On May 28, 2026, the DOL, HHS, and IRS (the departments) issued a final rule that makes operational changes to the No Surprises Act (NSA) federal independent dispute resolution (IDR) process. According to the departments, the rule is intended to streamline the IDR process, clarify requirements, and reduce ineligible disputes. For employer plan sponsors, the changes are mainly relevant for purposes of monitoring carriers and TPAs that engage in the IDR process. Additionally, self-insured plans will face new identification and registration requirements under the federal IDR system.
Background
The NSA, which took effect in 2022, protects participants from surprise medical bills for out-of-network emergency services, air ambulance services, and certain out-of-network services received at in-network facilities. For NSA-covered services, participant cost-sharing is generally limited to in-network amounts, and the plan or insurer (payer) and healthcare provider (provider) must resolve the remaining out-of-network charges. If the payer and provider cannot agree on the payment amount after a 30-day open negotiation period, either party may initiate the federal IDR process, under which a certified IDR entity determines the final payment amount.
Since enactment, the departments have issued multiple rules and guidance documents implementing the NSA surprise billing protections and the federal IDR process. However, portions of that guidance have been vacated in litigation, and IDR filings have greatly exceeded expectations, including many disputes that were not eligible for the process. The departments have also cited communication gaps, confusion, and administrative inefficiencies as ongoing challenges.
The Federal IDR Operations Final Rule
To address these operational issues, the final rule makes several changes to the IDR process. In general, the changes are designed to improve efficiencies, clarify timing requirements, and limit disputes that do not qualify for the process. Among other updates, the rule revises the open negotiation process and related notice requirements in response to concerns that parties were not meaningfully engaging before proceeding to the IDR process. The rule also refines eligibility review standards, lowers administrative fees, and expands “batching” rules that allow multiple similar items or services to be combined into a single dispute, to help reduce administrative burden and costs.
Notably, the rule requires self-insured plans and insurers to register in the federal IDR portal, provide general information about the plan or coverage, and receive a registration number. A TPA can complete the registration on a self-insured plan’s behalf, but the plan remains ultimately responsible for compliance. The rule also requires payers to provide more detailed identification data with initial payments or notices of denial for out-of-network services, and to include standardized claim codes on remittance advices, to help providers determine whether a claim is subject to the NSA. Together, these changes are intended to improve communication early in the process and reduce disputes that are ineligible or directed at the wrong payer.
Employer Takeaway
For employer plan sponsors, these changes reinforce the importance of monitoring carriers, TPAs, and other service providers that administer NSA requirements on the plan’s behalf. As reflected in our January 27, 2026, Compliance Corner article, the DOL has identified enforcement of the NSA surprise billing prohibitions, including notice, disclosure, and payment requirements, as a 2026 enforcement priority.
The rule is especially important for self-insured plans, which must be more clearly identified in certain payment or denial communications, will be subject to a new registration requirement under the federal IDR system, and ultimately bear the cost of claim payments. Plan sponsors may want to confirm that carriers, TPAs, and other service providers are preparing to implement the new identification, disclosure, and registration requirements, and are administering the IDR process effectively.
The applicability dates for the rule provisions vary. Registration in the new IDR portal will be required within 90 days after the departments announce that the necessary portal functionality is available.
NFP will monitor developments and provide relevant updates in Compliance Corner.
More information regarding updates to the IDR process is available in the CMS Fact Sheet and the Federal IDR Operations Final Rule.