Which Of Our Payers Are Actually Bound By The New PA Deadlines?
How To Run Two PA Rulebooks Without Missing Either Clock
The goal is simple: every request carries its own deadline from the moment it enters the queue, and no covered violation goes unchallenged. Here is what does that, move by move.
1. Build a Plan-by-Plan Regime Map First
Before you touch a single request, list every payer on your panel and mark which regime it falls under: bound by CMS-0057-F, or on legacy commercial or ERISA timelines. The federal rule covers Medicare Advantage, Medicaid and CHIP fee-for-service and managed care, and QHPs on the federal exchange. Everything else runs on its own contract clock. You cannot enforce a deadline you have not assigned, and you cannot stop mis-quoting one that does not exist, until this map is written down and kept current.
2. Tag Every Request at Intake With Its Governing Clock
The first operational move is to stamp each new PA with its regime the moment it enters your queue. A Medicare Advantage request carries the 72-hour expedited and seven-day standard clock. A self-insured ERISA plan carries whatever the plan document allows. The tag drives everything downstream: the alarm, the escalation script, and the authority you cite. Untagged requests are where the wrong deadline gets quoted and the right one gets missed.
3. Run Regime-Specific Aging Alarms for Covered Plans
For the plans bound by the rule, set aging alarms that fire before the clock runs out, not after. A practical rhythm is an alarm at 48 hours on expedited requests and at six days on standard ones, so a covered plan approaching its deadline surfaces while there is still time to push. Here is where the systems you already run, whether NextGen, Cerner, or AdvancedMD, let a dedicated specialist watch every aging request without your staff re-checking portals by hand.
4. Escalate Real Violations to the Named Authority
When a covered plan blows its deadline, do not silently re-submit and reset the clock. File a documented complaint: to CMS for a Medicare Advantage or federal-exchange violation, to the state Medicaid agency or insurance commissioner for the plans they oversee. Cite the specific timeframe the plan missed. Silent re-submission is the single biggest reason payers face no consequence for a late decision, because a violation nobody records never happened.
5. Hand the Whole Regime Split to a Dedicated Outsourced Team
Practices that stop mis-quoting deadlines and stop missing real ones do it by handing the entire regime split to a dedicated outsourced team: specialists who tag every request, run the covered-plan alarms, and file the escalations, live in 1 to 2 weeks. The map stays current as payers change, a trained backup covers every gap, and your staff stop arguing a regulation that does not apply while the one that does slides past. Below is what it sounds like when nobody owns this yet, in practice teams’ own words.
Key Pain Points and Discussions by Providers
real reports from practice staff, lightly edited
“My front desk started telling every payer they had seven days now. Half of them are commercial plans that never agreed to any of that, so the reviewer just says that is not our policy and we look like we do not know the rules. We are quoting a federal deadline to plans it does not even cover.” – prior authorization lead, multi-specialty group
“Nobody told me the new deadlines only hit the government plans. I assumed January meant everybody, and I built our whole escalation script around it. Turns out for a big chunk of our panel the script is just wrong, and I have been arguing timelines that do not exist for those plans.” – practice administrator, primary care practice
“The problem is I cannot tell at a glance which clock applies. A Medicare Advantage request and a self-insured plan request look identical in my queue, but one owes me a decision in seven days and the other owes me nothing on paper. So I treat them the same and miss the one that actually had a deadline.” – billing lead, specialty clinic
“When a covered plan blows the deadline, we just re-submit and hope. Nobody files anything. I found out later that a re-submission resets their clock and there is no record the violation ever happened, so the plan pays no price for being late and we start the wait over.” – office manager, multi-provider practice
“We have Medicare Advantage, Medicaid managed care, a couple of exchange plans, and a wall of commercial and ERISA plans, all in the same worklist. Two totally different rulebooks are running at once and there is nobody whose job it is to keep them straight. It falls on whoever grabs the request.” – practice manager, family medicine group
Our Answer
Here is what we actually do. A dedicated remote prior authorization specialist tags every request at intake with its governing regime, bound by CMS-0057-F or on legacy commercial or ERISA timelines, so the right clock is running before the request ever ages. For the covered plans, they run aging alarms at 48 hours on expedited and six days on standard, and when a bound plan misses its deadline they file a documented complaint to CMS, the state Medicaid agency, or the insurance commissioner rather than silently re-submitting. Our specialists are credentialed professionals trained in US payer rules and PA workflow, working inside your systems, with AI flagging aging requests and a human owning the escalation. Within the first week your staff stop quoting deadlines that do not apply and stop missing the ones that do. That model is our Medicare prior authorization service paired with a live regime map, in one paragraph.
Why This Keeps Happening
If the split is that clear on paper, why do capable practices keep getting it wrong? Because the rule arrived as a headline and landed on a worklist that does not distinguish payers by regime. CMS-0057-F was finalized in early 2024 and its faster turnaround provisions took effect January 1, 2026. The coverage line is precise: it binds Medicare Advantage organizations, state Medicaid and CHIP fee-for-service and managed care plans, and Qualified Health Plan issuers on the federally facilitated exchanges. Traditional employer group health plans, self-insured plans, and commercial issuers outside the exchange are not required to comply, and stay on their own contract timelines.
So the same word, deadline, means two different things on the same desk. A Medicare Advantage request genuinely owes your practice a standard decision in seven calendar days and an expedited one in 72 hours. A self-insured ERISA plan sitting right next to it in the queue owes you whatever the plan document says, which may be far longer. Staff who read the January headlines and applied the new clock to everyone end up quoting a federal timeframe to plans that never agreed to it, which is exactly the credibility problem a disciplined Medicaid prior authorization workflow is built to avoid.
And the quiet cost is not the wasted escalation call. It is the covered violation nobody records. During earlier oversight of Medicare Advantage, federal auditors found that plans overturned about 75 percent of their own denials when those denials were actually appealed, yet the appeal happened in only a tiny fraction of cases. The same pattern applies to deadlines: a late decision on a bound plan is a real, reportable violation, but if your team re-submits and resets the clock instead of filing, the plan faces no consequence and the pattern continues. The enforcement only exists if someone runs it.
Most groups have already tried the obvious fixes before they talk to anyone. Each one fails the same way: the work lands back on the practice. The pattern, in one table:
| What you tried | What actually happened | Who ended up doing the work |
|---|---|---|
| Told every payer about the new seven-day deadline | Commercial and ERISA plans said it is not their policy, and staff lost credibility on the calls | Whoever made the escalation call |
| Treated every request in one queue the same way | Bound plans and unbound plans looked identical, so the ones with real deadlines got missed | The worklist, with no regime tag |
| Re-submitted when a covered plan ran late | The clock reset, the violation disappeared, and the plan faced no consequence | Nobody; the record was erased |
| Gave it to one dedicated remote specialist | Every request tagged by regime, covered-plan alarms running, real violations filed with CMS or the state | Someone whose whole job it is |
The Solution
So what does that regime split actually look like on a live worklist? The dedicated specialist tags each incoming PA the moment it lands, marking whether it is bound by CMS-0057-F or riding a commercial or ERISA contract clock. That single tag decides the deadline, the alarm timing, and the escalation script your team will use if the plan runs late. Your staff stop guessing which rulebook applies, because the request already tells them, which is the entire point of pairing a disciplined intake with real urgent prior authorization support.
Then the alarms do the watching your staff cannot. For the covered plans, an aging alarm fires at 48 hours on expedited requests and at six days on standard ones, surfacing anything about to breach while there is still time to push the reviewer. When a bound plan does miss the deadline, the specialist files a documented complaint to the correct authority, CMS for Medicare Advantage and federal-exchange plans, the state Medicaid agency or insurance commissioner for the plans they oversee, and cites the exact timeframe that was blown. No silent re-submission, no reset clock, no vanished violation.
Behind all of it, AI flags the aging requests and a credentialed human owns the judgment call. The alarm surfaces the request; the specialist decides whether it is a real violation, assembles the record, and files. For the requests that turn into denials rather than delays, the same team runs the appeal, and when a plan wants a clinical conversation the specialist arranges the peer-to-peer review so a late or wrong decision does not simply stand.
Who Actually Does This Work
Fair question: why would an outsourced team keep two rulebooks straighter than your own staff who live in the payer portals every day? Because keeping them straight is the entire job, not the tenth thing on a front desk’s list. The people running your regime map are credentialed professionals: overseas-trained physicians, US-licensed nurses and pharmacists, and PharmDs, all trained specifically in US payer rules and prior authorization workflow. They read plan documents for a living, they know which line of CMS-0057-F binds which plan, and they are not deciding between tagging a request and checking in a patient standing at the counter. The regime map is their desk.
We are not a call center. We are a clinical operations partner, a healthcare BPO built on dedicated virtual staff: 500+ credentialed professionals, 24/7 coverage, and the AI-first, human-verify workflow you just read about running behind every one of them. A typical practice is live in 1 to 2 weeks, at up to 70% below the cost of hiring locally, and every covered-plan deadline is watched rather than assumed. Because this work touches protected health information, it runs on our HIPAA and security posture, which is independently auditable and detailed in our HIPAA and security posture. And nobody on our side goes out without a trained backup already inside your workflow, so no regime clock ever goes unwatched.
And the security piece your compliance officer will ask about: we are audited to SOC 2 Type II with zero exceptions and certified for HITRUST, ISO/IEC 27001:2022, HIPAA, and GDPR, with zero breaches in eight years. Every workstation runs inside a secure enclave on US-based servers, with screen captures and downloads blocked by policy, so PHI never sits on someone’s home laptop. Every client account carries a $5M E&O and cyber liability policy and a BAA signed before any work starts; the full detail lives in our HIPAA and security posture.
Put the routine and the people together, and a specific list of things simply stops happening.
Ready to Sort Your Payers by the Right PA Clock?
How We Permanently Fix the Process
A tag alone is not the fix, and neither is a smarter alarm. The fix is a written regime map, a tagging discipline at intake, and a documented escalation path that says exactly which authority hears a violation for each kind of plan. Before we run a single request for a new practice, we build that map: every payer on your panel sorted into bound by CMS-0057-F or on a legacy commercial or ERISA clock, with the specific deadline and the specific complaint route recorded for each.
From there the map becomes a living playbook rather than a fact in one staffer’s head. It records which plans owe which clock, when each aging alarm fires, what the escalation script says, and which authority receives the complaint when a bound plan runs late. It is written down, kept current as payers and plan documents change, and owned by the team. When your specialist is out, a trained backup works the same map the same way, so no request loses its clock because one person was away.
That is the difference between reacting to this year’s rule and running it as a permanent process, and it is what a dedicated prior authorization operations partner actually buys you. A staffer leaving used to mean the regime knowledge walked out the door and the wrong clock got quoted again. Under this model the map stays, the tags keep flowing, the alarms keep firing, and both rulebooks run correctly whether or not any one person is at their desk.
The Whole Thing in Four Sentences
Practices mis-run the new PA deadlines because CMS-0057-F binds only Medicare Advantage, Medicaid and CHIP, and federal-exchange QHPs, while commercial and self-insured ERISA plans stay on their own legacy timelines, and the two sit in one queue with no regime tag. Quoting the seven-day clock to everyone burns credibility on plans it does not cover, and silently re-submitting when a bound plan runs late resets the clock and erases the violation. The fix is a plan-by-plan regime map: tag every request at intake, run aging alarms on the covered plans, and file documented complaints to CMS or the state when a bound plan misses its deadline. A multi-specialty group runs exactly this model with us today, names withheld, no patient data shown.
If you want to check us out before talking to anyone: our security posture is independently auditable, we are an MGMA 2026 Corporate Member, and 800+ providers run back office work with us.
Ready to sort your payers by the right clock? Try us risk free: two weeks, your real payer panel, every request tagged by regime and every covered-plan deadline watched, and if it does not earn the handoff, you walk away. From here down is the sales part, and it is short: here is exactly what it costs.
One Flat Weekly Rate. 45 Hours of Coverage.
No hourly meters, no setup fees, no long-term contracts. Your dedicated team member covers your desk 45 hours every week, and a trained backup steps in at no charge whenever they are out.
One dedicated remote prior authorization specialist tagging every request with its governing regime and running deadline alarms, single-location primary care or specialty practice with a mixed payer panel
5+ remote prior authorization specialists covering a multi-provider group or several sites where commercial and government plans sit side by side
10+ remote prior authorization specialists, multi-location group, MSO, or PE-backed platform running regime-specific PA clocks across many payers and states
45 hours of coverage for less than others charge for 40.
Standard US full-time year: 40 hrs x 52 weeks = 2,080 hours, the federal basis for computing hourly pay per the U.S. Office of Personnel Management. A Staffingly plan: 45 hrs x 52 weeks = 2,340 hours a year, that is 260 additional hours included in your flat rate. $399/week x 52 = $20,748 a year / 2,340 hours = $8.87 per hour. Typical US market rates for healthcare virtual assistants run $9.50 to $13.00 per hour for 40 hours of coverage.
Run the Right PA Clock on Every Payer
You have seen the whole method. The pilot proves it on your own payer panel, with a regime map your team can watch every day.
Book a 2-Week Risk-Free PilotRequest Information
Single specialty or multi-site? One payer or many? Tell us your situation and we will map the right coverage within 24 hours.
Frequently Asked Questions
Where the Claims on This Page Come From
Sources & References
- CMS Interoperability and Prior Authorization Final Rule (CMS-0057-F). Official CMS fact sheet defining the 72-hour expedited and seven-day standard decision timeframes and the payers the rule binds. cms.gov
- CMS Prior Authorization API and Burden Reduction Resources. CMS guidance clarifying which impacted payers must comply and the January 1, 2026 operational effective date. cms.gov
- HHS Office of Inspector General, Medicare Advantage Prior Authorization Denial Findings. Federal audit reporting that Medicare Advantage plans overturned about 75 percent of their own denials when appealed, while appeals were rare. oig.hhs.gov
- MGMA Prior Authorization and Practice Operations Resources. Benchmarks and guidance on prior authorization burden and payer accountability for medical group practices. mgma.com
- AMA Prior Authorization Reform Resources. Physician-practice references on prior authorization deadlines, payer compliance, and administrative burden. ama-assn.org




