In the past five years, many states have passed laws to fix problems with prior authorization services. Almost every state is making its best efforts to implement these reforms. Already 90 bills have been introduced in 30 states. Texas brought in the “Gold Card” law. Illinois applied the same rules for all Medicaid Managed plans, while California emphasized leveraging electronic systems to speed up the process. These changes were meant to help doctors treat patients more quickly. However, national payers don’t always follow these rules properly, as they use loopholes to avoid the rules completely.
Payers often use uniform policies because they work in many states to keep things simple. This means they can ignore rules that are different in each state. For example, UnitedHealthcare might have plans in Texas and Georgia. Texas has strict rules on prior authorization, but Georgia does not. The insurer might use Georgia’s easier rules for both states. This causes delays in Texas. While this is legal, it hurts the purpose of state reforms. Patients and doctors end up dealing with slow, inefficient processes even where laws are better.
Let’s dive into how insurance providers often use major loopholes in state reforms for their own gains.
Identify the major loopholes in state-wise prior authorization regulations:
ERISA Plans: The Biggest Loophole:
A vital loophole often used by insurance providers is ERISA, a federal law that covers most employer health plans. These ERISA plans are controlled by federal rules, not state laws. That means state regulations for prior authorization solutions don’t apply to them. If a large company has a self-funded ERISA plan, it doesn’t have to follow state PA rules—even if employees live and get care in that state. Insurance payers often manage these ERISA plans and use them to avoid state regulations. So, even when states pass laws to help patients, those laws may only protect a small group of people.
Contractual Language and Fine Print
Another strategy payers use is embedding flexible language in contracts and PA guidelines. State laws often require fast turnaround times or limit the use of PA for certain services. But insurers may include vague language that allows them to request more documentation, delay processing, or label services as “not medically necessary.”
Here is an example- a specific law may require insurance payers to complete PA requests within 24 hours for urgent cases. The payer may comply but delay the process by claiming the form was incomplete. Or they might say that more clinical notes are needed, resetting the process. These moves don’t directly violate the law—but they undermine its effectiveness.
Use a third-party vendor:
Many payers hire third-party vendors to handle their prior authorization process. These vendors review requests, handle paperwork, and approve or deny cases. Because they aren’t the insurers, it’s sometimes unclear who should be held responsible. This makes enforcing prior authorization laws harder. When patients or providers complain, insurers blame the vendors, and vendors say they follow insurer’s rules. This causes delays, denials, and confusion that hurt patients. These vendors also use algorithms and AI to review requests. These systems are often hard to understand or challenge, especially since state laws usually focus on human reviews.
Lack of Federal Oversight
All these loopholes thrive in part because there is no strong federal oversight of the prior authorization process. It is true that CMS has already proposed some reforms, but they primarily affect Medicare Advantage and Medicaid. For commercial payers and ERISA plans, the rules are looser. Each state is left to police its own regulations, and enforcement varies. Some states have strong penalties. Others do not. Without a national framework, payers can pick and choose where to follow the rules strictly.
The intent behind prior authorization reform is to reduce these burdens. But when insurance payers sidestep the laws, it creates a two-tier system. On one hand, healthcare practitioners and patients benefit from streamlined rules. On the other hand, they face the same old obstacles, regardless of what the law says.
Fortunately, healthcare providers can work with specialized prior authorization service providers. These companies understand payer behavior and help navigate the process more efficiently.
Outsource prior authorization to enjoy steady approvals:
Outsourcing prior authorization can make a big difference when you’re dealing with complex and uneven rules across states. A professional prior authorization service knows how payers work—and how they often avoid state rules through loopholes like ERISA plans, vague contract language, and third-party vendors. These services stay updated with each state’s unique regulations and know exactly how to respond when payers try to delay or deny care using the fine print. Instead of wasting time chasing approvals, your staff can focus on patient care. A trusted prior authorization partner handles the paperwork, follows up on submissions, manages AI-based denials, and ensures your urgent requests meet the state deadlines. With the right support, you don’t have to worry about state-by-state hurdles—your approvals stay steady, your compliance stays strong, and your patients get the care they need faster.
