CMS-0057-F is already in effect. Prior authorization requirements began January 1, 2026, and reporting requirements are now underway. If your plan relies on an EHR for PA, compliance risk is already increasing.

CMS-0057-F Compliance

Your EHR Wasn't Built
for CMS-0057-F.

As Medicaid requirements expand, provider organizations operating in a payer role are now expected to meet payer-level compliance — exposing gaps clinical systems weren't designed to handle.

See How Incedo Closes the Gap View Compliance Requirements
CMS-0057-F Compliance Timeline
PA Timeliness & Denial Reason Codes Live Now
In effect — January 1, 2026
PA Metric Reporting to CMS Required Now
Reporting begins in 2026
Patient Access API In Effect
Required as of January 1, 2026
Prior Authorization API 7 Months
Deadline — January 1, 2027
Provider Access API 7 Months
Deadline — January 1, 2027
Payer-to-Payer Exchange 7 Months
Deadline — January 1, 2027
The Compliance Gap

Provider-Based BH Plans Are
Caught in the Middle

Community mental health centers, county behavioral health plans, prepaid mental health plans, Local Mental Health Authorities, and LME-MCOs across the country share a common profile: they deliver direct clinical services, their primary technology is a behavioral health EHR, and they hold a Medicaid prepaid or managed care contract that may subject them to payer-level requirements under CMS-0057-F, depending on how their role is defined by the state.

CMS-0057-F applies based on how an organization functions within Medicaid — not how it identifies itself — meaning entities operating in a payer role may be subject to these requirements.

Behavioral health EHR systems are generally not designed to deliver the payer-grade FHIR APIs required by CMS-0057-F.

The gap isn't a feature request to your EHR vendor. It's a category mismatch. While some EHR vendors support FHIR capabilities, payer-specific APIs aligned to CMS-0057-F are typically outside the scope of clinical system design and roadmaps.

Typical EHR Capabilities vs. Incedo Support for CMS-0057-F Payer Requirements
Typical EHR Capabilities
Incedo — Adds & Connects
Clinical documentation
Remains in EHR
Treatment plans
Remains in EHR
Progress notes
Remains in EHR
Scheduling
Remains in EHR
Billing support
Remains in EHR
FHIR Prior Auth API
FHIR Prior Auth API
Patient Access API
Patient Access API
Provider Access API
Provider Access API
Payer-to-Payer Exchange
Payer-to-Payer Exchange
PA timeliness tracking
PA timeliness tracking
Denial reason codes
Denial reason codes
CMS metric reporting
CMS metric reporting
Incedo adds the payer compliance layer. Your EHR stays in place.
Two-Phase Mandate

What CMS Requires — and When

CMS-0057-F rolls out in two phases. Phase 1 is already in effect. Phase 2 introduces additional FHIR API requirements — each requiring distinct technical capabilities — by January 1, 2027.

Phase 1 — In Effect January 2026

Prior Authorization Operations & Access Requirements

PA decisions within 7 calendar days (standard requests)
PA decisions within 72 hours (urgent/expedited)
Specific denial reason required for each adverse determination
PA metric reporting to CMS and public reporting requirements beginning in 2026
Patient Access API — members can access their data via third-party applications

⚠ If your current PA workflow is manual or EHR-only, maintaining consistent compliance becomes significantly more difficult.

Phase 2 — January 1, 2027 Deadline

Expanded Interoperability & Prior Authorization APIs

Prior Authorization API (HL7 Da Vinci PAS) — enables electronic PA submission and response workflows
Provider Access API (HL7 Da Vinci PDex) — allows in-network providers to access member data
Payer-to-Payer Exchange (HL7 Da Vinci PDex) — supports data exchange when members transition plans (up to five years of data, where available)
Patient Access API — expanded to align with HL7 Da Vinci PDex data requirements

⏱ These APIs require payer-side infrastructure that extends beyond traditional EHR capabilities.

The Four API Mandates

What Each API Requires — and Why Your EHR Can't Provide It

Each of CMS-0057-F's FHIR APIs is a distinct technical build. Each requires payer-side infrastructure that clinical documentation systems were never designed to provide.

Phase 1 + 2
Patient Access API
US Core → Da Vinci PDex

Members can access their own claims history, PA decisions, encounter data, and clinical information via authorized third-party apps. Required to support member access through third-party applications authorized by the patient.

EHR gap: EHRs store provider-side clinical data. They are not built to serve member-facing FHIR payer data — claims, PA decisions, and encounter history — to external applications via a compliant payer API endpoint.
Phase 2 — Jan 2027
Provider Access API
Da Vinci PDex

In-network providers can query member attribution, prior authorization status, claims history, and encounter data. Reduces duplicative authorization requests and improves care coordination across the network.

EHR gap: The EHR manages the provider's view of their own patient. It cannot expose payer-side attribution, PA status, and cross-provider claims history to any querying in-network provider via a FHIR endpoint.
Phase 2 — Jan 2027
Payer-to-Payer Exchange
Da Vinci PDex

When a member transitions to a new plan, the prior payer must make up to five years of clinical data and claims history available to the receiving payer. Ensures continuity and prevents care gaps on plan transitions.

EHR gap: EHRs hold the clinical record for their institution. They have no mechanism to transmit structured payer claims and authorization history to a receiving payer — nor the data governance controls required for BH data sensitivity under 42 CFR Part 2.
Phase 2 — Jan 2027
Prior Authorization API
Da Vinci PAS

Providers submit PA requests, check status, and receive decisions electronically via FHIR — eliminating fax and portal-based submission. Plans must accept FHIR-based PA requests and return structured decisions.

EHR gap: EHR PA workflows operate on the provider side of the transaction. The Da Vinci PAS standard requires a payer-side FHIR endpoint — a separate build entirely that routes requests through a rules engine and returns structured decisions.
End-to-End Payer Lifecycle

How Incedo Works — From Enrollment to Compliance

A fully integrated payer workflow in a single platform — from member enrollment through claims adjudication — with CMS-0057-F requirements embedded across authorization, reporting, and interoperability workflows.

1
Member Enrollment
834 or flat-file eligibility loads. Benefits configured, covered lives tracked daily.
2
Authorization Request Received
Provider submits via portal, HIPAA 278 transaction, or (as required) FHIR-based submission. Requests are routed through a rules engine for auto-approval or UM review.
Phase 1 — Now
3
UM Review & Decision
Clinical review supported by InterQual and MCG criteria. 7-day (standard) and 72-hour (expedited) timelines tracked per request. Denial reason codes and supporting documentation generated for every decision.
Phase 1 — Now
4
Care Management
Care plans triggered by assessments or authorization events. Case managers coordinate services and track outcomes across the member population.
5
Claims & Adjudication
837 claims intake and rules-based adjudication. EOB/835 issued to providers. Claims and authorization data form the foundation for CMS-required reporting and FHIR API responses.
6
Reporting & Compliance
CMS-0057-F prior authorization metrics, denial tracking, audit trails, and FHIR API support (Patient Access, Provider Access, Payer-to-Payer, and Prior Authorization APIs). Aligned with CMS requirements and supported workflows for NCQA and URAC standards.
Phase 1 (reporting + Patient Access) — Now
Phase 2 (remaining APIs) — January 2027
Platform Capabilities

Everything a BH Plan Needs in One Platform

Incedo was designed specifically for behavioral health managed care — not retrofitted from a general EHR or adapted from a medical MCO platform.

Utilization Management
Authorization workflows, InterQual & MCG clinical criteria, auto-approval rules, turnaround tracking. CMS, NCQA & URAC supported workflows out of the box.
Care Management
Member records, health risk assessments, personalized care plans, case tracking, and population analytics with risk stratification.
Claims & Provider Network
837 inbound/outbound, 835/999/277CA HIPAA transactions, adjudication engine, web-based provider claim portal, and EOB/835 payment to contracted providers.
PA Timeliness Engine
Automated 7-day / 72-hour countdown per request. Escalation workflows ensure no decision falls outside CMS deadlines. Full audit trail.
FHIR API Suite
Patient Access, Provider Access, and Payer-to-Payer APIs — built and maintained by InfoMC. No internal IT development required from your organization.
Grievances & Appeals
Full G&A tracking with CMS, NCQA & URAC workflows, built-in turnaround time tracking, outcome documentation, and CMS metric reporting.
Provider Portal
Providers submit auth requests, check eligibility & benefits, track status, and submit claims directly — reducing administrative burden on plan staff.
Eligibility Management
834/flat-file enrollment loads, daily eligibility updates from state Medicaid, covered lives tracking, and duplicate eligibility prevention.
Denial Management
Every denied PA generates a structured denial reason code and narrative. CMS-compliant documentation ready for member and provider notice. Full audit trail.
Implementation Roadmap

120 Days to Phase 1 Compliance.
Full FHIR Certification Before January 2027.

A structured implementation gets your plan to full Phase 1 compliance within 120 days. FHIR API certification follows in months 6–8 — well ahead of the January 2027 deadline.

1
Phase 1
Days 1–30
  • Contract & benefit review
  • PA workflow mapping
  • EHR data integration setup
  • User roles & access config
2
Phase 2
Days 31–120
  • UM module live
  • Timeliness tracking enabled
  • Denial reason workflow live
  • Claims adjudication active
3
Phase 3
Days 91–120
  • UM validated
  • Claims validated
  • 60-day post go-live support
  • FHIR API scope planning
4
Phase 4
Months 4–6
  • Patient Access API certified
  • Provider Access API certified
  • Payer-to-Payer exchange tested
  • Full CMS-0057-F compliance

Full CMS-0057-F compliance — FHIR APIs live — before the January 1, 2027 federal deadline. Organizations that begin now will certify on time. Organizations that wait until Q3 or Q4 2026 face a very different calculation.

Purpose-built for BH payers
Incedo was designed specifically for behavioral health managed care — not retrofitted from an EHR.
30+
Years in Behavioral
Health Technology
30M+
Members Supported
on the Platform
99.5%
Contractual SLA
Uptime Guarantee
CMS, NCQA
& URAC
Supported Workflows
Out of the Box
HITRUST CSF Certified
SOC 1 Type 2
SOC 2 Type 2
MARS-E v2.0
CMS-0057-F Ready
Get Started

Three Steps to a Compliance Path

Start with a conversation. Two quick steps help us understand your current setup and show you exactly how Incedo addresses the gap — then step three gets you moving.

01
1 week
Incedo Demo — Payer Modules
Live demonstration of the UM, PA timeliness tracking, denial management, claims adjudication, and FHIR API modules. See the full payer workflow in a BH managed care context.
02
1 week
Needs Assessment Call
A 30-minute discovery conversation to map your plan's specific compliance gaps to Incedo capabilities. We'll identify your Phase 1 exposure and scope your Phase 2 FHIR certification path.
03
30 days
MSA & SOW Execution
InfoMC's standard Master Services Agreement. Target 30-day contract close in parallel to begin implementation and hit the 120-day Phase 1 compliance milestone on schedule.

The Compliance Window Is Open.
The Question Is Whether You Use It.

Every day without a payer compliance layer is a day of exposure. Incedo closes the gap — without replacing your EHR, without requiring your IT team to build FHIR APIs, and on a timeline that works before January 2027.

Request a demo or needs assessment — we'll be in touch within one business day.

Or email us directly at info@infomc.com