November 5, 2022
An introduction to the ABCs of the provider credentialing process.
So, you’ve hired a provider (or two); before they start seeing patients you’ll need to ensure they are properly credentialed to provide the care you're offering. As a virtual care company, your team is responsible for defining and maintaining the process through which that credentialing occurs.
A quick Google search for “provider credentialing” might return some confusing results. It’s important to note there are two categories of credentialing for licensed healthcare providers:
This edition of the Virtual Care Playbook focuses on provider credentialing, with an overview of what to look out for, how to DIY-it, and some options for outsourcing. Credentialing isn't exactly fun or exciting, but it’s a critically important process. Your patients trust you with their healthcare concerns, and it’s your responsibility to make sure you have qualified professionals available to treat them.
The credentialing process you define for your organization (whether you handle it all in-house or use a 3rd party) should always happen when you initially hire a provider, before they even begin working. After that, you’ll want to run regular checks against these databases to ensure that no new information has been reported. Most are updated monthly, but if you’re doing credentialing manually, you should run re-credentialing at least once a year. One benefit of many 3rd party vendors is that they will run these checks automatically and let you know if there are any new reports without adding any additional operational burden to your team.
To help you get started, we’ve compiled a list of credentialing checks to run and documents to collect as part of your process. Not included on this list: criminal background checks and reference checks (those are just good hiring practices, but not specific to provider credentialing). This list is not exhaustive, but can act as a great starting point.
The National Provider Identifier is a 10-digit number issued by CMS to healthcare providers or institutions. Any providers who write prescriptions or submit claims to Medicare, Medicaid, or private insurance need an NPI. The National Plan and Provider Enumeration System (NPPES) provides a free NPI verification tool that will confirm a provider’s NPI as well as their speciality.
Why check it? NPIs are required for any provider who submits claims to Medicare or Medicaid, as well as for e-prescriptions in some states (like NY). Even when they are not required, NPIs are used by many e-prescribe systems and by insurers to track claims and prescriptions.
The Drug Enforcement Agency issues a unique identifier called a DEA Number to healthcare providers who are licensed to prescribe controlled substances. This number is included on prescriptions and used to track prescribing habits and for pharmacies to verify that a prescription is valid. There is no public-facing verification option for DEA numbers (for some reason the DEA doesn’t want anyone to be able to look one up), but you should ask providers for proof of registration. If they need a new copy, they can request one here. If you have a physical clinic location, you can register as an institution with the DEA and conduct searches via their database.
Why check it? If your providers are going to prescribe controlled substances, it’s required!
Provider licensing is it’s own, equally thrilling, topic (don’t worry, we’ll spend a whole lot of time discussing it in a future post) but for the purposes of credentialing, you’ll need to verify that your provider’s state licenses are active and unencumbered in any states they will be treating patients. State licensing entities have public registries you can use to look up and verify a provider’s license number and status. Some states, like NY or CA, have a convenient, all-in-one, portal where you can verify any professional license. For others, like TX, you’ll need to search for the specific entity that issued the license (for example, the state medical board). For RNs, the National Council of State Boards of Nursing maintains a searchable database called NURSYS where you verify all of an RN’s license from any state except Michigan (what did the NCBSN ever do to you, Michigan?).
Why check it? Each state has its own licensing board for each healthcare profession, and healthcare professionals need an active state license to practice for each state in which they are operating. Verifying licensure status when you initially hire a provider and ensuring that their licenses do not expire while they are practicing is critical to ensuring a compliant operation.
The National Practitioner Data Bank, run by the Department of Health and Human Services (aka the HHS), is an online repository containing reports of malpractice payments or adverse actions taken against healthcare providers. Any licensed provider (MD/DO, RN, NP, PA, DMDs, LCSWs, etc) can be queried via the NPDB. When it comes to NPDB checks, you have two options. Providers can submit self-queries and share the report with you (this requires them to fill out a form on the NPDB website and pay $3), or you can register your entity with the NPDB and run your own queries. Like most processes that involve a government agency, registering with the NPDB is long, annoying, and involves a notary public. However, once you register, you’re able to run continuous queries on providers for the low, low price of $2.50/year. You’ll be alerted to any new reports that are submitted to the NPDB regarding your providers, so the upfront time to register is worth the effort, especially as you add more providers to your roster.
Why check it? The NPDB will alert you to any of the following actions that have been taken against a provider:
As we all know, the federal government will not tolerate fraud or abuse in any form! To that end, both individuals and institutions can be barred from receiving payments or participating in various programs run by government agencies if they are convicted of or involved in fraudulent activities. There are two main lists you should check providers against:
Both entities have public databases you can you to search for excluded providers (OIG, SAM)
Why check it? If you’re planning to participate in or receive payments from any government agency (like Medicare), you’ll need to ensure that your providers have not been excluded from those programs.
Many provider types are eligible for board certification based on their profession or speciality. Hiring a board-certified provider ensures that they have completed all the requisite educational programs to practice their speciality and they have demonstrated a certain level of professional knowledge, usually based on a board examination. For Physicians, Nurse Practitioners and Physician Assistants, board certification is considered a professional standard. You should collect copies of a provider’s board certificate and verify their status. Unfortunately, if you’re doing your own credentialing, there’s no one-stop shop to verify a provider’s board certification, but most boards do have online verification tools available:
Why check it? Not only does board certification demonstrate a level of professional knowledge that you want your providers to have, but many patients specifically seek out board certification as a requirement when looking for a provider. This is especially true for virtual care, when patients are being asked to trust a provider (and a company) they know very little about and can’t meet in person.
If the idea of provider credentialing has you rethinking your decision to enter the virtual care space, have no fear! There are plenty of services available that will greatly reduce the operational burden of credentialing- ranging from more traditional options specifically focused on the credentialing process and maintaining an organized database of your provider information, to others that offer additional services (like licensing or payer enrollment) on top of that. To get you started on your search, we've included a few options of each type below.
*please note, this is in no way an endorsement of any of these products!*
Silversheet: Targeted more towards in-person practices rather than the digital health space, Silversheet offers a digital platform for credentialing management that allows for customized workflows and enables providers to submit documents (like reference) directly.
Modio: Similar to Silversheet, Modio offers a platform for credentialing and monitoring of providers with a provider-facing portal. One nice feature is the ability to track CMEs.
Andros: Digital platform offering credentialing, ongoing monitoring, and “network development” (provider recruiting). They also have an API for integrations.
Medallion: Medallion offers credentialing, licensing, provider enrollment and payor contracting. They support ongoing monitoring as well.
Symplr: Offers multiple products/services, but their CVO product has credentialing, licensing, and payer enrollment for providers.
Verifiable: Offers a digital product for credentialing, licensing, and provider enrollment. Supports ongoing monitoring for a wide range of provider types. They also have an API you can use to integrate provider data into other systems.
If you’re doing credentialing 100% in-house, it’s important to stay organized, and to build a system that avoids any single points of failure. As you can see, there is a lot of information to collect from providers and many databases to check, so having a systematic approach to that process is key. You also need to be able to find that information easily in the future, should a patient or auditor ever request it, so don’t just leave it in your inbox. Because there is so much verification involved in credentialing, having one person be solely responsible for clearing a provider opens you up to errors. Double (or triple) checking reports, having multiple phases of credentialing checks, and having a clear sign-off process before deeming a provider is “credentialed” are important steps to mitigate those errors. Many institutions have credentialing committees that must sign off on new providers before they begin practicing.
While it is possible to DIY your provider credentialing, if you have the means to utilize a third-party credentialing service, you should. As you scale, the process will only become more burdensome, and there is absolutely no strategic advantage to doing it in-house. There are plenty of options available for outsourcing your credentialing work, some of which are targeted at the virtual care space. When evaluating potential credentialing solutions, some things to look out for are:
Whatever your organization decides, hopefully you have a better understanding of why credentialing is so important and what you need to get started. Or, at the very least, learned a few more healthcare acronyms!
https://emptech.com/sam-oig-exclusion-lists-differences/
https://www.cms.gov/regulations-and-guidance/administrative-simplification/nationalprovidentstand