NCPDP Comments

NCPDP supports ONC’s recommendations.

NCPDP Comment

  1. Update Implementation Maturity to Production (as of 1/1/2020).

NCPDP Comment

  1. Title should say: “Allows a Prescriber to Request, Cancel or Appeal Prior Authorization for Medications”.
  2. NCPDP SCRIPT 2013101 should have:
    1. an adoption level of 3.
    2. Modify testing tool availability to Yes


  1. Add the following:

Type-Implementation Specification

Standard Implementation/Specification- NCPDP SCRIPT Standard, Implementation Guide, Version 2017071

Standards Process Maturity – Final

Implementation Maturity- Pilot

Adoption Level – 1

Federally Required – No

Cost – $

Test Tool Availability – Yes.


Pharmacy HIT Collaborative's Comments on ONC's Proposed 2018 ISA

The Pharmacy HIT Collaborative supports the move to NCPDP SCRIPT Version 2017071 as soon as participants can reasonably be ready to implement such a change. The Collaborative supports theuse of NCPDP SCRIPT Standard, Implementation Guide Version 2013101.

NCPDP - Comment on Version 10.6

    • The adoption level should be modified to a 2.
    • Under Limitations, Dependencies, and Preconditions for Consideration add the following:
      • The following transactions need to be implemented for interoperability purposes:
        • PAInitiationRequest and PAInitiationResponse
        • PARequest and PAResponse
        • PAAppealRequest and PAAppealResponse
        • PACancelRequest and PACancelResponse
      • Both the prescriber and the payer/processor/pharmacy benefits manager (PBM) must have their systems configured for the transaction in order to facilitate successful exchange.
    • Under Applicable Security Patterns for Consideration add the following:
      • Secure Communication – create a secure channel for client-to- serve and server-to-server communication.
      • Secure Message Router – securely route and enforce policy on inbound and outbound messages without interruption of delivery.
      • Authentication Enforcer – centralized authentication processes.
      • Authorization Enforcer – specifies access control policies.
      • Credential Tokenizer – encapsulate credentials as a security token for reuse (e.g., – SAML, Kerberos).
      • Assertion Builder – define processing logic for identity, authorization and attribute statements.
      • User Role – identifies the role asserted by the individual initiating the transaction.
      • Purpose of Use - Identifies the purpose for the transaction.