Prior Authorization Compliance: What NYS Pharmacies Need to Know to Avoid Medicaid, PBM, and Payor Enforcement Risks

On March 24, 2026, the New York State Department of Health (DOH) issued a notice to Medicaid-enrolled pharmacies reminding providers that third parties may not submit prior authorization requests on behalf of prescribers under the NYRx Medicaid Pharmacy Program.¹

According to DOH guidance, prior authorization requests must be submitted either by the prescribing practitioner or by the practitioner’s “authorized agent,” defined as an individual who is “employed by the same professional practice as the prescribing practitioner and has access to the patient’s medical record.”

The reminder reinforces the longstanding requirements under the NYRx Medicaid Pharmacy Program Pharmacy Policy Guidelines (Policy Guidelines), which expressly prohibit prescribers from delegating or contracting with pharmacists, pharmacies, or other third parties to submit prior authorization requests absent a qualifying authorized agent relationship under program rules. The Policy Guidelines have prohibited pharmacist-submitted prior authorizations since 2019. 

While these restrictions are well-established under New York State Medicaid rules, they differ significantly from the practices permitted by certain pharmacy benefit managers (PBMs) and commercial payors, some of which allow pharmacies to participate more actively in the prior authorization process. This inconsistency creates operational and compliance challenges for pharmacies that participate in multiple payor networks.

In many PBM and commercial payor arrangements, pharmacies may participate in nonclinical aspects of the prior authorization workflow, including benefits investigation, data aggregation, form preparation, and status tracking, while prescribers retain responsibility for clinical determinations and final submission of the request.

Increased Enforcement of Prior Authorization Compliance in NYS Pharmacies 

New York State pharmacies continue to face heightened scrutiny from both state regulators and payors regarding prior authorization compliance, pharmacy billing practices, and documentation integrity.

In its 2026 Work Plan, the Office of Medicaid Inspector General (OMIG) confirmed that it will continue auditing pharmacies to ensure compliance with Medicaid rules, regulations, billing requirements, and documentation obligations. 

At the same time, pharmacies and prescribers are facing increasing audit and enforcement activity from PBMs, managed care organizations, commercial health plans, and other payors related to allegedly improper third-party involvement in the prior authorization process. 

These investigations frequently focus on issues such as: 

• Pharmacy submission of prior authorization requests on behalf of prescribers; 
• Use of pharmacy staff or vendors to complete clinical questionnaires or attestations; 
• Insufficient documentation supporting prescriber involvement; 
• Delegation of prior authorization responsibilities to unauthorized third parties; 
• Alleged falsification or misrepresentation in prior authorization submissions; and
• Claims submitted pursuant to allegedly invalid or improperly obtained prior authorizations. 

For pharmacies, these matters can be difficult to defend, even where the pharmacy had limited or no involvement in the prior authorization process or believed its conduct complied with applicable payor guidance.  

Potential consequences of noncompliance may include: 

• Recoupment or reversal of paid pharmacy claims; 
• Extrapolated damages assessments; 
• PBM or payor audit findings; 
• Corrective action plans; 
• Network suspension or termination; 
• Medicaid program sanctions; 
• OMIG investigations; 
• Referral to state or federal enforcement agencies; and
• Allegations involving fraud, waste, or abuse. 

Regulatory Enforcement Activity Confirms Heightened Risk in Pharmacy Claims and Prior Authorization Oversight

New York State agencies have repeatedly identified pharmacy-related billing and claims compliance as a high-risk area for fraud, waste, and abuse oversight.

OMIG has consistently prioritized pharmacy program integrity, including compliance with Medicaid billing rules, documentation standards, and authorization requirements, through audits, pre-payment reviews, and credential verification reviews across the state Medicaid program.

OMIG and the DOH have also highlighted ongoing vulnerabilities in Medicaid pharmacy claims processing, including improper payments, system-level edit failures, and post-payment recoveries involving prescription drug claims. These issues have resulted in significant overpayment recoveries and enforcement actions across the state Medicaid program.

Although not always limited solely to prior authorization submissions, these audit findings demonstrate that pharmacy claims, including those dependent on authorization status, remain a primary focus of Medicaid program integrity enforcement in New York State.

Common Prior Authorization Findings in Audits

Recent pharmacy and payor audits and investigations have identified recurring prior authorization issues, including:

• Prior authorizations submitted without direct prescriber involvement; 
• Pharmacy staff or vendors completing clinical sections of prior authorization requests; 
• Missing or incomplete documentation supporting medical necessity; 
• Discrepancies between prior authorization submissions and medical records; 
• Lack of documentation showing prescriber review of authorization; and 
• Claims processed under invalid, expired, or improperly obtained prior authorizations. 

In many cases, auditors treat prior authorization deficiencies as claim-level violations leading to recoupments even when the underlying medication dispensing was appropriate.

Regardless of whether pharmacy involvement is administrative or limited in scope, audit findings may still result in claim-level denials, recoupments, and in some cases network or program participation consequences.

Why Prior Authorization Is a Growing Audit Target

Prior authorization workflows are increasingly targeted because they sit at the intersection of clinical decision-making, administrative delegation, and claims-payment authorization.

Regulators and payors focus on this area because prior authorization:

• Directly determines claims-payment eligibility; 
• Relies on documentation often external to pharmacy systems; 
• May involve delegated clinical decision-making; and 
• Creates heightened risk of incomplete or inaccurate reporting. 

Prior authorization processes are also subject to evolving delegation arrangements, including use of third-party service providers that assist with nonclinical administrative functions, such as benefits investigation, data entry, and status tracking.

As a result, prior authorization compliance has become a recurring focus in Medicaid program integrity initiatives, PBM audit strategies, and payor investigations.

Compliance Considerations for New York State Pharmacies

Pharmacies operating in New York State should evaluate their current prior authorization workflows and policies to ensure compliance with Medicaid requirements, PBM agreements, and other contractual obligations.  

Key compliance steps may include: 

• Reviewing payor agreements, provider manuals, and PBM policies to identify restrictions regarding pharmacy involvement in prior authorizations; 
• Conducting internal compliance assessments of current prior authorization practices and workflows; 
• Confirming whether pharmacy personnel, call centers, vendors, or third-party service providers participate in any aspect of prior authorization submissions; 
• Ensuring that written policies and procedures clearly define the permissible scope of pharmacy assistance related to prior authorizations;
• Training pharmacists, technicians, reimbursement specialists, and support staff regarding legal and contractual limitations on prior authorization activities; 
• Maintaining appropriate documentation of communications with prescribers regarding prior authorization requirements; 
• Auditing prior authorization–related activities periodically to identify and address potential compliance concerns; and 
• Consulting with experienced health care counsel before responding to PBM audits, OMIG inquires, or payor investigations involving prior authorization practices.

Prescribers may, in some cases, reduce prior authorization requirements by prescribing medications included on the NYS Medicaid Preferred Drug List (PDL), many of which do not require prior authorization.²

Distinguishing Permissible Pharmacy Activities From Prohibited Conduct

Although pharmacies may notify prescribers that a medication requires prior authorization, pharmacies should carefully assess whether additional involvement could be viewed by regulators or payors as impermissible participation in the submission process.

Activities that may create compliance risk include:

• Completing or submitting prior authorization forms on behalf of prescribers;
• Answering clinical questions using patient information;
• Accessing payor portals using prescriber credentials;
• Using third-party vendors to process prior authorizations;
• Representing that information was reviewed or approved by the prescriber when it was not; and
• Communicating directly with payors regarding clinical justification for coverage determinations.

State Medicaid rules generally do not permit prescribers to delegate professional judgment required for prior authorization determinations, subject to limited exceptions for administrative assistance that does not involve clinical decision-making or submission authority.³ A limited exception exists for pharmacists to submit a prior authorization request for a 72-hour emergency supply when a prescriber has not obtained a prior authorization number and cannot be reached, provided that appropriate documentation of contact attempts is maintained.⁴

Given the evolving enforcement landscape, pharmacies should ensure that operational practices align with both regulatory requirements and contractual obligations across all payor relationships.

Legal Guidance for Pharmacy Prior Authorization Compliance and Audit Defense 

Pharmacies facing questions regarding prior authorization compliance should proactively assess operational risk and implement appropriate safeguards.  

Barclay Damon’s national Pharmacy team advises prescribers and pharmacies on: 

• Prior authorization compliance; 
• Medicare and Medicaid requirements; 
• PBM contract interpretation and disputes; 
• PBM audit and investigation defense; 
• OMIG audits and investigations; 
• Pharmacy regulatory compliance; 
• Fraud, waste, and abuse mitigation; and 
• Health care enforcement matters.  

If your pharmacy has concerns regarding prior authorization practices, PBM audits, Medicaid compliance, or payor investigations, our team can help evaluate your current processes and develop strategies to reduce legal and operational risk. Contact us to schedule a consultation.

If you have any questions regarding the content of this alert, please contact Brad Gallagher or Linda Clark, co-leaders of the firm's Health Care Controversies and Pharmacy Teams, at bgallagher@barclaydamon.com and lclark@barclaydamon.com; or another member of the firm’s Health Care Controversies or Pharmacy Teams.
                                                                                                                                   
¹This notice follows earlier guidance issued by the DOH, including a December 2025 Volume 41 Medicaid Update, which reminded prescribers of prior authorization requirements under the NYRx Medicaid Pharmacy program.
²See Medicaid Preferred Drug List and Managed Care Plan Information, OFF. OF MENTAL HEALTH, https://omh.ny.gov/omhweb/guidance/medicaid_pharmacy_benefit/ (last visited Apr. 30, 2026).
³See 18 NYCRR §§ 513.2(a), 513.4, 504.3, 515.2; NY PHL § 273(3), (5); and NYRx Medicaid Pharmacy Program Pharmacy Manual Policy Guidelines (hereinafter “Policy Guidelines”) at pp. 14, 44.
⁴See Policy Guidelines at p. 14.