CMS Interoperability and Patient Access Final Rule was developed to connect healthcare technology systems so members can access their own data. All CMS-backed plans—Medicare Advantage plans, Medicare plans and ACA plans will be required to provide a patient access API, a provider API, and a payer-to-payer data exchange system.
An API is an application program interface. An API is like an electrical outlet—there's a standard shape and size for the outlet and all electrical devices in the U.S. are designed to connect to it. The API is designed to provide the technical ability to access and exchange data in a standardized way.
For the patient access API, this provides the member with a way to access all of their health information from the health plan including clinical data, claims data, enrollment data, etc. The provider directory API provides members with a way to find providers within their health plan and it allows providers with an expedited way to obtain prior authorization. CMS's goal is to incentivize innovation and enhance the member experience. Once the APIs are developed, the industry will have the foundation for continual improvement. The final API is the payer-to-payer data exchange, which provides a connection between health plans so if a member switches plans, their historical data follows them. This will encourage better quality and continuity of care by empowering providers with a full health history, the member retains all of their data, and the plans can identify gaps in care immediately rather than waiting to develop their own historical data. The entire healthcare ecosystem benefits from a collaborative data exchange.
Health plans are facing some challenges with the implementation of interoperability standards. Most health plans are insurance companies and do not have a technology arm. In order to meet the compliance standards, plans must form vendor partnerships that are specialized in technical solutions for government-sponsored health plans. The goal of a 3rd party vendor in interoperability is to: create an environment where PHI is both protected and available, craft a strong authentication layer, shield proprietary information from competing health plans in the payer-to-payer data exchange, and provide an operational ecosystem where data is maximized across different aspects of the business.