How to determine your vendor credentialing requirements | symplr Blog Feature
Mimi El-Messidi

By: Mimi El-Messidi on July 18th, 2019

Print/Save as PDF

How to determine your vendor credentialing requirements | symplr

Hospital Safety | Hospital Security | supply chain | best practices | vendor management

Just getting started with vendor credentialing? Find out how to determine the requirements that are best for you.

We’ve all heard the adage, “If something’s not broken, don’t fix it.” In some cases that can be good advice. However, if you’re a supply chain manager without a vendor credentialing program in place to ensure the safety of staff, patients and visitors, it’s important to understand that by the time there’s a problem, it’s often too late to fix it.

After some organizations realize the safety and legal benefits of a Vendor Management System (VMS), they decide to build their program from the ground up. It can be done, but there are some critical factors to consider to ensure a successful program. And, after your successful program is up and running, be sure to be prepared for ongoing evaluations and improvements to keep it that way.

When building your program from scratch, we recommend the following:

Form a dedicated management team to create policy and oversee implementation

It’s essential to have the right stakeholders involved from the very beginning. A representative from each department (supply chain, lab, nursing, radiology, pharmacy, ER, OR, etc.) should be involved. Ideally, committee members will know the credentialing requirements for their specialty, so there’s a base of expertise on which to build the program. Consider including hospital staff members that are likely to encounter vendors in kick-off meetings to add value and perspective to internal protocols.

Research governmental requirements

Confirm the credentialing requirements from applicable government and state agencies such as the Occupational Safety and Health Administration (OSHA), Centers for Medicare and Medicaid Services (CMS), Centers for Disease Control (CDC), the U.S. Department of Health and Human Services (HHS) and individual state regulatory bodies governing health services. After standards are aggregated, determine how to monitor requirements moving forward so your facility will remain in compliance.

Decide on policies and procedures that will work for your facility

In addition to meeting federal and state regulations, your facility will need to create unique policies and procedures (such as vaccination or PHI requirements) if it has not done so already. Some key decisions to make include:

  • Exactly who will require credentialing: have each group in your management team define the external populations that come in and out of your facility and specifically which ones will and will not require credentialing.
  • Levels of access to your facility: which areas are more sensitive and require higher levels of credentialing, health screenings and training?
  • Vendor appointment procedures: will vendors need to make appointments with the person they’re visiting before coming to your facility?
  • Vendor check-in points and procedures: every facility is different – identify where you get the most vendor traffic flow, as well as areas that you want to make sure vendors don’t use as an entrance.
  • Training requirements: what are the most important trainings for your vendors (e.g. HIPAA, internal protocols, safety)?
  • Non-compliance consequences: what happens when a vendor isn’t compliant with your credentialing policies?
  • Internal protocols for staff actions: what should staff do when they encounter a rep without credentials? What are the consequences for not following internal protocols?

Follow a process for drafting and approving your Compliance Policy

No matter how you decide to draft your policy – be it assigning the task to one person, having each department responsible for itself, or an amalgamation of both – it’s critical to ensure written materials follow the same basic template to confirm all necessary information is covered. Policy approval should also have a formal process which involves the members of the dedicated management team so there is buy-in from your entire organization. After the policy is approved, consider printing and posting it around your facility or attach it to intranet communications so all staff are aware of the policy and can refer to it if needed.

Assign dedicated staff to implement and oversee the program

We recommend forming two teams:

  • Hospital staff compliance – The hospital support team’s scope of work should include confirming that all staff have the necessary professional credentials, background checks, vaccinations, and training for internal protocols and HIPAA. Additionally, this team would train staff in vendor management issues such as look-up and check-in.
  • Vendor compliance – This team would work with vendors directly to attain, and maintain, their credentials. In addition to checking for the hospital policy’s health and safety requirements, their responsibilities would encompass activities such as general liability insurance checks and continual monitoring of paperwork validating compliance requirements.

Don’t forget to plan for the unexpected

Be sure to form policies that deal with staff departures and protocols for communication and consequences for staff and vendors who do not comply. It might also be useful to develop a disaster plan for supply and vendor management; for example, a protocol for staff to understand what to do in an emergency situation.

At the heart of all effective VMS programs is a dedication to upholding health and safety standards to protect staff, patients and visitors – and that includes vendors. Creating a functional, long-term policy from scratch can be challenging, but, the peace-of-mind that comes from protecting your facility against liability and loss of reputation in your community is worth the time and effort.

Are you ready to learn more about building a vendor compliance program to safeguard your facility? Download our Five Best Practices for Your Vendor Management Program eBook now to discover more insights into constructing a successful program and how symplr can help make the process easy for you and the vendors you work with.

Get our five best practices for vendor management



About Mimi El-Messidi

As Manager of Implementation, Mimi ensures that symplr programs are a success for healthcare facilities and their staff from the very first day onward. With over ten years in healthcare project management including EHR implementations, Mimi approaches each project with the customer’s best interest in mind, from developing comprehensive project plans to ensuring that training is meaningful and effective. Mimi holds a Masters degree in Public Health with a Healthcare Management focus from UT Houston School of Public Health and a Bachelors in Psychology and Medical Ethics from UT Austin. Ultimately, Mimi helps symplr customers be successful and guides them to ensure their symplr credentialing program drives compliance, ensures security, and reduces risk.