QHP Certification Underway: The Growing Focus on Network Readiness

Initial submissions for the 2027 Qualified Health Plan (QHP) certification cycle are due this week to the Centers for Medicare & Medicaid Services (CMS) for issuers participating in Federally Facilitated Exchange (FFE) markets. As plans finalize submissions, attention remains focused on provider file accuracy, network adequacy validation, Essential Community Provider (ECP) compliance, and supporting documentation.

While these requirements remain familiar components of the certification process, the expectations surrounding them continue to evolve. Increasingly, certification reviews are examining not only whether networks meet quantitative standards, but whether submitted data accurately reflects provider participation and consumer access. As a result, QHP certification is becoming as much a measure of network readiness as it is a compliance exercise.

This shift aligns with broader changes in network oversight. In the PY2027 Notice of Benefit and Payment Parameters (NBPP), finalized by CMS on May 15, the agency largely adopted its proposed approach to provider access reviews. While federal certification requirements remain in place, the final rule establishes a pathway for states to assume responsibility for provider access reviews, creating the potential for greater variation in oversight approaches across markets. The Center for Consumer Information and Insurance Oversight (CCIIO) will continue to oversee the federal certification process, but State-Based Exchanges (SBEs) and state insurance departments may play an increasingly significant role in how provider access is evaluated and validated.

For plans, the significance of the PY2027 NBPP is less about new network adequacy standards and more about operational readiness. Provider data accuracy, appointment availability validation, review methodologies, exception processes, geocoding practices, and audit-ready documentation are becoming increasingly important components of demonstrating compliance. The focus is shifting from simply meeting requirements to demonstrating that the data and processes supporting those requirements are reliable.

That trend is already evident in the certification process. Network adequacy analyses, provider directory requirements, and Essential Community Provider evaluations all depend on accurate provider data. When provider files are incomplete, outdated, or inaccurate, the impact extends beyond certification reviews to consumer access, directory accuracy, and overall confidence in network performance.

As a result, issuers are increasingly expected to do more than assemble documentation for submission. They must be able to validate provider participation, maintain current provider records, identify discrepancies, and support the information underlying network adequacy analyses and certification filings. The ability to respond efficiently to reviewer questions and demonstrate confidence in submitted data has become an important component of certification readiness.

The same dynamic applies to network adequacy. Meeting applicable standards remains essential, but issuers are increasingly being asked to support the methodologies and underlying data used to demonstrate compliance. Questions related to provider availability, appointment accessibility, data validation processes, geocoding methodologies, and network exceptions are becoming more important components of the review process. In many respects, the processes used to maintain and validate network information have become just as important as the certification materials themselves.

As states gain greater flexibility under the PY2027 NBPP framework, issuers operating across multiple markets may encounter increasing variation in review methodologies, documentation expectations, and validation requirements. Organizations with strong provider data governance, network monitoring capabilities, and established validation processes will be better positioned to navigate those differences and respond to evolving expectations from CCIIO, State-Based Exchanges, and state insurance regulators.

As the 2027 certification cycle moves forward, certification readiness and operational readiness are becoming increasingly interconnected. For health plans, success depends not only on meeting regulatory requirements, but on maintaining the data, processes, and infrastructure needed to support network performance throughout the year.

In that environment, network readiness is no longer separate from certification readiness. It is becoming a central component of it.