(a) Statutory basis. This subpart implements—

(1) Section 2101(a) of the Act, which sets forth that the purpose of title XXI is to provide funds to States to provide child health assistance to uninsured, low-income children in an effective and efficient manner that is coordinated with other sources of health benefits coverage;

(2) Sections 2107(a), (b) and (d) of the Act, which set forth requirements for strategic planning, reports, and program budgets;

(3) Section 2108 of the Act, which sets forth provisions regarding annual reports and evaluation; and

(4) Section 1139A and 1139B of the Act, which set forth the requirements for child and adult health quality measures and reporting.

(b) Scope. This subpart sets forth requirements for strategic planning, monitoring, reporting and evaluation under title XXI.

(c) Applicability. The requirements of this subpart apply to separate child health programs and Medicaid expansion programs, except that §§ 457.730, 457.731, and 457.732 do not apply to Medicaid expansion programs. Separate child health programs that provide benefits exclusively through managed care entities may meet the requirements of §§ 457.730, 457.731, and 457.732 by requiring the managed care entities to meet the requirements of § 457.1233(d).

[66 FR 2683, Jan. 11, 2001, as amended at 85 FR 25635, May 1, 2020; 88 FR 60315, Aug. 31, 2023; 89 FR 8982, Feb. 8, 2024]

(a) Plan description. A State plan must include a description of—

(1) The strategic objectives as described in paragraph (b) of this section;

(2) The performance goals as described in paragraph (c) of this section; and

(3) The performance measurements, as described in paragraph (d) of this section, that the State has established for providing child health assistance to targeted low-income children under the plan and otherwise for maximizing health benefits coverage for other low-income children and children generally in the State.

(b) Strategic objectives. The State plan must identify specific strategic objectives relating to increasing the extent of creditable health coverage among targeted low-income children and other low-income children.

(c) Performance goals. The State plan must specify one or more performance goals for each strategic objective identified.

(d) Performance measurements. The State plan must describe how performance under the plan is—

(1) Measured through objective, independently verifiable means; and

(2) Compared against performance goals.

(e) Core elements. The State's strategic objectives, performance goals and performance measures must include a common core of national performance goals and measures consistent with the data collection, standard methodology, and verification requirements, as developed by the Secretary.

A State plan must include an assurance that the State collects data, maintains records, and furnishes reports to the Secretary, at the times and in the standardized format the Secretary may require to enable the Secretary to monitor State program administration and compliance and to evaluate and compare the effectiveness of State plans under Title XXI of the Act. This includes collection of data and reporting as required under § 431.970 of this chapter.

[71 FR 51084, Aug. 28, 2006]

(a) Application Programming Interface to support CHIP beneficiaries. A State must implement and maintain a standards-based Application Programming Interface (API) that permits third-party applications to retrieve, with the approval and at the direction of the current individual beneficiary or the beneficiary's personal representative, data specified in paragraph (b) of this section through the use of common technologies and without special effort from the beneficiary.

(b) Accessible content. A State must make the following information accessible to its current beneficiaries or the beneficiary's personal representative through the API described in paragraph (a) of this section:

(1) Data concerning adjudicated claims, including claims data for payment decisions that may be appealed, were appealed, or are in the process of appeal, and provider remittances and beneficiary cost-sharing pertaining to such claims, no later than one (1) business day after a claim is processed;

(2) Encounter data no later than 1 business day after receiving the data from providers, other than MCOs, PIHPs, or PAHPs, compensated on the basis of capitation payments;

(3) All data classes and data elements included in a content standard in 45 CFR 170.213 that are maintained by the State no later than 1 business day after the State receives the data; and

(4) Information, about covered outpatient drugs and updates to such information, including, where applicable, preferred drug list information, no later than one (1) business day after the effective date of the information or updates to such information.

(5) Beginning January 1, 2027, the information in paragraph (b)(5)(i) of this section about prior authorizations for items and services (excluding drugs as defined in paragraph (b)(6) of this section), according to the timelines in paragraph (b)(5)(ii) of this section.

(i) The prior authorization request and decision, including all of the following, as applicable:

(A) The prior authorization status.

(B) The date the prior authorization was approved or denied.

(C) The date or circumstance under which the prior authorization ends.

(D) The items and services approved.

(E) If denied, a specific reason why the request was denied.

(F) Related structured administrative and clinical documentation submitted by a provider.

(ii) The information in paragraph (b)(5)(i) of this section must—

(A) Be accessible no later than 1 business day after the State receives a prior authorization request;

(B) Be updated no later than 1 business day after any status change; and

(C) Continue to be accessible for the duration that the authorization is active and at least 1 year after the prior authorization's last status change.

(6) Drugs are defined for the purposes of paragraph (b)(5) of this section as any and all drugs covered by the State.

(c) Technical requirements. A State implementing an API under paragraph (a) of this section:

(1) Must implement and maintain API technology conformant with 45 CFR 170.215(a)(1), (b)(1)(i), (c)(1), and (e)(1);

(2) Must conduct routine testing and monitoring, and update as appropriate, to ensure the API functions properly, including assessments to verify that the API technology is fully and successfully implementing privacy and security features such as, but not limited to, those required to comply with HIPAA privacy and security requirements in 45 CFR parts 160 and 164, 42 CFR parts 2 and 3, and other applicable law protecting the privacy and security of individually identifiable data;

(3) Must comply with the content and vocabulary standard requirements in paragraphs (c)(3)(i) and (ii) of this section, as applicable to the data type or data element, unless alternate standards are required by other applicable law:

(i) Content and vocabulary standards at 45 CFR 170.213 where such standards are applicable to the data type or element, as appropriate; and

(ii) Content and vocabulary standards at 45 CFR part 162 and § 423.160 of this chapter where required by law, or where such standards are applicable to the data type or element, as appropriate.

(4) May use an updated version of any standard or all standards required under paragraphs (c)(1) or (3) of this section, where:

(i) Use of the updated version of the standard is required by other applicable law, or

(ii) Use of the updated version of the standard is not prohibited under other applicable law, provided that:

(A) For content and vocabulary standards other than those at 45 CFR 170.213, the Secretary has not prohibited use of the updated version of a standard for purposes of this section or 45 CFR part 170;

(B) For standards at 45 CFR 170.213 and 170.215, the National Coordinator has approved the updated version for use in the ONC Health IT Certification Program; and

(C) Using the updated version of the standard, implementation guide, or specification does not disrupt an end user's ability to access the data specified in paragraph (b) of this section or §§ 457.731, 457.732, and 457.760 through the required APIs.

(d) Documentation requirements for APIs. For each API implemented in accordance with paragraph (a) of this section, a State must make publicly accessible, by posting directly on its website or via publicly accessible hyperlink(s), complete accompanying documentation that contains, at a minimum the information listed in this paragraph. For the purposes of this section, “publicly accessible” means that any person using commonly available technology to browse the internet could access the information without any preconditions or additional steps, such as a fee for access to the documentation; a requirement to receive a copy of the material via email; a requirement to register or create an account to receive the documentation; or a requirement to read promotional material or agree to receive future communications from the organization making the documentation available;

(1) API syntax, function names, required and optional parameters supported and their data types, return variables and their types/structures, exceptions and exception handling methods and their returns;

(2) The software components and configurations that an application must use in order to successfully interact with the API and process its response(s); and

(3) All applicable technical requirements and attributes necessary for an application to be registered with any authorization server(s) deployed in conjunction with the API.

(e) Denial or discontinuation of access to the API. A State may deny or discontinue any third-party application's connection to the API required under paragraph (a) of this section if the State:

(1) Reasonably determines, consistent with its security risk analysis under 45 CFR part 164 subpart C, that allowing an application to connect or remain connected to the API would present an unacceptable level of risk to the security of protected health information on the State's systems; and

(2) Makes this determination using objective, verifiable criteria that are applied fairly and consistently across all apps and developers through which parties seek to access electronic health information, as defined in 45 CFR 171.102, including but not limited to criteria that rely on automated monitoring and risk mitigation tools.

(f) Reporting on Patient Access API usage. Beginning in 2026, by March 31 of each year, a State must report to CMS the following metrics, in the form of aggregated, de-identified data, for the previous calendar year at the State level in the form and manner specified by the Secretary:

(1) The total number of unique beneficiaries whose data are transferred via the Patient Access API to a health app designated by the beneficiary; and

(2) The total number of unique beneficiaries whose data are transferred more than once via the Patient Access API to a health app designated by the beneficiary.

(g) Data availability. (1) The State must comply with the requirements in paragraphs (a) through (f) of this section beginning January 1, 2021 with regard to data:

(i) With a date of service on or after January 1, 2016; and

(ii) That are maintained by the State.

(2) [Reserved]

(h) Applicability. A State must comply with the requirements in paragraphs (a) through (e) and (g) of this section beginning January 1, 2021, and with the requirements in paragraph (f) of this section beginning in 2026, with regard to data:

(1) With a date of service on or after January 1, 2016; and

(2) That are maintained by the State.

[85 FR 25636, May 1, 2020, as amended at 89 FR 8982, Feb. 8, 2024]

(a) Application programming interface to support data exchange from payers to providers—Provider Access API. Beginning January 1, 2027, unless granted an extension or exemption under paragraph (c) of this section, a State must do the following:

(1) API requirements. Implement and maintain an application programming interface (API) conformant with all of the following:

(i) Section 457.730(c)(2) through (4), (d), and (e).

(ii) The standards in 45 CFR 170.215(a)(1), (b)(1)(i), (c)(1), and (d)(1).

(2) Provider access. Make the data specified in § 457.730(b) with a date of service on or after January 1, 2016, excluding provider remittances and beneficiary cost-sharing information, that are maintained by the State, available to enrolled CHIP providers via the API required in paragraph (a)(1) of this section no later than 1 business day after receiving a request from such a provider, if all the following conditions are met:

(i) The State authenticates the identity of the provider that requests access and attributes the beneficiary to the provider under the attribution process described in paragraph (a)(3) of this section.

(ii) The beneficiary does not opt out as described in paragraph (a)(4) of this section.

(iii) Disclosure of the data is not prohibited by other applicable law.

(3) Attribution. Establish and maintain a process to associate beneficiaries with their enrolled CHIP providers to enable data exchange via the Provider Access API.

(4) Opt out and patient educational resources. (i) Establish and maintain a process to allow a beneficiary or the beneficiary's personal representative to opt out of the data exchange described in paragraph (a)(2) of this section and to change their permission at any time. That process must be available before the first date on which the State makes beneficiary information available via the Provider Access API and at any time while the beneficiary is enrolled with the State.

(ii) Provide information to beneficiaries in plain language about the benefits of API data exchange with their providers, their opt out rights, and instructions both for opting out of data exchange and for subsequently opting in, as follows:

(A) Before the first date on which the State makes beneficiary information available through the Provider Access API.

(B) No later than 1 week after enrollment.

(C) At least annually.

(D) In an easily accessible location on its public website.

(5) Provider resources. Provide on its website and through other appropriate provider communications, information in plain language explaining the process for requesting beneficiary data using the Provider Access API required in paragraph (a)(1) of this section. The resources must include information about how to use the State's attribution process to associate beneficiaries with their providers.

(b) Application programming interface to support data exchange between payers—Payer-to-Payer API. Beginning January 1, 2027, unless granted an extension or exemption under paragraph (c) of this section a State must do the following:

(1) API requirements. Implement and maintain an API conformant with all of the following:

(i) Section 457.730(c)(2) through (4), (d), and (e).

(ii) The standards in 45 CFR 170.215(a)(1), (b)(1)(i), and (d)(1).

(2) Opt in. Establish and maintain a process to allow beneficiaries or their personal representatives to opt into the State's payer to payer data exchange with the beneficiary's previous payer(s), described in paragraphs (b)(4) and (5) of this section, and with concurrent payer(s), described in paragraph (b)(6) of this section, and to change their permission at any time.

(i) The opt in process must be offered as follows:

(A) To current beneficiaries, no later than the compliance date.

(B) To new beneficiaries, no later than 1 week after enrollment.

(ii) If a beneficiary has coverage through any CHIP managed care entities within the same State while enrolled in CHIP, the State must share their opt in permission with those managed care entities to allow the Payer-to-Payer API data exchange described in this section.

(iii) If a beneficiary does not respond or additional information is necessary, the State must make reasonable efforts to engage with the beneficiary to collect this information.

(3) Identify previous and concurrent payers. Establish and maintain a process to identify a new beneficiary's previous and concurrent payer(s) to facilitate the Payer-to-Payer API data exchange. The information request process must start as follows:

(i) For current beneficiaries, no later than the compliance date.

(ii) For new beneficiaries, no later than 1 week after enrollment.

(iii) If a beneficiary does not respond or additional information is necessary, the State must make reasonable efforts to engage with the beneficiary to collect this information.

(4) Exchange request requirements. Exchange beneficiary data with other payers, consistent with the following requirements:

(i) The State must request the data specified in paragraph (b)(4)(ii) of this section through the beneficiary's previous payers' API, if all the following conditions are met:

(A) The beneficiary has opted in, as described in paragraph (b)(2) of this section, except for data exchanges between a State CHIP agency and its contracted managed care entities, which do not require a beneficiary to opt in.

(B) The exchange is not prohibited by other applicable law.

(ii) The data to be requested are all of the following with a date of service within 5 years before the request:

(A) Data specified in § 457.730(b), excluding the following:

(1) Provider remittances and enrollee cost-sharing information.

(2) Denied prior authorizations.

(B) Unstructured administrative and clinical documentation submitted by a provider related to prior authorizations.

(iii) The State must include an attestation with this request affirming that the beneficiary is enrolled with the State and has opted into the data exchange.

(iv) The State must complete this request as follows:

(A) No later than 1 week after the payer has sufficient identifying information about previous payers and the beneficiary has opted in.

(B) At a beneficiary's request, within 1 week of the request.

(v) The State must receive, through the API required in paragraph (b)(1) of this section, and incorporate into its records about the beneficiary, any data made available by other payers in response to the request.

(5) Exchange response requirements. Make available the data specified in paragraph (b)(4)(ii) of this section that are maintained by the State to other payers via the API required in paragraph (b)(1) of this section within 1 business day of receiving a request, if all the following conditions are met:

(i) The payer that requests access has its identity authenticated and includes an attestation with the request that the patient is enrolled with the payer and has opted into the data exchange.

(ii) Disclosure of the data is not prohibited by other applicable law.

(6) Concurrent coverage data exchange requirements. When a beneficiary has provided sufficient identifying information about concurrent payers and has opted in as described in paragraph (b)(2) of this section, a State must do the following, through the API required in paragraph (b)(1) of this section:

(i) Request the beneficiary's data from all known concurrent payers as described in paragraph (b)(4) of this section, and at least quarterly thereafter while the beneficiary is enrolled with both payers.

(ii) Respond as described in paragraph (b)(5) of this section within 1 business day of a request from any concurrent payers. If agreed upon with the requesting payer, the State may exclude any data that were previously sent to or originally received from the concurrent payer.

(7) Patient educational resources. Provide information to applicants or beneficiaries in plain language, explaining at a minimum: the benefits of Payer-to-Payer API data exchange, their ability to opt in or withdraw that permission, and instructions for doing so. The State must provide the following resources:

(i) When requesting a beneficiary's permission for Payer-to-Payer API data exchange, as described in paragraph (b)(2) of this section.

(ii) At least annually, in appropriate mechanisms through which it ordinarily communicates with current beneficiaries.

(iii) In an easily accessible location on its public website.

(c) Extensions and exemptions—(1) Extension. (i) A State may submit a written application to request a one-time, 1-year extension of the requirements in paragraph (a) or (b) (or paragraphs (a) and (b)) of this section for its CHIP fee-for-service program. The written application must be submitted as part of the State's annual Advance Planning Document (APD) for Medicaid Management Information System (MMIS) operations expenditures, as described in part 433, subpart C, of this chapter, and approved before the compliance date for the requirements to which the State is seeking an extension. It must include all the following:

(A) A narrative justification describing the specific reasons why the State cannot satisfy the requirement(s) by the compliance date and why those reasons result from circumstances that are unique to the agency operating the CHIP fee-for service program.

(B) A report on completed and ongoing State activities that evidence a good faith effort towards compliance.

(C) A comprehensive plan to meet the requirements no later than 1 year after the compliance date.

(ii) CMS grants the State's request if it determines, based on the information provided, that—

(A) The request adequately establishes a need to delay implementation; and

(B) The State has a comprehensive plan to meet the requirements no later than 1 year after the compliance date.

(2) Exemption. (i) A State operating a separate CHIP in which at least 90 percent of the State's CHIP beneficiaries are enrolled in CHIP managed care organizations, as defined in § 457.10, may request an exemption for its fee-for-service program from either or both of the following requirements:

(A) Paragraph (a) of this section.

(B) Paragraphs (b)(1) and (3) through (7) of this section.

(ii) The State's exemption request must:

(A) Be submitted in writing as part of a State's annual APD for MMIS operations expenditures before the compliance date for the requirements to which the State is seeking an exemption.

(B) Include both of the following:

(1) Documentation that the State meets the threshold for the exemption, based on enrollment data from section 5 of the most recently accepted CHIP Annual Report Template System (CARTS).

(2) An alternative plan to ensure that enrolled providers will have efficient electronic access to the same information through other means while the exemption is in effect.

(iii) CMS grants the exemption if the State establishes to CMS's satisfaction that the State—

(A) Meets the threshold for the exemption; and

(B) Has established an alternative plan to ensure that enrolled providers will have efficient electronic access to the same information through other means while the exemption is in effect.

(iv) The State's exemption expires if either—

(A) Based on the 3 previous years of available, finalized CHIP CARTS managed care and fee-for-service enrollment data, the State's managed care enrollment for 2 of the previous 3 years is below 90 percent; or

(B)(1) CMS has approved a State plan amendment, waiver, or waiver amendment that would significantly reduce the percentage of beneficiaries enrolled in managed care; and

(2) The anticipated shift in enrollment is confirmed by the first available, finalized CARTS managed care and fee-for-service enrollment data.

(v) If a State's exemption expires under paragraph (c)(2)(iv) of this section, the State is required to do both of the following:

(A) Submit written notification to CMS that the State no longer qualifies for the exemption within 90 days of the finalization of annual CARTS managed care enrollment data that demonstrates that there has been the requisite shift from managed care enrollment to fee-for-service enrollment resulting in the State's managed care enrollment falling below the 90 percent threshold.

(B) Obtain CMS approval of a timeline for compliance with the requirements in paragraph (a) or (b) (or paragraphs (a) and (b)) of this section within 2 years of the expiration of the exemption.

[89 FR 8983, Feb. 8, 2024]

(a) Communicating a reason for denial. Beginning January 1, 2026, if the State denies a prior authorization request (excluding a request for coverage of drugs as defined in § 457.730(b)(6)), in accordance with the timeframes established in § 457.495(d), the response to the provider must include a specific reason for the denial, regardless of the method used to communicate that information.

(b) Prior Authorization Application Programming Interface (API). Unless granted an extension or exemption under paragraph (d) of this section, beginning January 1, 2027, a State must implement and maintain an API conformant with § 457.730(c)(2) through (4), (d), and (e), and the standards in 45 CFR 170.215(a)(1), (b)(1)(i), and (c)(1) that—

(1) Is populated with the State's list of covered items and services (excluding drugs as defined in § 457.730(b)(6)) that require prior authorization;

(2) Can identify all documentation required by the State for approval of any items or services that require prior authorization;

(3) Supports a HIPAA-compliant prior authorization request and response, as described in 45 CFR part 162; and

(4) Communicates the following information about prior authorization requests:

(i) Whether the State—

(A) Approves the prior authorization request (and the date or circumstance under which the authorization ends);

(B) Denies the prior authorization request; or

(C) Requests more information.

(ii) If the State denies the prior authorization request, it must include a specific reason for the denial.

(c) Publicly reporting prior authorization metrics. Beginning in 2026, a State must annually report prior authorization data, excluding data on drugs as defined in § 457.730(b)(6), at the State level by March 31. The State must make the following data from the previous calendar year publicly accessible by posting them on its website:

(1) A list of all items and services that require prior authorization.

(2) The percentage of standard prior authorization requests that were approved, aggregated for all items and services.

(3) The percentage of standard prior authorization requests that were denied, aggregated for all items and services.

(4) The percentage of standard prior authorization requests that were approved after appeal, aggregated for all items and services.

(5) The percentage of prior authorization requests for which the timeframe for review was extended, and the request was approved, aggregated for all items and services.

(6) The percentage of expedited prior authorization requests that were approved, aggregated for all items and services.

(7) The percentage of expedited prior authorization requests that were denied, aggregated for all items and services.

(8) The average and median time that elapsed between the submission of a request and a determination by the State, for standard prior authorizations, aggregated for all items and services.

(9) The average and median time that elapsed between the submission of a request and a decision by the State for expedited prior authorizations, aggregated for all items and services.

(d) Extensions and exemptions—(1) Extension. (i) A State may submit a written application to request a one-time, 1-year extension of the requirements in paragraph (b) of this section for its CHIP fee-for-service program. The written application must be submitted and approved as part of the State's annual Advance Planning Document (APD) for Medicaid Management Information System (MMIS) operations expenditures described in part 433, subpart C, of this chapter, and approved before the compliance date in paragraph (b) of this section. It must include all the following:

(A) A narrative justification describing the specific reasons why the State cannot satisfy the requirement(s) by the compliance date and why those reasons result from circumstances that are unique to the agency operating the CHIP fee-for service program;

(B) A report on completed and ongoing State activities that evidence a good faith effort toward compliance.

(C) A comprehensive plan to meet the requirements no later than 1 year after the compliance date.

(ii) CMS grants the State's request if it determines, based on the information provided, that—

(A) The request adequately establishes a need to delay implementation; and

(B) The State has a comprehensive plan to meet the requirements no later than 1 year after the compliance date.

(2) Exemption. (i) A State operating a separate CHIP in which at least 90 percent of the State's CHIP beneficiaries are enrolled in CHIP managed care organizations, as defined in § 457.10, may request an exemption for its fee-for-service program from the requirements in paragraph (b) of this section.

(ii) The State's exemption request must:

(A) Be submitted in writing as part of a State's annual APD for MMIS operations expenditures before the compliance date in paragraph (b) of this section.

(B) Include both of the following:

(1) Documentation that the State meets the threshold for the exemption, based on enrollment data from section 5 of the most recently accepted CARTS.

(2) An alternative plan to ensure that enrolled providers will have efficient electronic access to the same information through other means while the exemption is in effect.

(iii) CMS grants the exemption if the State establishes to CMS's satisfaction that the State—

(A) Meets the threshold for the exemption; and

(B) Has established an alternative plan to ensure that its enrolled providers will have efficient electronic access to the same information through other means while the exemption is in effect.

(iv) The State's exemption expires if either—

(A) Based on the 3 previous years of available, finalized CHIP CARTS managed care and fee-for-service enrollment data, the State's managed care enrollment for 2 of the previous 3 years is below 90 percent; or

(B)(1) CMS has approved a State plan amendment, waiver, or waiver amendment that would significantly reduce the percentage of beneficiaries enrolled in managed care; and

(2) The anticipated shift in enrollment is confirmed by the first available, finalized CARTS managed care and fee-for-service enrollment data.

(v) If a State's exemption expires under paragraph (d)(2)(iv) of this section, the State is required to do both of the following:

(A) Submit written notification to CMS that the State no longer qualifies for the exemption within 90 days of the finalization of annual CARTS managed care enrollment data that demonstrates that there has been the requisite shift from managed care enrollment to fee-for-service enrollment resulting in the State's managed care enrollment falling below the 90 percent threshold.

(B) Obtain CMS approval of a timeline for compliance with the requirements in paragraph (b) of this section within 2 years of the expiration of the exemption.

[89 FR 8984, Feb. 4, 2024]

(a) Required quarterly reports. A State must submit reports to CMS that contain quarterly program expenditures and statistical data no later than 30 days after the end of each quarter of the Federal fiscal year. A State must collect required data beginning on the date of implementation of the approved State plan. Territories are exempt from the definition of “State” for purposes of the required quarterly reporting under this section. The quarterly reports must include data on—

(1) Program expenditures;

(2) The number of children enrolled in the title XIX Medicaid program, the separate child health program, and the Medicaid expansion program, as applicable, as of the last day of each quarter of the Federal fiscal year; and

(3) The number of children under 19 years of age who are enrolled in the title XIX Medicaid program, the separate child health program, and in the Medicaid expansion program, as appropriate, by the following categories:

(i) Age (under 1 year of age, 1 through 5 years of age, 6 through 12 years of age, and 13 through 18 years of age).

(ii) Gender, race, and ethnicity.

(iii) Service delivery system (managed care, fee-for-service, and primary care case management).

(iv) Household income as a percentage of the Federal poverty level as described in paragraph (b) of this section.

(b) Reportable household income categories. (1) A State that does not impose cost sharing or a State that imposes cost sharing based on a fixed percentage of income must report by two household income categories:

(i) At or below 150 percent of FPL.

(ii) Over 150 percent of FPL.

(2) A State that imposes a different level or percentage of cost sharing at different poverty levels must report by poverty level categories that match the poverty level categories used for purposes of cost sharing.

(c) Required unduplicated counts. Thirty days after the end of the Federal fiscal year, the State must submit an unduplicated count for the Federal fiscal year of children who were enrolled in the Medicaid program, the separate child health program, and the Medicaid expansion program, as appropriate, by age, gender, race, ethnicity, service delivery system, and poverty level categories described in paragraphs (a) and (b) of this section.

(a) Report required for each Federal fiscal year. A State must report to CMS by January 1 following the end of each Federal fiscal year, on the results of the State's assessment of the operation of the State plan.

(b) Contents of annual report. In the annual report required under paragraph (a) of this section, a State must—

(1) Describe the State's progress in reducing the number of uncovered, low-income children and; in meeting other strategic objectives and performance goals identified in the State plan; and provide information related to a core set of national performance goals and measures as developed by the Secretary;

(2) Report on the effectiveness of the State's policies for discouraging the substitution of public coverage for private coverage;

(3) Identify successes and barriers in State plan design and implementation, and the approaches the State is considering to overcome these barriers;

(4) Describe the State's progress in addressing any specific issues (such as outreach) that the State plan proposed to periodically monitor and assess;

(5) Provide an updated budget for a 3-year period that describes those elements required in § 457.140, including any changes in the sources of the non-Federal share of State plan expenditures;

(6) Identify the total State expenditures for family coverage and total number of children and adults, respectively, covered by family coverage during the preceding Federal fiscal year;

(7) Describe the State's current income standards and methodologies for its Medicaid expansion program, separate child health program, and title XIX Medicaid program, as appropriate.

(c) Methodology for estimate of number of uninsured, low-income children. (1) To report on the progress made in reducing the number of uninsured, low-income children as required in paragraph (b) of this section, a State must choose a methodology to establish an initial baseline estimate of the number of low-income children who are uninsured in the State.

(i) A State may base the estimate on data from—

(A) The March supplement to the Current Population Survey (CPS);

(B) A State-specific survey;

(C) A statistically adjusted CPS; or

(D) Another appropriate source.

(ii) If the State does not base the estimate on data from the March supplement to the CPS, the State must submit a description of the methodology used to develop the initial baseline estimate and the rationale for its use.

(2) The State must provide an annual estimate of changes in the number of uninsured in the State using—

(i) The same methodology used in establishing the initial baseline; or

(ii) Another methodology based on new information that enables the State to establish a new baseline.

(3) If a new methodology is used, the State must also provide annual estimates based on either the March supplement to the CPS or the methodology used to develop the initial baseline.

[66 FR 2683, Jan. 11, 2001, as amended at 66 FR 33824, June 25, 2001]

(a) The State must implement and maintain a publicly accessible, standards-based Application Programming Interface (API) that is conformant with the technical requirements at § 457.730(c), excluding the security protocols related to user authentication and authorization and any other protocols that restrict the availability of this information to particular persons or organizations, the documentation requirements at § 457.730(d), and is accessible via a public-facing digital endpoint on the State's website.

(b) The API must provide a complete and accurate directory of—

(1) The State's provider directory information including provider names, addresses, phone numbers, and specialties, updated no later than 30 calendar days after the State receives provider directory information or updates to provider directory information.

(2) [Reserved]

(c) This section is applicable beginning January 1, 2021.

[85 FR 25637, May 1, 2020]

(a) Reporting the Child Core Set. The State must report on the Core Set of Health Care Quality Measures for Children in Medicaid and CHIP (Child Core Set) for a separate child health program in accordance with part 437 of this chapter.

(b) Reporting the Adult Core Set. The State may elect to report on the Core Set of Adult Health Care Quality Measures in Medicaid (Adult Core Set) established by the Secretary in accordance with part 437 of this chapter. If the State reports measures on the Adult Core Set, such reporting must be in accordance with part 437 of this chapter, except that reporting on behavioral health measures on the Adult Core Set is not mandatory.

(c) Reporting of Medicaid and CHIP beneficiaries. The State must report measures included in the Child Core Set and, if applicable, Adult Core Set for individuals enrolled in a separate CHIP separately from individuals enrolled in Medicaid in accordance with § 437.15(b) of this chapter, regardless of whether the State claims Federal financial participation for such Medicaid-enrolled individuals under title XIX or title XXI of the Act.

[88 FR 60315, Aug. 31, 2023]