Putting policy before standards can create serious ePA roadblocks

To avoid unnecessary frustration and potential hardship in shifting to automated approaches, the industry needs time to set standards and test transactions.

The road to achieving ePA likely will be rocky without sufficient planning.

This is the third column in a four-part series examining the need for ePA, the barriers presented by the current environment, necessary capabilities and functionality for progress, and the EHR Association’s policy recommendations. View part 4.

There is a strong use case for electronic prior authorization (ePA), especially in light of the frustration providers have with burdensome current processes. Health IT developers have recognized the potential that exists for technologies to make clients’ lives easier in this area.

However, the road to success with ePA will be rocky if it is not broadly rolled out at a pace, and with a legal and regulatory cadence, that aligns with the ability of stakeholders to deploy and use solutions that follow consistent standards.

In light of this, the EHR Association supports the promulgation of ePA requirements only when it can be done in a way that avoids prior policy mistakes of pushing faster than standards development can keep up.

Sounds easy, but it isn’t

Rolling out electronic prior authorization will be complex, even more so than similar efforts at digitization that have already been accomplished. This complexity stems from the need for change – and adoption of agreed-upon standards – by multiple stakeholders with varying levels of readiness.

For example, it is important to work closely with payers to ensure they are ready for the necessary bidirectional information flow using standards and to ensure functionality can be sufficiently tested. This also helps avoid a scenario in which payers roll out individual requirements to which EHR developers and providers will have to respond, which would be highly inefficient. 

Further, for this initiative to succeed, clear expectations and patience by policymakers in rolling out requirements at a deliberate pace are essential. Any unintentional release of ambiguous definitions, the inclusion of unclear enforcement procedures or failure to sufficiently address intersections between other federal, state and local regulatory frameworks weaken the ability of actors to have confidence that they are in compliance.

In the past, there have been instances in which policymakers were so eager to move the industry forward that they issued requirements before standards were agreed upon through the normal consensus-driven processes. This is the most frustrating scenario that many fear, because the industry has spent countless resources developing products to satisfy certification criteria that are not standards-based (or support requirements our clients must meet) or on timelines that don’t align with the standards development process.

As an example, the industry currently faced this exact scenario as it collectively works to deliver Electronic Health Information Export functionality without any industry-wide standard associated with the requirement. Developers and application users already know that this will result in redoing software development in the future when a standard is established.


The EHR Association recommends a two-stage approach to ePA, which is laid out in the group’s previous RFI response to the Office of the National Coordination of Health IT (ONC). 

Briefly, the EHR Association recommends that Stage 1 focus on working with the Centers for Medicare & Medicaid Services (CMS) on the adoption and certification of the Coverage Requirements Determination (CRD) and the Prior Authorization Support (PAS) Implementation guides on the payer side (two initiatives underway at the Da Vinci Project) – saving Documentation Templates and Rules (DTR) for a later date because of the substantial complexity of managing its capabilities on the provider side – and establishing a clear implementation standard for any interactions with payers supporting prior authorization. 

Stage 2 would involve establishing certification criteria based on the matured and evolved interaction distributions across health IT, with the typical interaction sets documented clearly within each Implementation Guide. Further, extend the provider functional requirement for prior authorization engagement with the use of certified health IT to support the prior authorization workflow.

While there will be a progression and expansion of the basis on which health IT is certified, the EHR Association strongly recommends that providers be fully supported over time by a suite of certified health IT for the full ePA workflow.

We also recommend carving out sufficient time for health IT developers to design efficient solutions, write safe and secure code, and test it thoroughly, and for healthcare organizations to implement, quality test and train on all changes. The EHR Association recommends at least 18 months from the release of all final requirements before the use of any affected software is required.

Additionally, the EHR Association urges ONC to:

  •      • Increase coordination among federal agencies to align terminology, standards used, reporting expectations and other factors to reduce the burden of compliance and eliminate unnecessary variation affecting software developers and the care providers using ePA.
  •      • Prioritize data standards by focusing regulations on the development and use of mature, balloted standards developed by standards organizations, such as HL7. Funding for investment in new technologies should be contingent on the adoption of such standards to avoid duplicative or otherwise unnecessary work.

Finally, EHR developers should be included early in any legislating and rule-writing efforts. With developers’ knowledge of the care settings, people, interactions and processes involved in healthcare delivery, they can advise policymakers on healthcare organizations’ readiness to succeed in proposed programs, as well as the development, implementation and testing that will be necessary to safely deploy the newest requirements. 

Leigh Burchell (Altera Digital Health), is the Public Policy Leadership Workgroup Chair for the EHR Association

This is the third column in a four-part series examining the need for ePA, the barriers presented by the current environment, necessary capabilities and functionality for progress, and the EHR Association’s policy recommendations. View part 4.

More for you

Loading data for hdm_tax_topic #reducing-cost...