Providers and payers must collaboratively determine whether the information requested by payers for prior authorization support is the minimum necessary - PAS #32

XMLWordPrintableJSON

    • Type: Change Request
    • Resolution: Not Persuasive
    • Priority: Medium
    • US Da Vinci PAS (FHIR)
    • STU3
    • Financial Mgmt
    • (profiles) [deprecated]
    • Hide

      This section is talking about what's technically in the Bundle, not about what should be/shouldn't be in the Claim. (We've agreed to add wording to the Security & Privacy considerations that makes clear the 'minimum necessary' rule for that already). Therefore, no change to this section.

      Show
      This section is talking about what's technically in the Bundle, not about what should be/shouldn't be in the Claim. (We've agreed to add wording to the Security & Privacy considerations that makes clear the 'minimum necessary' rule for that already). Therefore, no change to this section.
    • Robert Dieterle / Rachael Foerster: 20-0-1
    • Clarification

      Existing Wording: Additional Bundle entries SHALL be populated with any resources referenced by the Claim resource (and any resources referenced by those resources, fully traversing all references and complying with all identified profiles)….In addition to these core elements needed to populate the 278 message, any "supporting information" resources needed to process the prior authorization request (whether determined by DTR processes or by other means) must also be included in the Bundle.

      Proposed Wording: Additional Bundle entries SHALL be populated with any resources referenced by the Claim resource (and any resources referenced by those resources, fully traversing all references and complying with all identified profiles) to the extent permissible under the provider's minimum necessary policies and any privacy policies to which the provider must comply….In addition to these core elements needed to populate the 278 message, any "supporting information" resources needed to process the prior authorization request (whether determined by DTR processes or by other means) must also be included in the Bundle to the extent permissible under the provider's minimum necessary policies and any privacy policies to which the provider must comply.

      Comment:

      DaVinci must develop or reference technical specifications in PAS IG for how to use automated filters that enforce the provider/payer side documented privacy policies generally, and minimum necessary in particular.

      • Provider-side filters needed to catch outbound Resources that

      o Exceed the minimum necessary information

      o Are not germane to the services being prior authorized

      o Are about an individual who is not the patient, unless it meets minimum necessary, e.g., a spouse, child, family member (family history). On the other hand, such a filter should permit disclosure of mother/babe where pertinent

      o With security labels, indicating for example, Part 2 information or information on services for which the patient paid out of pocket and dissents from sharing with a payer

      o Needing security labels, for example on newly generated information or where a patient has changed their consent directive to permit or restrict disclosure

      • Payer-side filters to limit requests to the minimum necessary for making "HIPAA payment" decisions. I.e., not "HIPAA operations" case management/ care coordination or any other activity permitted for operations purposes.

      Summary:

      Providers and payers must collaboratively determine whether the information requested by payers for prior authorization support is the minimum necessary

            Assignee:
            Unassigned
            Reporter:
            Kathleen Connor
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: