Matt Haddad
Provider Credentialing: Learn now or pay later
June 27, 2011
This report originally appeared in the June 2011 issue of DOTmed Business News
By Matt Haddad
These days, it seems that everyone is being “credentialed.” Americans are painfully aware of the need to produce credible, current identification each and every time they board a flight. Banks and consumer credit companies use increasingly sophisticated techniques to ascertain identity and eliminate fraud. The health care industry relies upon the process of credentialing to identify providers and qualify them for practice.
Unfortunately, technology solutions have made little headway in truly improving the health care credentialing process, which is still largely manual in nature and reliant on the paper file. Provider credentialing as the principal source of provider information for the organization, as a whole, is a source of massive errors and inefficiency.
Aside from the human error involved with manual, paper-based processes, provider information changes constantly and without warning—from innocuous changes in demographics to more problematic changes in professional and legal status. Failure to detect even minor changes can result in higher administrative costs, patient safety issues and an increased likelihood of medical errors and corresponding medical malpractice claims. Hospitals may also bear further financial burdens through the retroactive denial of claims for services performed by providers who have lapsed licenses or other inadequate, flawed credentials.
Traditionally, hospital leadership has viewed credentialing as a “check the box” regulatory burden largely overlooked from an efficiency standpoint. As a result, credentialing processes are antiquated and time-consuming. However, with the advent of Web services and other software innovations, this area is poised for dramatic change.
With real-time information -- rather than updates which can arrive months or even years following changes to a provider’s credentials or profile -- hospitals can ensure patient safety, decrease liability and protect their institutions from financial harm. Continuous monitoring of provider credentials is not simply a good extra step, it is a serious, fiscal responsibility that must be a part of hospital operations.
Evolving credentialing standards
For almost 80 years, hospital credentialing standards hardly changed. Credentialing was a process of peer oversight, which relied more on a local network of providers who knew each other. As the United States grew in population and became more mobile, health care delivery systems needed to expand and become more complex. To this day, while personal knowledge of physician abilities and character are factors for smaller community hospitals, organizations largely rely upon an expanding list of third-party sources for certification, historical and general capability information.
Strict controls on the definition of reliable sources of information and the use of those sources have been mandated by federal and state governments, as well as The Joint Commission, National Committee for Quality Assurance, Utilization Review Accreditation Commission and other accreditation bodies.
One area of credentialing improvement recently addressed is the frequency of information updating. This recognition of the need for more frequent credentialing activities was heralded by the 2007 TJC standards. In a radical departure from credentialing principles based on a policy of “What you don’t know can’t hurt you,” TJC deemed credentialing to be a significant organizational duty in the provision of quality patient care. According to these new standards, the goal of credentialing was to identify provider issues by collecting data on an ongoing basis.
Though it’s been four years since this came out, many facilities still have not been able to comply with these standards due to inadequate resources, technology and expertise. The basic framework of credentialing is still only the initial and reappointment cycle. Yet in the not-too-distant future, such periodic credentialing may become as antiquated as the horse and buggy.
Technology is enabling a convergence of point-of-service need with real-time access to provider information. If the trend continues, the requirement to credential at any specific date will be unnecessary as complete credentialing will be continuously performed. For this to happen, insurance data, affiliations, peer references and other manually available information must be converted into electronic databases for constant, automated and secure access. These databases will need to be continuously updated and new requirements may have to be put into place for the sources of such information.
Though these changes are still to come, today there is still an abundance of provider information that can be electronically accessed and monitored in real time, thereby providing immediate and tangible improvement in risk management and efficiency.
Legal consequences
Prior to 1965, hospitals were considered charitable organizations and immune from being sued for negligence. Much has changed since that time and hospitals are now a natural litigation target as they have deeper pockets than individual providers and can be easily exposed to direct liability. Plaintiffs’ attorneys are even now drawing a causal link between provider errors occurring in as many as one-third of hospital admissions, as reported in the journal Health Affairs, and negligent credentialing, thereby laying the legal responsibility at the feet of the organization.
Hospitals and other health care facilities are also experiencing growing levels of risk exposure through increased accountability for physician liability.
In most states, if a clinician has behavioral issues or other problems with their qualifications that should have been revealed by proper and effective credentialing, the facility can be held responsible for any harm caused to patients by that provider. Injured patients may also have legal recourse against the hospital for malpractice if the credentialing process was incomplete, inadequate or non-existent. These growing levels of risk responsibility on the part of the hospital are increasingly supported by courts across the nation.
Consider the Utah Supreme Court, which recently reversed an earlier decision against a woman who had brought several claims of malpractice against the physician who mishandled her abdominal surgery at St. Mark’s Hospital in Salt Lake City, where the original operation was performed. The plaintiff, whose subsequent treatment after discharge included six corrective surgeries, claimed that St. Mark’s Hospital was negligent – or guilty of culpable conduct – in credentialing the surgeon. St. Mark’s argued that Utah did not recognize a cause of action for negligent credentialing.
Rejecting the hospital’s contention that the woman’s claim was barred by the immunity afforded to health care providers for discharging duties under the state’s peer review, the court maintained that St. Mark’s held the ultimate responsibility for medical staff decisions. The court went on to recognize negligent credentialing as a viable common law claim.
In the landmark 1998 case, Romero vs. Columbia, a hospital paid $23.2 million in damages after a routine hernia operation resulted in extreme loss of blood and consequent heart attack. The court found the hospital liable in the screening process of the offending physician, who had been sued 11 times and had privileges suspended from another state prior to the malpractice incident. Due to a restraining order the surgeon had placed on his former hospital, the suspensions never surfaced. The hospital argued due diligence in the screening process, but could not arbitrate against the overwhelming undocumented evidence that had escaped them during their credentialing of the provider.
In the end, incomplete and inefficient credentialing led to massive financial loss on the part of the hospital, further damage to the hospital’s reputation and most importantly, unacceptable harm to a patient.
State courts across the country have concluded hospitals have legal duties to patients to increase patient safety and reduce malpractice cases and a responsibility to stakeholders to keep their operations financially viable. Hospitals not aware of changes in provider credentials are simply laying the foundation for liability issues in the future. Even when the hospital is able to successfully defend against such cases, the cost of litigation and damage to its reputation may be irreparable.
A new trouble spot: reimbursement and credentialing
While ineffective credentialing can lead to loss of accreditation status, licensure and Medicare certification, there is now a further significant financial liability: recovery audits.
For many years, recovery audit firms have been engaged by payers to identify and collect overpayments due to billing and coding errors. Recently, some of these firms have looked to provider issues as another potential source of recovery. Consequentially, any claim or reimbursement submitted must be screened for provider credentialing issues at the time of service. For instance, if a provider had a lapsed license at the time care was provided, that claim could be justifiably denied. Claims screening activities are quickly uncovering that anywhere from 2 to 7 percent of claims are at risk or justify denial due to provider credentialing issues. This may seem small, but even 1 percent denial rate based on provider issues can mean a major financial problem for a facility.
Should hospitals do their own credentialing at all?
The task of having individual hospitals acquire and successfully implement technology to produce a continuous credentialing process is understandably daunting. Even with automation and reduced labor, there are significant challenges to assuring that technology will deliver the benefits being sought.
Perhaps the key issue is in the inefficiency of most hospitals performing their own credentialing at all. Across the U.S., hospitals and other organizations are performing the same credentialing processes in isolation. There are no efficiencies to credentialing in silos. Processes that specialized service organizations can provide for less cost and greater quality should be accessed to meet this challenge.
Credentialing Verification Organizations equipped with continuous verification technology are the best solution for hospitals that should primarily focus on delivering quality care.
These CVOs specialize in finding lapsed or expired licenses, sanctions, de-certifications and other issues that might affect patient care and provider services and flagging that information to offer a more complete credentialing picture of each provider. This type of outsourced technology approach is becoming increasingly efficient and cost-effective for hospitals forced to reduce resources, but still comply with quality measures in today’s competitive health care market. Of course, hospitals cannot delegate the ultimate decision to appoint a physician, but obtaining the information necessary to make that decision may be a needlessly expensive and error-prone exercise that should be outsourced.
Conclusion
Consistent and real-time credentialing is the first line of defense in protecting patients, staff and a hospital’s reputation. The more rigorous the process, the higher the quality of the resulting doctors, patient care and industry standing. Hospitals and health care facilities are coming to terms with the importance of understanding their providers past, present, and future. Avoiding knowledge of provider issues is a perilous path, so remember: “Who you know, what you know and when you know it” is the new normal.
DM16086
Matthew Haddad is president and CEO of Medversant, a Web-based data management provider. As a health care industry consultant, Mr. Haddad has arranged financing and provided interim management to acute care facilities, skilled nursing facilities, psychiatric care facilities and assisted living centers. He serves on the Board of the American Association of Preferred Provider Organizations and has published numerous articles on credentialing, technology and healthcare-related issues. Mr. Haddad received a B.S. in Business Administration from the State University of New York at Albany and his JD from Boston University. He maintains state bar licensure in New York, California and Massachusetts.
By Matt Haddad
These days, it seems that everyone is being “credentialed.” Americans are painfully aware of the need to produce credible, current identification each and every time they board a flight. Banks and consumer credit companies use increasingly sophisticated techniques to ascertain identity and eliminate fraud. The health care industry relies upon the process of credentialing to identify providers and qualify them for practice.
Unfortunately, technology solutions have made little headway in truly improving the health care credentialing process, which is still largely manual in nature and reliant on the paper file. Provider credentialing as the principal source of provider information for the organization, as a whole, is a source of massive errors and inefficiency.
Aside from the human error involved with manual, paper-based processes, provider information changes constantly and without warning—from innocuous changes in demographics to more problematic changes in professional and legal status. Failure to detect even minor changes can result in higher administrative costs, patient safety issues and an increased likelihood of medical errors and corresponding medical malpractice claims. Hospitals may also bear further financial burdens through the retroactive denial of claims for services performed by providers who have lapsed licenses or other inadequate, flawed credentials.
Traditionally, hospital leadership has viewed credentialing as a “check the box” regulatory burden largely overlooked from an efficiency standpoint. As a result, credentialing processes are antiquated and time-consuming. However, with the advent of Web services and other software innovations, this area is poised for dramatic change.
With real-time information -- rather than updates which can arrive months or even years following changes to a provider’s credentials or profile -- hospitals can ensure patient safety, decrease liability and protect their institutions from financial harm. Continuous monitoring of provider credentials is not simply a good extra step, it is a serious, fiscal responsibility that must be a part of hospital operations.
Evolving credentialing standards
For almost 80 years, hospital credentialing standards hardly changed. Credentialing was a process of peer oversight, which relied more on a local network of providers who knew each other. As the United States grew in population and became more mobile, health care delivery systems needed to expand and become more complex. To this day, while personal knowledge of physician abilities and character are factors for smaller community hospitals, organizations largely rely upon an expanding list of third-party sources for certification, historical and general capability information.
Strict controls on the definition of reliable sources of information and the use of those sources have been mandated by federal and state governments, as well as The Joint Commission, National Committee for Quality Assurance, Utilization Review Accreditation Commission and other accreditation bodies.
One area of credentialing improvement recently addressed is the frequency of information updating. This recognition of the need for more frequent credentialing activities was heralded by the 2007 TJC standards. In a radical departure from credentialing principles based on a policy of “What you don’t know can’t hurt you,” TJC deemed credentialing to be a significant organizational duty in the provision of quality patient care. According to these new standards, the goal of credentialing was to identify provider issues by collecting data on an ongoing basis.
Though it’s been four years since this came out, many facilities still have not been able to comply with these standards due to inadequate resources, technology and expertise. The basic framework of credentialing is still only the initial and reappointment cycle. Yet in the not-too-distant future, such periodic credentialing may become as antiquated as the horse and buggy.
Technology is enabling a convergence of point-of-service need with real-time access to provider information. If the trend continues, the requirement to credential at any specific date will be unnecessary as complete credentialing will be continuously performed. For this to happen, insurance data, affiliations, peer references and other manually available information must be converted into electronic databases for constant, automated and secure access. These databases will need to be continuously updated and new requirements may have to be put into place for the sources of such information.
Though these changes are still to come, today there is still an abundance of provider information that can be electronically accessed and monitored in real time, thereby providing immediate and tangible improvement in risk management and efficiency.
Legal consequences
Prior to 1965, hospitals were considered charitable organizations and immune from being sued for negligence. Much has changed since that time and hospitals are now a natural litigation target as they have deeper pockets than individual providers and can be easily exposed to direct liability. Plaintiffs’ attorneys are even now drawing a causal link between provider errors occurring in as many as one-third of hospital admissions, as reported in the journal Health Affairs, and negligent credentialing, thereby laying the legal responsibility at the feet of the organization.
Hospitals and other health care facilities are also experiencing growing levels of risk exposure through increased accountability for physician liability.
In most states, if a clinician has behavioral issues or other problems with their qualifications that should have been revealed by proper and effective credentialing, the facility can be held responsible for any harm caused to patients by that provider. Injured patients may also have legal recourse against the hospital for malpractice if the credentialing process was incomplete, inadequate or non-existent. These growing levels of risk responsibility on the part of the hospital are increasingly supported by courts across the nation.
Consider the Utah Supreme Court, which recently reversed an earlier decision against a woman who had brought several claims of malpractice against the physician who mishandled her abdominal surgery at St. Mark’s Hospital in Salt Lake City, where the original operation was performed. The plaintiff, whose subsequent treatment after discharge included six corrective surgeries, claimed that St. Mark’s Hospital was negligent – or guilty of culpable conduct – in credentialing the surgeon. St. Mark’s argued that Utah did not recognize a cause of action for negligent credentialing.
Rejecting the hospital’s contention that the woman’s claim was barred by the immunity afforded to health care providers for discharging duties under the state’s peer review, the court maintained that St. Mark’s held the ultimate responsibility for medical staff decisions. The court went on to recognize negligent credentialing as a viable common law claim.
In the landmark 1998 case, Romero vs. Columbia, a hospital paid $23.2 million in damages after a routine hernia operation resulted in extreme loss of blood and consequent heart attack. The court found the hospital liable in the screening process of the offending physician, who had been sued 11 times and had privileges suspended from another state prior to the malpractice incident. Due to a restraining order the surgeon had placed on his former hospital, the suspensions never surfaced. The hospital argued due diligence in the screening process, but could not arbitrate against the overwhelming undocumented evidence that had escaped them during their credentialing of the provider.
In the end, incomplete and inefficient credentialing led to massive financial loss on the part of the hospital, further damage to the hospital’s reputation and most importantly, unacceptable harm to a patient.
State courts across the country have concluded hospitals have legal duties to patients to increase patient safety and reduce malpractice cases and a responsibility to stakeholders to keep their operations financially viable. Hospitals not aware of changes in provider credentials are simply laying the foundation for liability issues in the future. Even when the hospital is able to successfully defend against such cases, the cost of litigation and damage to its reputation may be irreparable.
A new trouble spot: reimbursement and credentialing
While ineffective credentialing can lead to loss of accreditation status, licensure and Medicare certification, there is now a further significant financial liability: recovery audits.
For many years, recovery audit firms have been engaged by payers to identify and collect overpayments due to billing and coding errors. Recently, some of these firms have looked to provider issues as another potential source of recovery. Consequentially, any claim or reimbursement submitted must be screened for provider credentialing issues at the time of service. For instance, if a provider had a lapsed license at the time care was provided, that claim could be justifiably denied. Claims screening activities are quickly uncovering that anywhere from 2 to 7 percent of claims are at risk or justify denial due to provider credentialing issues. This may seem small, but even 1 percent denial rate based on provider issues can mean a major financial problem for a facility.
Should hospitals do their own credentialing at all?
The task of having individual hospitals acquire and successfully implement technology to produce a continuous credentialing process is understandably daunting. Even with automation and reduced labor, there are significant challenges to assuring that technology will deliver the benefits being sought.
Perhaps the key issue is in the inefficiency of most hospitals performing their own credentialing at all. Across the U.S., hospitals and other organizations are performing the same credentialing processes in isolation. There are no efficiencies to credentialing in silos. Processes that specialized service organizations can provide for less cost and greater quality should be accessed to meet this challenge.
Credentialing Verification Organizations equipped with continuous verification technology are the best solution for hospitals that should primarily focus on delivering quality care.
These CVOs specialize in finding lapsed or expired licenses, sanctions, de-certifications and other issues that might affect patient care and provider services and flagging that information to offer a more complete credentialing picture of each provider. This type of outsourced technology approach is becoming increasingly efficient and cost-effective for hospitals forced to reduce resources, but still comply with quality measures in today’s competitive health care market. Of course, hospitals cannot delegate the ultimate decision to appoint a physician, but obtaining the information necessary to make that decision may be a needlessly expensive and error-prone exercise that should be outsourced.
Conclusion
Consistent and real-time credentialing is the first line of defense in protecting patients, staff and a hospital’s reputation. The more rigorous the process, the higher the quality of the resulting doctors, patient care and industry standing. Hospitals and health care facilities are coming to terms with the importance of understanding their providers past, present, and future. Avoiding knowledge of provider issues is a perilous path, so remember: “Who you know, what you know and when you know it” is the new normal.
DM16086
Matthew Haddad is president and CEO of Medversant, a Web-based data management provider. As a health care industry consultant, Mr. Haddad has arranged financing and provided interim management to acute care facilities, skilled nursing facilities, psychiatric care facilities and assisted living centers. He serves on the Board of the American Association of Preferred Provider Organizations and has published numerous articles on credentialing, technology and healthcare-related issues. Mr. Haddad received a B.S. in Business Administration from the State University of New York at Albany and his JD from Boston University. He maintains state bar licensure in New York, California and Massachusetts.