Not All Patient Access Implementations are Created Equal

Flexpa, a digital health platform company, recently published its first State of Payer Patient Access APIs report. In it, they provide a scorecard to understand the CMS-9115 landscape and evaluate which payers and vendors are performing well against the requirements, which are doing the bare minimum, and which are entirely missing the mark.

Before jumping into the scores, let’s remind ourselves why patient access is so important. Patient access is crucial to the healthcare industry because it empowers individuals to take control of their health by providing timely access to their medical records. This transparency improves patient engagement, leading to more informed and proactive health decisions. Moreover, on the payer side, patient access eliminates manual data-sharing processes and improves member experience and satisfaction. Ultimately, ensuring patient access to health data is a key component in advancing personalized medicine, improving outcomes, and driving efficiencies across the healthcare ecosystem.

Now, back to the report. Looking at the performance from both payer and vendor perspectives, it’s clear that not all Patient Access implementations are created equal. I’m not sure what’s considered passing vs. failing in this case, but if we go by college standards, 77% of payers are currently failing in their Patient Access implementation, with 254 out of 329 scoring less than 65 points. Sadly, despite being judged on their best performance across all their customers, many vendors don’t fare very well either — with 12 out of 28 receiving a failing mark. 

This just goes to show how critical it is to choose the right vendor to partner with to meet your compliance needs. With the enforcement date for the CMS Interoperability and Prior Authorization final rule (CMS-0057-F) looming, these implementations will only become more complex. Hence, you must know that your chosen vendor is up to the challenge and can deliver. 

1upHealth was the highest-ranking interoperability vendor included in the report. Many of our payer customers scored in the 80-90 range, and we have nearly two times the implementations of our nearest competitor. 

In this article, I’ll explore some of the key findings, including things to consider when choosing an interoperability vendor and where many are falling short today. I’ll also explore what makes 1upHealth different from other FHIR vendors and how we came out on top in this analysis.

Key Findings: Factors to Consider When Choosing an Interoperability Vendor

Successful Flows & Patient Usage of APIs

It may seem obvious, but one of the most important and heavily weighted aspects of a successful Patient Access API implementation is whether patients can get through the flow and access their data — accounting for 40 possible points. However, quite surprisingly, only 60% of the vendors evaluated achieved a “validated” status and received full points for this category, meaning production access is enabled and patients can complete the flow. This, coupled with patient API usage, clearly indicates whether a payer’s implementation is reliable and doesn’t have blockers to access. Only 28% of vendors had at least monthly patient volume, with one-third having no usage at all. 

So, what does this mean when you’re evaluating an interoperability vendor? You should be sure to inquire about their implementation track record. Ask how many implementations they’ve completed successfully where patients can complete the flow and access their data. Also, ask about their Patient Access API usage. On average, do they have weekly or monthly usage of their APIs?

So how did 1upHealth fare? We received 42 out of a possible 43 points, losing only one point for having monthly versus weekly Patient Access API usage. Ultimately, this report brings to light that many FHIR vendors have struggled to successfully implement the Patient Access API for their customers. At 1up, that’s not something you need to worry about, and we have the track record to prove it. We have over 80+ enterprise customers and the most implementations of CMS FHIR APIs in the market. We’re the most experienced vendor, and we’ve developed a tried and true implementation process that ensures our customers are up and running with Patient Access in 120-140 days, on average.

Access & Authentication

The second most heavily weighted functionality was the presence of a refresh token, accounting for 15 points. Refresh tokens enable patient sessions to last longer than the validity period of an access token and are essential to increasing member adoption. Without consistent and easy access, patients are likely to be dissatisfied and stop using it altogether. Flexpa also attributed an additional point for having a refresh expiry period. Of the vendors evaluated, only 61% had a refresh token, and 21% had a refresh expiry period.

Additional features evaluated that impact patient access were the length of the access token expiry period and the presence of the patient launch parameter, accounting for up to a further four points. The access token expiry period needs to be long enough that applications can retrieve a patient’s data but short enough that it’s not valid forever and doesn’t compromise security. The sweet spot is less than 24 hours for two points. The patient launch context parameter is defined in SMART and tells the application which patient’s data it can access (two points).  

Ultimately, these all boil down to making it easy for patients to access the data they need when they need it. Questions you should ask during your vendor evaluation might include: 

  • Do you have a refresh token, and what’s the expiry period? 
  • Does your solution include a patient launch context parameter as defined in SMART? 
  • What’s the length of your access token expiry period?

1upHealth received full points across these categories, totaling 20 additional points. The 1up FHIR Platform makes acquiring, managing, sharing, and analyzing valuable healthcare data easy. It’s designed with state-of-the-art cloud-native infrastructure for unparalleled scalability, security, and reliability. By continually investing in the foundation of our architecture, we’re setting ourselves and our customers up with a future-proof solution that can easily evolve to meet the market’s needs. 

We recognize that Flexpa will incorporate conversion rates as a scorecard input in future iterations of this report. To that end and as 1upHealth gears up to support payers with upcoming compliance requirements, we’re prioritizing improving our identity verification experience to mitigate member drop-off points. For the Patient Access API, drop-off refers to a member abandoning the workflow anywhere before a successful login. We have narrowed down member drop-offs to two root causes: missing registration and identity verification issues.

First-time users need to verify their identity with 1upHealth and often miss this secondary registration requirement. To address this, we’re enhancing the member registration experience to be clear and easy to navigate, particularly for first-time users. 

In addition, some members aren’t getting through the identity verification step due to a mismatch between the identifiers they provide and their identifiers on the 1up platform (e.g., mistyped member ID). To improve this, we are making our identity verification requirements as clear as possible to end users (e.g., if a member ID needs to be in a specific format) and improving our member management backend, which in turn improves match rates.  

FHIR API Resources Implementation

The third category I wanted to highlight, representing a total of 13 possible points, is how well the vendor’s implementation adheres to the CMS Patient Access Rule regarding CARIN Blue Button Implementation Guide resources (Patient, Coverage, ExplanationOfBenefit) and Clinical resources (Condition, CareTeam, Procedure, Other).

These are important as having these resources available contributes to whether a payer complies with CMS regulations. Unfortunately, on average, only half the vendors evaluated made the CARIN Blue Button resources available, and less than 30% made the Clinical resources available. 

When evaluating a vendor, ask about their adherence to the CMS Rule and what CARIN Blue Button Implementation Guide and Clinical resources they make available to their users. If they aren’t adhering to both, this might be a red flag as to their ability to deliver against the requirements of current and future CMS compliance regulations.

1upHealth again received full points for the category (13), offering our customers all of the CARIN Blue Button Implementation Guide and Clinical resources. Meeting the constantly changing government regulations around healthcare data exchange is complicated. We’re committed to being a trusted compliance partner to our customers. We’re dedicated to staying up to date with regulatory requirements, advising on best practices, and delivering an API-enabled, FHIR®-native solution that scales and evolves with the changing compliance landscape.

Beyond Compliance Implementations & Functionality

The last big bucket of implementations notable from the analysis were those that exceeded the minimum compliance requirements. Most notably, Flexpa attributed 10 points to implementations beyond government lines of business and supported Patient Access for all their patients, including commercial lives. This is significant as achieving the true benefits of healthcare interoperability is only possible when all patients have access to their full health data record, enabling them to make better, more informed decisions. Only three vendors out of the 28 evaluated have successfully implemented their Patient Access APIs for commercial lines of business.

Additional notable factors considered in the report outside the standard CMS requirements include $everything support, which is a developer-friendly way to pull all of a patient’s data, and sync speed, which measures the performance of the API’s ability to synchronize full patient records. Together, these attributes add up to an additional four points.  

Savvy payers are looking for an interoperability partner who goes beyond the bare minimum of compliance, supports their commercial lines of business, and delivers a superior patient experience. When evaluating a potential vendor, ask them whether they’ve implemented their solution for non-government lines of business and how their organization creates value beyond a compliance checkbox. Also, ask whether they can support $everything and about their synchronization speed.

1up receives full points across the board (14) and is one of only three vendors to have implemented their solution to support both commercial and government lives. We also rank in the highest median sync speeds of ten seconds or less, and are one of only six vendors to support $everything export capabilities. 

At 1upHealth, our goal is not just to meet CMS requirements but to exceed them and to help our customers leverage their interoperability investments for a strategic advantage. Ultimately, compliance is a cost center for payers, and with vendors that only tick the compliance checkbox, payers are always going to be in the red on their investment. 1up helps payers realize a return on their investment by enabling them to do more with their data, including better risk adjustment, supercharged value-based contracts, improved patient outreach, and enhanced population health and care management.  

Navigating CMS Implementations: Why Vendor Choice Matters

The importance of choosing the right interoperability vendor cannot be overstated. Successful CMS implementations are intricate and demand a partner with proven experience and expertise. It’s crucial for payers to carefully evaluate potential vendors based on their track record, ability to facilitate seamless data access, adherence to regulatory standards, and delivery of business value beyond just compliance.

The data from Flexpa’s State of Payer Patient Access APIs report underscores that many vendors fall short, with a significant portion failing to meet the necessary standards for successful implementations. With only a handful of vendors excelling, like 1upHealth, it becomes evident that thorough due diligence is essential when selecting a partner. 1up’s top ranking highlights the value of partnering with a vendor that not only meets but exceeds compliance requirements, offering robust solutions that cater to both government and commercial lines of business.

By choosing a seasoned and proficient interoperability vendor, payers can ensure their CMS implementations are not just compliant but also efficient, secure, and beneficial to their operations. This strategic decision can ultimately lead to improved patient outcomes, better risk adjustment, and a tangible return on investment.

If you’d like to learn more about 1upHealth solutions or how we can help you improve your implementation score, contact us

Share with your community

Sign up to get the latest insights and updates from 1upHealth