CMS-0057-F Prior Auth & Payer APIs
CMS_0057free12 data-quality rules for CMS Interoperability and Prior Authorization Final Rule (CMS-0057-F). Covers FHIR R4 conformance, US Core USCDI requirements, prior-authorization lifecycle, payer-to-payer exchange, provider attribution, Da Vinci PAS profiles, bulk export integrity, and terminology bindings. Effective dates align with Jan 1 2026 enforcement milestones.
Checks included (20)
US Core Must-Support Present
Required US Core must-support elements (patient demographics, identifiers, clinical data classes) must be populated per USCDI.
PA Decision Reason Coded
When a prior authorization is denied or pended, a specific coded reason must be present — an explicit CMS-0057-F requirement.
Patient Access API Usage Metric Reported
Annual Patient Access API usage metrics required by CMS from Jan 1 2026 must be captured (unique patients, total requests).
Payer-to-Payer Bundle Complete
Payer-to-payer transfers must include the required content: USCDI data, claims/encounter data (5 yrs), and active/recent prior authorizations.
Bulk Data Export Integrity
FHIR bulk ($export) NDJSON output resource counts must match the export manifest; no truncated or missing files.
Resource ID Present(resource_id)
Every FHIR resource exposed by the Prior Authorization and Payer APIs must carry a logical id.
FHIR R4 Resource Conformance
Every resource exposed by the APIs must validate against FHIR R4 (4.0.1) base and the applicable profile (no structural/cardinality errors).
Prior Auth Status Code Valid
Prior-authorization status must be one of the allowed codes: active, cancelled, draft, entered-in-error, pended, denied, approved.
Terminology Binding Valid
Coded values must come from the bound ValueSet for their context (CPT/HCPCS for procedures, ICD-10-CM for diagnoses, X12 CARC for denials).
Prior-Auth Claim Use Is Preauthorization(use)
A Da Vinci PAS Claim submitted for prior authorization must set Claim.use = 'preauthorization'.
ClaimResponse Outcome Is Valid(outcome)
ClaimResponse.outcome must be queued, complete, error, or partial.
Provider Access Attribution Valid
Provider Access API requests must resolve to a valid patient-provider attribution relationship before data is shared.
Coverage Reference Resolves
Claim/PA resources must reference a Coverage and Patient resource that exist and are active for the date of service.
Claim Patient Resolves
Each Claim.patient reference must resolve to an existing Patient resource.
Requesting Provider NPI Is Valid
The requesting provider on a prior-authorization request must carry a valid NPI present in the NPPES registry.
ClaimResponse Links to Its Request
Each ClaimResponse.request reference must resolve to an existing Claim (the prior-authorization request it answers).
PA Turnaround Within SLA
Prior-auth decisions must be made within the regulatory window: 72 hours for expedited/urgent and 7 calendar days for standard requests.
Da Vinci PAS Bundle Valid
Prior-authorization Claim/ClaimResponse bundles must conform to the Da Vinci PAS profiles (required entries, references resolve).
Requested Service Period Is Ordered
The requested service period start must not be after its end.
No Duplicate Resources(resource_key)
Each FHIR resource (resourceType + id) must appear once across the APIs.