What’s happening: The Centers for Medicare & Medicaid Services (CMS) issued enforcement discretion guidance for entities covered by the Health Insurance Portability & Accountability Act (HIPAA) that are implementing certain prior authorization application programming interfaces (APIs).
What else to know: This is in response to finalized policies to advance interoperability and electronic prior authorization processes.
CMS’ National Standards Group will not take HIPAA administrative simplification enforcement action against HIPAA-covered entities that choose not to use the X12 278 standard as part of an electronic Fast Healthcare Interoperability Resources API prior authorization process. This policy was first announced in the CMS Interoperability and Prior Authorization final rule.