By Dr. Steve Kim, Valer Co-Founder and CEO
This is Part 3 of our 10-part series examining the deep, interconnected complexities that keep prior authorization broken. While many hospital and health systems hope new regulation (CMS-0057-F) and AI will improve processes, the real barriers to progress lie in systemic challenges that span technology, workforce, regulation, and operations. These barriers won’t be eliminated by regulation, payer pledges, or today’s AI solutions—but providers have more control than they might think. Throughout the series, we’ll break down the entire prior auth landscape and include practical recommendations that can make a difference.
Before your patient access team can even begin the prior authorization process, they face what should be a simple question: Does this service actually require prior authorization?
In a rational system, this would be straightforward. Your EHR would flag services requiring authorization, or a quick lookup would provide a definitive yes-or-no answer. Instead, staff spend hours each day playing detective, navigating a maze of different payer portals, PDF documents, and delegation relationships just to determine if they need to start the authorization process at all.
This isn’t just inefficient—it’s the source of costly surprises that can derail patient care and organizational finances. When mistakes occur, the consequences range from unnecessary work on services that don’t need authorization to claim denials for missing authorizations that were actually required.
Challenge #1: The Patchwork of Information Access Methods
Every payer has developed their own approach to communicating requirements for prior auth, but each operates in its own silo. Some payers provide web portals where staff can search by procedure code and patient information. Others publish periodic PDF documents listing their requirements. Still others require staff to submit through their portal just to receive a “no auth required” notification—essentially using the submission process as the lookup mechanism.
This fragmentation means your patient access team needs to master dozens of different lookup methods, each with its own login credentials, search parameters, and update schedules. When payers change their requirements—which happens frequently—staff may not discover the change until they’re facing an unexpected denial weeks later.
The time cost is staggering. What should be a 30-second lookup becomes a multi-step process that can consume 10-15 minutes per service, multiplied across thousands of annual authorizations.
The solution: Implement a centralized prior authorization platform that maintains current payer requirements across all your contracts and automatically flags services that require authorization based on your specific payer mix. Look for solutions that update payer rules in real-time so your team isn’t working with outdated information. As CMS 0057F approaches with health plans required to provide a Coverage Requirements Determination (CRD) FHIR API, the hope is that this challenge becomes more transparent and less friction filled.
Challenge #2: The Delegation Maze
The complexity multiplies when payers delegate prior authorization responsibilities to third-party administrators (TPAs) like Availity, Cohere, Carelon, or eviCore. Staff often spend significant time pursuing authorization with the primary payer, only to discover that responsibility has been outsourced to a different entity entirely.
California exemplifies this challenge with 176 different Independent Practice Associations (IPAs), each with their own prior authorization workflow requirements. A single health plan might delegate different services to different IPAs, meaning staff need to determine not just whether authorization is required, but which of multiple entities is actually responsible for making the decision.
This delegation landscape changes frequently as payers modify their contracts and relationships—often with little or no notice. What worked last month may be completely wrong this month, but there’s no systematic way for providers to stay updated on these changes.
The solution: Partner with prior authorization vendors who track delegation relationships and maintain current information about which entity is actually responsible for authorization decisions. Don’t rely on your staff to become experts on the constantly shifting landscape of payer delegation agreements, especially when time is short and their burdens are already high. The CMS 0057F CRD requirement will require transparency around what requires authorization to extend further to encompass delegated entities and their respective prior authorization requirements.
Challenge #3: The False Negative Trap
Perhaps the most frustrating scenario occurs when staff receive a “no auth required” response from what they believe is the correct payer, only to face claim denials months later for “no authorization on file.” This happens when the responding entity wasn’t actually responsible for the authorization, but staff had no way to know they were asking the wrong organization.
These false negatives create a cascade of problems: patients receive services believing they’re covered, providers deliver care expecting payment, and everyone discovers the authorization gap only when claims are processed. By then, it’s often too late to obtain retroactive authorization, leaving providers with potential write-offs and patients with unexpected bills.
The root cause is the lack of a definitive, authoritative source that can tell providers exactly which entity is responsible for prior authorization decisions for any given service and patient combination.
The solution: Implement verification processes that confirm not just whether authorization is required, but which entity is responsible for the decision. Look for technology solutions that can validate payer responsibility before accepting “no auth required” responses as definitive. Once again, transparency around the rules of the road are key to reducing the friction and confusion around who on the payer side is ultimately responsible for the authorization.
Challenge #4: Geographic and Contractual Variables
Location matters and specific contracts matter. Prior authorization requirements often vary not just by payer and service, but by geographic location, facility type, facility network status, and specific contract terms that relate to a specific employer’s benefit design decisions. A procedure that requires authorization when performed in a hospital setting may not require authorization when done at a preferred in-network outpatient imaging center. Services covered under one contract might require authorization under a different contract with the same payer.
These variables create decision trees that are virtually impossible for staff to navigate manually and by trial-and-error. The same patient, with the same insurance carrier, requiring the same service might have completely different authorization requirements depending on where and how the service is delivered, as well as contract specifics.
Provider contracts add another layer of complexity. Some providers may be in-network and not require authorizations or may have “gold card” status that exempts them from certain authorization requirements, while others are subject to standard rules. These rules may be down to specific providers, which can be extremely difficult to manage, track, and audit in today’s provider EHRs which lack the data and granularity. These granular contractual variations aren’t always clearly communicated or easily accessible making authorization workflows and rules that much more difficult to maintain.
The solution: Work with prior authorization platforms that can account for your specific contracts, facility types, and individual providers when determining authorization requirements. Generic lookup tools that don’t consider your particular contractual relationships will consistently provide incomplete or inaccurate information.
The Hidden Cost of Getting It Wrong
When staff can’t reliably determine whether prior authorization is required, organizations face costs that extend far beyond the time spent on unnecessary lookups. Missed authorizations can result in claim denials, patient satisfaction issues, and significant administrative costs to resolve after the fact. Unnecessary authorizations waste time and resources on services that never required approval.
More importantly, the uncertainty creates a risk-averse culture where staff may pursue authorizations “just to be safe,” adding administrative burden to services that don’t actually require approval. This defensive approach compounds the prior authorization workload without providing any real protection.
The fundamental challenge isn’t just that prior authorization requirements are complex—it’s that the complexity is hidden and constantly changing. The most effective solutions fully account for that complexity—and speed up the process by simplifying it—so that patient access staff are empowered to start the prior auth submission process on the right foot.
Next up in Part 4: Once you know an authorization is required, the next challenge emerges—figuring out where to actually submit it in a landscape of 900+ different payer portals and submission methods.
