Skip to content
Search to learn about InterSystems products and solutions, career opportunities, and more. Results include content from our developer community, product documentation and education websites in addition to

CMS Interoperability and Patient Access Final Rule for Payers

CMS & Payers

To promote data sharing, CMS released its final rule on March 9, 2020 with the goal of ensuring that every American can, without special effort or advanced technical skills, see, obtain, and use all electronically available information that is relevant to his or her health and care. Most of the rule’s mandates for payers go into effect beginning on January 1, 2021, although CMS has extended regulatory enforcement for the Patient Access Application Programming Interfaces (APIs) to July 1, 2021. Data sharing by payers includes two types of information:

  • Personal health and claim information, such as current and past medical conditions and care received, that requires appropriate diligence to protect each individual’s privacy
  • General interest information that should be widely available, such as health plan provider directory, and in some cases pharmacy directory

Which payers are impacted by this rule?

Medicare Advantage (MA) plans, Medicaid state agencies, Medicaid managed care plans, Children’s Health Insurance Program (CHIP) agencies, CHIP Managed Care entities, and issuers of qualified health plans in Federally-Facilitated Exchanges, except for stand-alone dental plans.

What are payers required to do under this proposed rule?

PATIENT ACCESS API: The rule requires covered Health Plans to provide patients access to their data through “open” APIs. APIs should be published such that patients can use third-party applications to access that data, subject to the provision of HIPAA.

Data to be shared includes:

  • Claims data, adjudicated claims, encounters with capitated providers, provider remittances and enrollee cost-sharing
  • Clinical data, including clinical notes, assessment and plans, medications, lab results and more, based on the USCDI v1 data set (when maintained by the impacted payer)

PROVIDER DIRECTORY API: Health Plans must make standardized information about their provider networks available through a Provider Directory API which includes:

  • Provider names, addresses, phone numbers, and specialties
  • MA plans that offer part D (prescriptions) and Medicaid plans must include pharmacy directory data, including the pharmacy name, address, phone number, number of pharmacies in the network, and mix (specifically the type of pharmacy, such as “retail pharmacy”)

APIs must be compliant with standards (HL7® FHIR® – Fast Healthcare Interoperability Resources 4.0.1) published in the companion ONC final rule.

The rule also requires payers to support beneficiaries in coordinating their own care via payer to payer data exchange by January 1, 2022 using the United States Core Data for Interoperability (USCDI) data standard.

What standards need to be supported under this rule?

  • FHIR 4.0.1
  • USCDI v.1
  • OAuth 2.0, Open ID Connect

What type of data will be shared?

  • Claims data included in the CARIN Alliance Common Payer Consumer Data Set (CPCDS)
  • Clinical data, if already managed by the plan
  • Pharmacy benefit, directory, and formulary data
  • Provider Directory information

InterSystems, a Leader in FHIR and Interoperability, Can Help You Meet the CMS Interoperability Rule Requirements (9115-F)

Customers use our solutions to bring together patient and member data from EMRs, insurance claim systems, and other sources across the healthcare ecosystem. InterSystems interoperability technology has been at or near the top of KLAS rankings for over a decade.

InterSystems Can Help You Succeed

CMS Proposed Rule Requirement for Health PlansInterSystems Capability
Provide patients/members access to their data through "open" APIs using FHIRThe HealthShare® CMS Solution Pack™ provides all the capabilities needed for payers to meet the CMS Interoperability Rule. This includes support for FHIR 4, the United States Core Data for Interoperability (USCDI) data standard and all the CMS referenced implementation guides, including the required privacy and security standards and guides.
Support multiple clinical and claims data elements, and expose them using FHIROur robust, turnkey solution provides ingestion, transformation and API data endpoints for all required FHIR 4 resources.
Support beneficiaries in coordinating their own care via payer to payer data exchange using the United States Core Data for Interoperability (USCDI) data standardWe can support all data types included in the USCDI required for Patient Access APIs and payer to payer data sharing.
Share Provider Directory through open APIs using FHIRHealthShare Provider Directory exposes provider information using APIs and the FHIR 4 standard. For payers that already have a Provider Directory, we can expose your provider data through our FHIR Gateway API endpoints.

Powering Digital Transformation

Digital transformation is a strategic imperative that payers need to embrace if they want to maintain a leading edge. It will help payers envision new approaches to care delivery at lower cost. And it will help steer members to the lowest-cost high-quality provider, thereby optimizing the care setting for their needs and enabling them to better manage their health – the heart of the CMS rule.

No data management vendor has a greater commitment to healthcare or more relevant experience than InterSystems. Globally, more than a billion health records are managed by solutions built on our technology. The most sophisticated private and government providers depend upon devices, records, and IT powered by InterSystems.

Other Resources You Might Enjoy

Take The Next Step

We’d love to talk. Fill in some details and we’ll be in touch.
*Required Fields
Highlighted fields are required
*Required Fields
Highlighted fields are required
** By selecting yes, you give consent to be contacted for news, updates and other marketing purposes related to existing and future InterSystems products and events. In addition, you consent to your business contact information being entered into our CRM solution that is hosted in the United States, but maintained consistent with applicable data protection laws.