The CAQH CORE Prior Authorization Operating Rules apply to all HIPAA covered entities or their agents that conduct the following transactions:
§ X12 v5010X217 Health Care Services Review – Request for Review and Response (278) Technical Report Type 3 (TR3) and associated errata
§ X12 v6020X316 275 Additional Information to Support a Health Care Services Review Technical Report Type 3 (TR3)
NOTE: Entities acting in the role of a Business Associate of a HIPAA covered entity may also need to implement various aspects of the CAQH CORE Prior Authorization Operating Rules. The HHS website provides charts to help organizations determine whether an organization or individual is a HIPAA covered entity. This rule optionally applies to other Non-X12 Additional Documentation payload types (e.g., HL7 C-CDA, .pdf, etc.) exchanged using the most recent CAQH CORE Connectivity Rule. Currently the CAQH CORE Prior Authorization Operating Rules are voluntary and have not been adopted by HHS for mandatory adoption by HIPAA covered entities. HHS will determine if the CAQH CORE Prior Authorization Operating Rules will be included in any regulatory mandates. While the CAQH CORE Prior Authorization Operating Rules are currently voluntary, stakeholder entities are immediately eligible to implement the operating rules and to pursue CORE Certification.