In June of 2024 the Centers for Medicare and Medicaid Services (CMS) updated its consent compliance requirements for brokers and posted the update to their website.

For agents and brokers working with the Affordable Care Act (ACA) marketplace, ensuring that proper consent is obtained and documented is non-negotiable. The update was made to ensure that consent is being obtained and that agents are documenting that the consumers are reviewing and confirming the accuracy of  the updates and changes are being made to the eligibility application or plan selections.

Many agents mistakenly believe that CMS consent is “One and Done”. This is no longer the case.

Let’s delve into CMS consent compliance,

What is CMS Consent Compliance?

CMS mandates that insurance brokers/agents handling ACA enrollments must obtain and record consumer consent before sharing sensitive information or moving forward with certain actions. Specifically, CMS requires agents and brokers to secure consent before assisting consumers with ACA Marketplace applications or plan selections.

These rules exist to protect patient rights and ensure transparency in the healthcare system. But for agents and brokers, meeting these compliance standards can often feel like a complex and time-consuming process. Failing to adhere to these regulations can result in hefty fines, reputational damage, or even the loss of licenses.

IMPORTANT UPDATE as of June 2024:

This covers Consent for updates/changes to the eligibility application or plan selection.

  1. Agents, brokers, and web-brokers must obtain and document new consumer consent when updating an eligibility application or plan selection if the current consent does not cover those actions.
  2. Agents, brokers, and web-brokers must never change a consumer’s eligibility application information or plan selection without documenting that the consumer consented to the change.
  3. Agents, brokers, and web-brokers must also always document that the consumer reviewed and confirmed the accuracy of the eligibility application information prior to the agent or broker submitting the eligibility application to the Marketplace, including updates or changes to an existing Marketplace application.

Review of Consent Compliance Requirements

Obtaining and documenting  consumer consent:

As per Federally-facilitated Marketplace (FFM) standards, agents, brokers, and web-brokers assisting consumers or their authorized representatives are required to obtain and document consumer consent before performing the following actions:

  1. Collecting or using personal information: Gathering personally identifiable information (PII) for providing a Marketplace coverage quote or estimate.
  2. Conducting eligibility searches: Searching for a consumer’s eligibility application using approved Classic Direct Enrollment (Classic DE) or Enhanced Direct Enrollment (EDE) websites.
  3. Applying for Marketplace coverage: Assisting in completing a consumer’s eligibility application for Marketplace coverage or financial assistance.
  4. Enrolling in a health plan: Assisting with enrolling a consumer in a Marketplace qualified health plan (QHP).
  5. Making updates: Updating a consumer’s eligibility application through approved Classic DE or EDE platforms during the year.
  6. Checking status: Reviewing the status of a consumer’s coverage or eligibility application, including financial assistance eligibility.

Ongoing consent:
In certain cases, the initial consent may cover multiple actions, like checking eligibility status throughout the year to resolve data matching issues. This consent remains valid unless rescinded or expired, allowing agents or brokers to act without new consent for each subsequent action

Documentation for agencywide use:
If initial consent is documented to cover multiple agents or brokers within the same agency, it allows all designated agents to rely on the same consent for eligibility checks throughout the year.

Retention requirement:
Consent documentation must be kept for a minimum of 10 years and be available for audits or reviews by CMS.

Updating applications:
Whenever an agent, broker, or web-broker updates a consumer’s eligibility application or plan selection, new consent must be obtained if the existing consent doesn’t authorize those actions. Always document that the consumer reviewed and confirmed the accuracy of their application before submission.

Requirements of Documentation

  1. Date of Reviewed Information
  2. Name of Client
  3. An explanation of the attestations at the end of the eligibility application
  4. The name of the agent, broker or web-broker 

Common Challenges with CMS Consent Compliance

CMS consent compliance can be challenging for a number of reasons:

  1. Multiple Channels: Consumers may initiate interactions through different channels—text, email, or in-person—which means the process of securing consent or documenting consumer review can become fragmented and difficult to track.
  2. Manual Documentation: Some organizations still rely on manual processes to obtain and document consent. This not only slows down operations but also increases the risk of human error, misfiling, or data loss.
  3. Audit Trails: CMS requires an audit trail to prove that consent and documentation of customer reviews/confirmations was obtained in accordance with regulations. Managing these records can become a logistical headache without the right tools in place.

How Consent On Demand Solves These Challenges

Consent On Demand is a solution built for the modern compliance landscape. It is designed to simplify the consent process especially the documentation of the consumer’s review/confirmation of changes or updates.  By using Consent On Demand you are ensuring that you remain fully compliant with CMS. Here’s how it addresses the most pressing challenges:

  1. Omnichannel Consent Capture

Consent On Demand allows agents and brokers to capture consent, and document reviews/confirmations from clients across multiple channels—whether it’s through emails, text or person, via the computer, tablet or phone. This ensures that no matter how the client engages, their consent is recorded seamlessly in one central platform. It eliminates the risk of lost documentation and enables real-time updates, ensuring agents can move forward confidently.

  1. Automated E-Signature Solutions

The tool integrates with advanced e-signature technology, allowing consumers to easily provide their consent with just a few clicks. This drastically reduces the manual labor involved in consent gathering and ensures compliance by offering a digital, trackable footprint. Every consent action is timestamped and securely stored, ensuring it is audit-ready at all times.

  1. Comprehensive Audit Trails

CMS requires a complete audit trail, and Consent On Demand makes this easy. The platform generates and maintains detailed records for every consent interaction, including timestamps, communication channels used, and digital signatures. When it’s time for an audit or review, all relevant data is just a few clicks away, ready to be exported or reviewed in real time.

CMS Best Practices

  1. New Clients: Obtain a signed CMS Model Consent Form*, Template available in the Consent on Demand System BEFORE doing any work for you client.
  2. Use the Documentation of Consumer Review/Confirmation of Update/Change* for CMS Template in the Consent on Demand System BEFORE you submit any change or update for the client

*Please understand that these are two separate requirements of CMS. You must document that the client has reviewed and confirmed the changes or updates you make and the Model Consent Form does not cover the review/confirmation of changes because you must specify each change or update.

  1. Save all documents for 10 years and have them easily accessible for audits.