Top 5 Reasons Why Medical Credentialing Services Are Vital for Healthcare Pro...
Compliance Today Article November 2015 Schultz
1. 23
Department of Justice
memo emphasizes
individual
accountability in
corporate wrongdoing
Tricia R. Owsley
27
First 60-day rule
enforcement cases
unfavorable
to healthcare
providers
Colin P. McCarthy
37
SEC
enforcement
actions against
CCOs: Outlier
or new trend?
Tom Fox
32
Quality of care CIAs:
The importance of
credentialing and privileging
Chris Anusbigian, Heather Hagan,
Peter A. Khoury, and
Janemarie Schultz
a publication of the health care compliance association www.hcca-info.org
ComplianceTODAY November 2015
Social media savvy—
Think before you tweet!
an interview with Anne Van Dusen
Manager of Regulatory Compliance and Risk Management
ACM Medical Laboratory
See page 16
Social media savvy—
Think before you tweet!
an interview with Anne Van Dusen
Manager of Regulatory Compliance and Risk Management
ACM Medical Laboratory
See page 16
This article, published in Compliance Today, appears here with permission from the Health Care Compliance Association. Call HCCA at 888-580-8373 with reprint requests.
2. 32 www.hcca-info.org 888-580-8373
ComplianceToday November2015 FEATURE
H
igh standards of quality care are
crucial to help ensure that patients
are not neglected, healthcare orga
nizations are not cheating federal healthcare
programs, and that patients are treated with
dignity and respect. Quality care tends to focus
not only on clinical outcomes, but on patient
satisfaction and processes of care as well. The
medical staff credentialing process typically
contributes to a healthcare provider’s efforts
to provide this high quality care and supports
patient safety efforts. The Office of Inspector
General (OIG) of the Department of Health and
Human Services (DHHS) in their 2014 and 2015
Work Plans outline ongoing reviews for the
verification of credentials before privileges are
granted.1
Verification is an important exercise
for compliance professionals to be aware of,
participate in, and support. This article focuses
on the intersection
of credentialing and
quality of care, the
medical staff cre
dentialing process,
examples of creden
tialing failures, and
strategies to help
improve credential
ing processes and
controls for health
care organizations.
What is provider
credentialing?
Medical staff cre
dentialing is the
process of gathering
and performing primary source verification
(PSV) of information regarding physicians’
and other licensed practitioners’ qualifications.
Credentialing is a critical step to attain privi
lege and approval by a governing board for
appointment to a medical staff. All third-party
payers require credentialing in order to become
a member of a panel or a participating provider.
by Chris Anusbigian, MBA; Heather Hagan, CIA, CRMA; Peter A. Khoury, MHA, MJ, CHC, CHPC;
and Janemarie Schultz, MBA
Quality of care CIAs:
The importance of
credentialing and privileging
»» Credentialing is a process that includes gathering and performing primary source verification.
»» False Claims Act actions can be brought in credentialing failure cases, with consequences.
»» Two government databases should be used in the credentialing process.
»» Policies and procedures for the process of credentialing should be documented and followed.
»» Compliance professionals should be engaged early in the credentialing process.
Chris Anusbigian (canusbigian@deloitte.com) is a Deloitte Advisory specialist leader
in Deloitte Touch LLP’s Detroit office. Heather Hagan (hhagan@deloitte.com)
is a Deloitte Advisory senior manager and Peter A. Khoury (pkhoury@deloitte.com)
is a Deloitte Advisory consultant in Deloitte Touch LLP’s Philadelphia office.
Janemarie Schultz (jschultz@deloitte.com) is a specialist master in Deloitte
Consulting LLP’s Parsippany, NJ office.
Schultz
Anusbigian Hagan
Khoury
3. 888-580-8373 www.hcca-info.org 33
ComplianceToday November2015
FEATURE
PSV is the act of obtaining the applicant’s
credentials (i.e., the documentation itself or
verification of the documentation) directly
from the original or primary source. Elements
of the process include review of active state
licensure, board certifications, prior practice
history, and peer recommendations. Other
databases should be checked, such as the
National Practitioners Data Bank (NPDB),
which is an electronic
information repository
created by Congress that
contains information
on medical malpractice
payments and certain
adverse actions related to
health care practitioners,
entities, providers, and
suppliers. The OIG’s List
of Excluded Individuals
and Entities (LEIE),
should also be used
in the credentialing process. This review is
necessary in the process because the Social
Security Act provides grounds for mandatory
exclusion for activities such as patient abuse,
and the less severe permissive exclusion,
which may be handed down for activities such
as not paying back a federal student loan.2
Once PSV is completed, medical staff
privileging can be performed to determine
those specific services and procedures that
the provider is deemed, by the medical staff
leadership, qualified to provide or perform.
Credentialing cannot be economic, which is
defined by the American Hospital Association
as “the use of economic criteria unrelated to
quality of care for professional competence
in determining a physician’s qualification for
initial or continuing hospital medical staff
membership or privileges.”3
An example of
economic credentialing may be limiting proce
dures a physician can perform at an institution
because he/she has admitting privileges at a
competing hospital. Furthermore, the process
of credentialing has become so complex that
many organizations may have a full time
resource dedicated to these responsibilities.
Credentialing quality of care
are compliance issues
Increasing scrutiny and legal action has been
focused on an organization’s legal duty to
determine the compe
tency of a provider, both
in qualifications and
proficiency. Not follow
ing a rigorous process
around credentialing
and privileging can leave
the organization vulner
able to legal action for
not meeting the estab
lished criteria set forth
by governing bodies.
The Medicare Conditions
of Participation4
include the following require
ments for hospitals:
·· The hospital must have an organized
medical staff that operates under bylaws
approved by the governing body and is
responsible for the quality of medical care
provided to patients by the hospital.
·· The bylaws must include criteria for
determining the privileges to be granted
to individual practitioners and a procedure
for applying the criteria to individuals
requesting privileges.
·· The medical staff must examine the
credentials of all eligible candidates for
medical staff membership and make
recommendations to the governing body
on the appointment of these candidates
in accordance with State law, including
scope-of-practice laws, and the medical
staff bylaws, rules, and regulations.
A candidate who has been recommended
by the medical staff and who has been
Increasing scrutiny
and legal action has
been focused on an
organization’s legal
duty to determine
the competency
of a provider…
4. 34 www.hcca-info.org 888-580-8373
ComplianceToday November2015 FEATURE
appointed by the governing body is
subject to all medical staff bylaws, rules,
and regulations, in addition to the
requirements contained in this section.
Organizations can be held liable for cre
dentialing failures when a provider has been
granted privileges to provide a service without
proper verification of credentials and experience.
Some organizations have been found to have:
·· Arbitrary granting of privileges that
includes “grandfathering” individuals to
provide a service when they do not meet
the current criteria;
·· Careless and disorganized collection of
initial data necessary to verify training,
board certifications, and previous
experience; and
·· Lack of policies and procedures for
ongoing verification of practitioner
qualifications, which can include
malpractice history and open cases.
Examples of credentialing failures
Specifically related to provider credentialing,
in 2003 a healthcare company entered into a
multi-million dollar False Claims Act (FCA)
settlement with the OIG. A hospital was dis
covered to have had inadequate peer review
and credentialing procedures for cardiologists
who provided medically unnecessary services.5
This settlement led to the divestiture of the hos
pital and was a strong statement by the OIG that
they will likely exercise their exclusion authority
when quality controls are not adequate.
The OIG has outlined what they determine
to be reportable events for organizations under
a Corporate Integrity Agreement (CIA). One of
these events is the employment of, or contract
ing with, an ineligible person.6
For healthcare
organizations, this can present a risk that may
result in stiff penalties if unnoticed for some
time. It is imperative that healthcare organiza
tions have effective compliance programs that
incorporate frequent review to help mitigate
this risk. Additionally, the Federal Sentencing
Guidelines go so far as to reduce penalties for
organizations that have instituted and main
tained an effective compliance program.7
Strategies to help improve
credentialing processes and controls
Compliance professionals can employ a
number of strategies that are likely to
help reduce the risk of finding themselves
negotiating a quality-of-care CIA for
credentialing failures:
·· Verify that the Credentialing department
has a well-publicized set of policies and
procedures to outline the credentialing
process, and confirm how it meets the
requirements as defined in the bylaws of
the organization;
·· Provide assistance to the medical staff
leadership and the Quality department
in educating providers on quality
expectations, and provide them with
regular feedback with respect to their
individual contributions to quality of care;
·· Carefully scrutinize the “grandfathering”
of privileges for a service or procedure;
·· Assist in collecting data, utilizing an
organized and priority-driven system that
identifies the data necessary to meet local
and national regulatory requirements;
·· Verify that the Credentialing department
obtains and reviews documentation with
a well-structured approach;
·· Verify that the Credentialing department
documents and stores primary documents
and subsequent findings, which provides
transparency and accessibility, and also
demonstrates due diligence;
·· Confirm that the hospital bylaws
describing the credentialing process are
followed, including conducting searches
of two available databases: the NPDB and
the OIG’s LEIE;
5. 888-580-8373 www.hcca-info.org 35
ComplianceToday November2015
FEATURE
·· Review and monitor these
databases routinely to screen
for issues with staff members;
·· Confirm that the Credentialing
department is performing
ongoing monitoring and reviews
of provider credentials to help
validate that providers have the
ability to provide services and
procedures for which privileges
have been granted;
·· Document efforts to help
reduce these risks and increase
quality of care, and present this
information when negotiating a
quality-of-care CIA.
The compliance officer should help the
board of directors understand the important
role they often play in thoroughly reviewing
candidates for appointment to the medical
staff and also that they are not economi
cally credentialing providers. Moreover, the
compliance officer should be a partner in
the credentialing and privileging process
and should educate board members on their
fiduciary duty with respect to their decision-
making authority during credentialing and
privileging procedures.
The Credentialing department is often
responsible for policies and procedures to
help confirm that all providers are tracked,
credentialed, and re-credentialed, but the
Compliance department can also provide
an independent assessment of the process
to confirm that controls are in place and
operating effectively. One way to do this is
to take a sample of credentialing files and
compare each file to the required documen
tation to confirm that the credentialing file
is complete, re-credentialing has been con
ducted efficiently, and the required reviews
and approvals have been obtained and
documented. The Compliance department
can also confirm whether all providers in
the system are known and included in the
credentialing process, and that the credentialing
database is complete.
Final thoughts
Seeing that the OIG may view lack of proper
credentialing as an actionable administrative
and governance failure, healthcare entities
should be cognizant of their current and
future practices in this regard. OIG continues
to monitor these efforts as outlined in their
2015 Work Plan. Healthcare entities should
also accept that quality of care is considered
a compliance issue, as demonstrated by
recent FCA actions. Compliance professionals
should take proactive steps to help mitigate
potential quality-of-care and patient risks in
a manner that incorporates broad stakeholder
participation, strong controls, and clearly
outlined processes.
This publication contains general information only and
Deloitte is not, by means of this publication, rendering
accounting, business, financial, investment, legal, tax,
or other professional advice or services. This publication is
not a substitute for such professional advice or services,
nor should it be used as a basis for any decision or action
that may affect your business. Before making any decision
or taking any action that may affect your business, you
should consult a qualified professional advisor. Deloitte
shall not be responsible for any loss sustained by any
person who relies on this publication.
1. Department of Health and Human Services: 2014 OIG Work Plan, pg 7;
2015 OIG Work Plan, pg 20. Available at http://1.usa.gov/1LiEfk6
2. Social Security Act, 42. U.S.C. §1128, available at http://1.usa.gov/1LsbIMo
and §1156, available at http://1.usa.gov/1GFMd4P
3. American Medical Association: Policy H-230.975 Economic Credentialing.
Available at http://bit.ly/1R8WXhA
4. 42 CFR 482.22 - Condition of participation: Medical staff. Available at
http://1.usa.gov/1NamzKo
5. Office of Inspector General: Divestiture Agreement. Available at
http://1.usa.gov/1VPMmyW
6. Office of Inspector General: Corporate Integrity Agreement
Frequently Asked Questions - List of Reportable Events. Available at
http://1.usa.gov/17AqQ6m
7. United States Sentencing Commission: Federal Sentencing Guidelines,
Chapter 8, §8C2.5(f). Available at http://bit.ly/1hCjXtl