Previously, we examined the benefits of delegating credentialing to an outside organization. While there are benefits, the process still entails a host of responsibilities for the delegating company. In short, it is imperative for these companies to understand outsourcing to a Credentials Verification Organization (CVO) does not relieve essential obligations.
Clear Definition of Roles
To avoid misconceptions, the delegator must establish a policy and procedures manual including the following points:
Detailed list of responsibilities of each party
Description of delegated activities
Semi-annual or better reporting capability
Delineated valuation process
Procedures for remediation or revocation of contract
Terms are mutually agreeable
These points may seem self-evident but unless documented and agreed to by both parties it can lead to serious misunderstandings that may, ultimately, be paid for by the delegating company.
As mentioned previously, the delegating company is accountable for all functions performed within its purview whether the functions are performed in-house or by a delegated subcontractor.
In addition, a delegating organization must also demonstrate that it can monitor the activities of its subcontractors and ensure that processes are performed according to standards, such as NCQA (National Committee for Quality Assurance). Audits should be performed routinely and the results should be shared with the CVO. The delegating entity should then work alongside the CVO to create a Corrective Action Plan (CAP) to remedy each issue and all documentation needs to be saved for reference and audits. Simply put, the delegating entity may give a delegate the authority to act on its behalf, but it still remains accountable for the performance of that activity.
Protected Health Information
It is important to document if any protected health information (PHI) will be provided to the CVO. If so, according to the NCQA standards, the documentation should include the following provisions:
List of allowed uses
Description of safeguards that will prevent misuse by the delegate
Delineation of any transfer to sub-delegates
Assurance that the delegate will afford individuals access to their PHI information
Established notification system if there is a breach in security or protocol when dealing with PHI
Agreement that all PHI will be returned or destroyed at the delegators request at the end of the contract
The Bottom Line
As you can see, there are many questions to be asked, issues to be resolved and processes to be documented prior to delegating credentialing. Moreover, the delegating organization must document and confirm the chosen provider will deliver the required and agreed to level of service. Only then, will the delegating organization feel confident they’re onboarding providers that meet or exceed state and federal requirements.