Medical credentialing is a necessary evil. There are two overarching perspectives with which to approach the topic. From a regulatory perspective credentialing is a formalized process to ensure patients receive a certain standard of care based on previously determined guidelines. Its purpose is to assure insurance payers, government agencies, and patients that providers have met the training, licensure, and other qualifications necessary to provide care. From the provider perspective, it is an often-arduous multi-step process that is mandatory to legally provide care to patients and more importantly to get reimbursed from payers. For the purposes of this discussion, I am not even going to try to focus on processes for every type of provider. Instead, here I will focus on the most common provider types we deal with at North Florida Credentialing, which includes MD/DO’s and mid-level providers, mostly nurse practitioners and physician assistants.
I think the easiest way to understand the fundamental credentialing process is with a diagram. Which is what I have placed below:
The first step in the credentialing process is professional licensure. Obtaining a medical license from the board of medicine or board of nursing grants practitioners the rights to practice medicine within their scope of practice. For the purposes of this discussion, professional licensure should include any additional certifications such as specialty board certifications that providers have obtained. Usually during the credentialing process providers should expect to provide copies of all state licenses including state license numbers, any board certifications they have obtained and certificate numbers, along with dates of graduation and year of expiration.
Typically, providers and healthcare groups then acquire an NPI number. This is done through the National Plan and Provider Enumeration System (NPPES) run by CMS. An NPI number is a 10-digit numeric identifier used for all HIPAA standard administrative and financial transactions. HIPAA standard transactions include but are not limited to claim and encounter information, coordination of benefits and payments, referrals, and authorizations. An NPI number doesn’t change, regardless of name, address, taxonomy, or other administrative changes. Instead, any changes are updated within the NPPES website and applied to the NPI number to remain compliant.
For most providers, including physicians and mid-level providers, obtaining a DEA license is desirable. DEA numbers are mandatory for prescribing controlled substances and can be done really at any step along the path of credentialing. Additionally, providers who seek to treat patients with Buprenorphine will need to obtain an X-Waiver through SAMHSA. This process requires some additional training along with an application and review process.
Finally, the cornerstone of credentialing. CAQH is a centralized database intended to reduce the need to submit duplicative paperwork for providers applying to participate with other healthcare organizations. The theory at least is that providers will enter all relevant practice information in to one database. This allows healthcare plans, healthcare directories, and other administrative organizations to access providers information easily without the provider or group having to supply this information each time it is requested. While CAQH does cut out waste and redundancies, it requires that providers keep the information within it up to date. CAQH requires an attestation every 120 days and will force you to collect, upload, and update all information that expires within that 120-day timeframe. This includes malpractice information, licenses, and certifications. This can be a tremendous headache for providers and healthcare groups focusing on patient care and the daily administrative tasks of operation.
From here, the process branches indefinitely. In the diagram above I labeled this portion of the discussion as “private payers.” Once you get to this point the credentialing process is really decided by the needs of the provider or group based on their patient population, healthcare setting, and services offered. Some examples of this step may include contracting with Blue Cross Blue Shield or Aetna. The type of contract however will depend upon the services you intend to offer. The important thing to highlight here is that each payer will likely have their own 3rd party clearinghouse they work with for engagement. For example, Blue Cross Blue Shield may require you to go through Availty or United Healthcare may require the use of Optum. Hopefully, you can appreciate how quickly this can become an organizational nightmare if you are working with three, four, five or more payers. Updating a single document, date, or address can be quite the mystery tracking down where the problem actually exists. For example, if you needed to update an address associated with your group, you might need to determine if the problem is with NPPES, CAQH, Optum, or United Healthcare directly. Between doing this for every piece of information associated with a group for every provider and every payer plus keeping data sorted such as passwords, dates, and renewals it can be a significant strain on resources to manage credentialing.
Now, clearly the above information is rather broad and, the individual steps required to successfully navigate the process are in fact detailed. However, hopefully this introduction provides some clarity toward the expectations of the process. I will cover each aspect of the credentialing process in greater detail later.
