"exempt a provider from the prior <span class=\"match\">authorization</span> process upon the providers' demonstration of compliance with Medicare coverage, coding, and payment rules. This exemption would remain in effect until we elect to withdraw the exemption. Providers who are exempt do not need to submit prior <span class=\"match\">authorization</span> requests. Additionally, mental health and substance use services do not require prior <span class=\"match\">authorization</span> under Medicare FFS. Also, and as we noted above, our prior <span class=\"match\">authorization</span> policy does not create any new <span class=\"match\">documentation</span> requirements.\n \n \n Comment: \n Some"},{"title":"Medicare Program; Hospital Inpatient Prospective Payment Systems for Acute Care Hospitals (IPPS) and the Long-Term Care Hospital Prospective Payment System and Policy Changes and Fiscal Year (FY) 2027 Rates; Requirements for Quality Programs; and Other Policy Changes","type":"Proposed Rule","abstract":"This proposed rule would revise the Medicare hospital inpatient prospective payment systems (IPPS) for operating and capital- related costs of acute care hospitals; make changes relating to Medicare graduate medical education (GME) for teaching hospitals; update the payment policies and the annual payment rates for the Medicare prospective payment system (PPS) for inpatient hospital services provided by long-term care hospitals (LTCHs); update and make changes to requirements for certain quality programs; and make other policy-related changes.","document_number":"2026-07203","html_url":"https://www.federalregister.gov/documents/2026/04/14/2026-07203/medicare-program-hospital-inpatient-prospective-payment-systems-for-acute-care-hospitals-ipps-and","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-04-14/pdf/2026-07203.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-07203.pdf?1775852113","publication_date":"2026-04-14","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"}],"excerpts":"Electronic Prior <span class=\"match\">Authorization</span> final rule (HTI-4 final rule), which was published as part of the FY 2026 IPPS/LTCH PPS final rule (90 FR 37164 through 37182), ONC finalized three ONC health IT certification criteria for electronic prior <span class=\"match\">authorization</span>, based on the following FHIR IGs: \n • “Provider prior <span class=\"match\">authorization</span> API—coverage requirements discovery” in 45 CFR 170.315(g)(31); \n • “Provider prior <span class=\"match\">authorization</span> API—<span class=\"match\">documentation</span> templates and rules” in 45 CFR 170.315(g)(32); and \n • “Provider prior <span class=\"match\">authorization</span> API—prior <span class=\"match\">authorization</span> support” in 45"},{"title":"Medicare and Medicaid Programs; Calendar Year 2026 Home Health Prospective Payment System (HH PPS) Rate Update; Requirements for the HH Quality Reporting Program and the HH Value-Based Purchasing Expanded Model; Durable Medical Equipment, Prosthetics, Orthotics, and Supplies (DMEPOS) Competitive Bidding Program Updates; DMEPOS Accreditation Requirements; Provider Enrollment; and Other Medicare and Medicaid Policies","type":"Rule","abstract":"This final rule sets forth routine updates to the Medicare home health payment rates in accordance with existing statutory and regulatory requirements. In addition, this final rule finalizes permanent and temporary behavior adjustments and recalibrates the case- mix weights and update the functional impairment levels; comorbidity subgroups; and low-utilization payment adjustment (LUPA) thresholds for CY 2026. This final rule also finalizes changes to the face-to-face encounter policy and changes to the Home Health Quality Reporting Program (HH QRP) and the expanded Health Value-Based Purchasing (HHVBP) Model requirements. In addition, it updates the Durable Medical Equipment, Prosthetics, Orthotics, and Supplies (DMEPOS) Competitive Bidding Program (CBP). Lastly it finalizes: a technical change to the HH conditions of participation; updates to DMEPOS supplier conditions of payment; updates to provider and supplier enrollment requirements; and changes to DMEPOS accreditation requirements.","document_number":"2025-21767","html_url":"https://www.federalregister.gov/documents/2025/12/02/2025-21767/medicare-and-medicaid-programs-calendar-year-2026-home-health-prospective-payment-system-hh-pps-rate","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-12-02/pdf/2025-21767.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-21767.pdf?1764364516","publication_date":"2025-12-02","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"}],"excerpts":"Compliant suppliers would not have to submit prior <span class=\"match\">authorization</span> requests (PARs). The burden associated with submitting prior <span class=\"match\">authorization</span> requests is the time and effort necessary for the submitter to locate and obtain the supporting <span class=\"match\">documentation</span> for the prior <span class=\"match\">authorization</span> request and to forward the materials to the MAC for review. CMS expects that this information would generally be maintained by suppliers as a normal course of business and that this information would be readily available. The <span class=\"match\">documentation</span> submitted must support medical necessity for"},{"title":"Medicare and Medicaid Programs; Calendar Year 2026 Home Health Prospective Payment System (HH PPS) Rate Update; Requirements for the HH Quality Reporting Program and the HH Value-Based Purchasing Expanded Model; Durable Medical Equipment, Prosthetics, Orthotics, and Supplies (DMEPOS) Competitive Bidding Program Updates; DMEPOS Accreditation Requirements; Provider Enrollment; and Other Medicare and Medicaid Policies","type":"Proposed Rule","abstract":"This proposed rule would set forth routine updates to the Medicare home health payment rates in accordance with existing statutory and regulatory requirements. In addition, this proposed rule proposes permanent and temporary behavior adjustments and proposes to recalibrate the case-mix weights and update the functional impairment levels; comorbidity subgroups; and low-utilization payment adjustment (LUPA) thresholds for CY 2026. Lastly, this proposed rule proposes policy changes to the face-to-face encounter policy. It also proposes changes to the Home Health Quality Reporting Program (HH QRP) and the expanded Health Value-Based Purchasing (HHVBP) Model requirements. In addition, it would update the Durable Medical Equipment, Prosthetics, Orthotics, and Supplies (DMEPOS) Competitive Bidding Program (CBP). Lastly it proposes: a technical change to the HH conditions of participation; updates to DMEPOS supplier conditions of payment; updates to provider and supplier enrollment requirements; and changes to DMEPOS accreditation requirements.","document_number":"2025-12347","html_url":"https://www.federalregister.gov/documents/2025/07/02/2025-12347/medicare-and-medicaid-programs-calendar-year-2026-home-health-prospective-payment-system-hh-pps-rate","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-07-02/pdf/2025-12347.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-12347.pdf?1751314517","publication_date":"2025-07-02","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"}],"excerpts":"Compliant suppliers would not have to submit prior <span class=\"match\">authorization</span> requests (PARs). The burden associated with submitting prior <span class=\"match\">authorization</span> requests is the time and effort necessary for the submitter to locate and obtain the supporting <span class=\"match\">documentation</span> for the prior <span class=\"match\">authorization</span> request and to forward the materials to the MAC for review. CMS expects that this information would generally be maintained by suppliers as a normal course of business and that this information would be readily available. The <span class=\"match\">documentation</span> submitted must support medical necessity for"},{"title":"Medicare Program; Contract Year 2027 and Certain Contract Year 2026 Policy and Technical Changes to the Medicare Advantage Program, Medicare Prescription Drug Benefit Program, and Medicare Cost Plan Program","type":"Rule","abstract":"This final rule revises the Medicare Advantage (Part C), Medicare Prescription Drug Benefit (Part D), and Medicare cost plan regulations to implement changes related to Star Ratings, marketing and communications, drug coverage, enrollment processes, special needs plans, and other programmatic areas.","document_number":"2026-06600","html_url":"https://www.federalregister.gov/documents/2026/04/06/2026-06600/medicare-program-contract-year-2027-and-certain-contract-year-2026-policy-and-technical-changes-to","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-04-06/pdf/2026-06600.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-06600.pdf?1775160908","publication_date":"2026-04-06","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"}],"excerpts":"those entities.\n \n Plan sponsors must have <span class=\"match\">documentation</span> to support Part D coverage determinations and POS edits that determine coverage, including when an <span class=\"match\">authorization</span> is reauthorized for an extended period or original approved for a timeframe greater than 10 years. If the <span class=\"match\">authorization</span> is still ongoing, <span class=\"match\">documentation</span> must be available to support it. \n CMS agrees that original coverage determination <span class=\"match\">documentation</span> is already expected upon audit; however, we disagree with the commenter that no new <span class=\"match\">documentation</span> standards are necessary. As stated in the"},{"title":"Medicare and Medicaid Programs; CY 2026 Payment Policies Under the Physician Fee Schedule and Other Changes to Part B Payment and Coverage Policies; Medicare Shared Savings Program Requirements; and Medicare Prescription Drug Inflation Rebate Program","type":"Rule","abstract":"This major final rule addresses: changes to the physician fee schedule (PFS); other changes to Medicare Part B payment policies to ensure that payment systems are updated to reflect changes in medical practice, relative value of services, and changes in the statute; codification of establishment of new policies for: the Medicare Prescription Drug Inflation Rebate Program under the Inflation Reduction Act of 2022; the Ambulatory Specialty Model; updates to the Medicare Diabetes Prevention Program expanded model; updates to drugs and biological products paid under Part B; Medicare Shared Savings Program requirements; updates to the Quality Payment Program; updates to policies for Rural Health Clinics and Federally Qualified Health Centers; update to the Ambulance Fee Schedule regulations; codification of the Inflation Reduction Act and Consolidated Appropriations Act, 2023 provisions; updates to the Medicare Promoting Interoperability Program.","document_number":"2025-19787","html_url":"https://www.federalregister.gov/documents/2025/11/05/2025-19787/medicare-and-medicaid-programs-cy-2026-payment-policies-under-the-physician-fee-schedule-and-other","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-11-05/pdf/2025-19787.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-19787.pdf?1761945018","publication_date":"2025-11-05","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"}],"excerpts":"ASM beneficiaries. \n \n Under the <span class=\"match\">HIPAA</span> Privacy Rule, covered entities (defined in 45 CFR 160.103 as health plans, health care providers that conduct certain transactions electronically, and health care clearinghouses) may only use or disclose protected health information (PHI), a subset of individually identifiable health information, as permitted or required by the <span class=\"match\">HIPAA</span> Privacy Rule, without the individual's <span class=\"match\">authorization</span>. The Medicare FFS program, a “health plan” function of the Department, is subject to the <span class=\"match\">HIPAA</span> Privacy Rule limitations on the"},{"title":"Requirements Related to the Mental Health Parity and Addiction Equity Act","type":"Rule","abstract":"This document sets forth final rules amending regulations implementing the Paul Wellstone and Pete Domenici Mental Health Parity and Addiction Equity Act of 2008 (MHPAEA) and adding new regulations implementing the nonquantitative treatment limitation (NQTL) comparative analyses requirements under MHPAEA, as amended by the Consolidated Appropriations Act, 2021 (CAA, 2021). Specifically, these final rules amend the existing NQTL standard to prohibit group health plans and health insurance issuers offering group or individual health insurance coverage from using NQTLs that place greater restrictions on access to mental health and substance use disorder benefits as compared to medical/surgical benefits. As part of these changes, these final rules require plans and issuers to collect and evaluate relevant data in a manner reasonably designed to assess the impact of NQTLs on relevant outcomes related to access to mental health and substance use disorder benefits and medical/surgical benefits and to take reasonable action, as necessary, to address material differences in access to mental health or substance use disorder benefits as compared to medical/surgical benefits. These final rules also amend existing examples and add new examples on the application of the rules for NQTLs to clarify and illustrate the requirements of MHPAEA. Additionally, these final rules set forth the content requirements for NQTL comparative analyses and specify how plans and issuers must make these comparative analyses available to the Department of the Treasury (Treasury), the Department of Labor (DOL), and the Department of Health and Human Services (HHS) (collectively, the Departments), as well as to an applicable State authority, and to participants, beneficiaries, and enrollees. Finally, HHS finalizes regulatory amendments to implement the sunset provision for self-funded non-Federal governmental plan elections to opt out of compliance with MHPAEA, as adopted in the Consolidated Appropriations Act, 2023 (CAA, 2023).","document_number":"2024-20612","html_url":"https://www.federalregister.gov/documents/2024/09/23/2024-20612/requirements-related-to-the-mental-health-parity-and-addiction-equity-act","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-09-23/pdf/2024-20612.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-20612.pdf?1726258517","publication_date":"2024-09-23","agencies":[{"raw_name":"DEPARTMENT OF THE TREASURY","name":"Treasury Department","id":497,"url":"https://www.federalregister.gov/agencies/treasury-department","json_url":"https://www.federalregister.gov/api/v1/agencies/497","parent_id":null,"slug":"treasury-department"},{"raw_name":"Internal Revenue Service","name":"Internal Revenue Service","id":254,"url":"https://www.federalregister.gov/agencies/internal-revenue-service","json_url":"https://www.federalregister.gov/api/v1/agencies/254","parent_id":497,"slug":"internal-revenue-service"},{"raw_name":"DEPARTMENT OF LABOR","name":"Labor Department","id":271,"url":"https://www.federalregister.gov/agencies/labor-department","json_url":"https://www.federalregister.gov/api/v1/agencies/271","parent_id":null,"slug":"labor-department"},{"raw_name":"Employee Benefits Security Administration","name":"Employee Benefits Security Administration","id":131,"url":"https://www.federalregister.gov/agencies/employee-benefits-security-administration","json_url":"https://www.federalregister.gov/api/v1/agencies/131","parent_id":271,"slug":"employee-benefits-security-administration"},{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"}],"excerpts":"mental health and substance use disorder services and medical/surgical services. For NQTLs such as prior <span class=\"match\">authorization</span>, relevant data could include rates of approvals and denials of prior <span class=\"match\">authorization</span> requests, rates of denials of post-service claims, application of penalties for a failure to obtain prior <span class=\"match\">authorization</span>, and turnaround times for prior <span class=\"match\">authorization</span> requests. Such information could be provided for benefits subject to prior <span class=\"match\">authorization</span> in each benefit classification in which the NQTL is imposed on mental health and substance use disorder"},{"title":"Medicare and Medicaid Programs; Patient Protection and Affordable Care Act; Advancing Interoperability and Improving Prior Authorization Processes for Medicare Advantage Organizations, Medicaid Managed Care Plans, State Medicaid Agencies, Children's Health Insurance Program (CHIP) Agencies and CHIP Managed Care Entities, Issuers of Qualified Health Plans on the Federally-Facilitated Exchanges, Merit-Based Incentive Payment System (MIPS) Eligible Clinicians, and Eligible Hospitals and Critical Access Hospitals in the Medicare Promoting Interoperability Program","type":"Proposed Rule","abstract":"This proposed rule would place new requirements on Medicare Advantage (MA) organizations, state Medicaid fee-for-service (FFS) programs, state Children's Health Insurance Program (CHIP) FFS programs, Medicaid managed care plans, CHIP managed care entities, and Qualified Health Plan (QHP) issuers on the Federally-facilitated Exchanges (FFEs) to improve the electronic exchange of healthcare data and streamline processes related to prior authorization, while continuing CMS' drive toward interoperability in the healthcare market. This proposed rule would also add a new measure for eligible hospitals and critical access hospitals (CAHs) under the Medicare Promoting Interoperability Program and for Merit-based Incentive Payment System (MIPS) eligible clinicians under the Promoting Interoperability performance category of MIPS. These policies taken together would play a key role in reducing overall payer and provider burden and improving patient access to health information.","document_number":"2022-26479","html_url":"https://www.federalregister.gov/documents/2022/12/13/2022-26479/medicare-and-medicaid-programs-patient-protection-and-affordable-care-act-advancing-interoperability","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2022-12-13/pdf/2022-26479.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2022-26479.pdf?1670361325","publication_date":"2022-12-13","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"},{"raw_name":"Office of the Secretary"}],"excerpts":"necessary data elements to populate the <span class=\"match\">HIPAA</span>-compliant prior <span class=\"match\">authorization</span> transactions and enable payers to compile specific responses regarding the status of the prior <span class=\"match\">authorization</span>, including information about the reason for a denial. For the exchange of the prior <span class=\"match\">authorization</span> transaction, covered entities would continue to use the <span class=\"match\">HIPAA</span>-mandated transaction standards. Use of the FHIR API integrates identification of prior <span class=\"match\">authorization</span> and <span class=\"match\">documentation</span> requirements as well as information about prior <span class=\"match\">authorization</span> requests and decisions into a provider's"}]}