Don’t Be Misled by the Hype: Credentialing — Important, but Difficult


HMOs may be trying harder, but PPOs seem less interested. Then there’s the whole issue of credentialing’s relationship to the licensure process.

Frank Diamond

Senior Editor

Nothing, it seems, upsets health plan officials and physicians more than health care anecdotes. Executives hate stories about HMOs; physicians hate stories about doctors. But there is one that both sides dislike: the one about the “rogue killer doctor.” This is the tale played up by television news magazines during sweeps month and in multipart series in newspapers angling for a Pulitzer. “Why is this doctor still allowed to practice medicine?” goes the teaser. Like the story that crops up every three years or so about how heavyset people can be beautiful models, the killer-doc story runs its course — but never goes away entirely. If you think it’s been overplayed, you are not alone.

“How many stories like that can we come up with in a year?” asks Thomas Morrow, M.D., vice president and medical director at One Health Plan of Georgia. Morrow knows the area. He sits on five different in-house credentialing committees — four health plan, one IPA. In addition, he has also worked as a surveyor for the NCQA. “Compare that one case of the rogue doctor to the more than 600,000 physicians who are out there practicing. There is a huge number of doctors, and these reports are few and far between. Sure, there are bad physicians, there’s no doubt about that, just as there are bad attorneys and bad judges and bad cops. Every field and discipline has bad guys.”

Thomas G. Goddard, J.D., M.A., senior director at CHPS Consulting, agrees, saying that “For the most part, HMO and, where used, PPO credentialing systems are successful at assuring that the bulk of the providers in their network are adequately credentialed and qualified to administer care to their members.”

Guy D’Andrea is a senior vice president at the American Accreditation HealthCare Commission (still primarily known by its original acronym, URAC, which stood for the Utilization Review Accreditation Commission). This not-for-profit organization has issued over 1,600 accreditation certificates to more than 300 managed care organizations.

D’Andrea points out that every system, no matter how well designed or implemented, is subject to error. “There’s no question that, occasionally, bad doctors slip through.”

He should know. His organization — which admittedly is biased toward seeing health care adopt one standard credentialing process, hopefully URAC’s — has tried to track where the slippage occurs.

Laws vary

According to URAC’s surveys of state managed care regulators and state medical boards, laws governing how to check physicians’ credentials vary considerably from state to state. In addition, the credentialing activities of physician licensure boards also differ.

URAC also found that verification for relicensure tends to be much less extensive than for initial licensure. In many states, there is no reverification of credentials during the relicensure process and little consensus on the right way to do credentialing.

Ask individual plans, and they’ll tell you that they do a fine job of credentialing physicians. However, there seems to be a search for improvement.

For instance, the Coalition for Affordable Quality Healthcare, made up of 24 of the nation’s largest health plans that cover about 100 million Americans, has recognized that credentialing has become too complicated. CAQH looking into creating one credentialing process for all members.

On this point, at least, the coalition finds itself in agreement with the American Medical Association.

“We are pleased that insurers recognize the incredible administrative burdens placed on physicians who participate in multiple health plans and must adhere to varying requirements from numerous insurers,” Randolph D. Smoak Jr., M.D., the AMA’s president, said in a statement. “Physicians will particularly benefit from a single credentialing process and from easily accessible formulary databases.”

Less time for credentialing means more time for patients, Smoak added.

This does not mean physicians and plans will march in lock step toward a new credentialing environment. Between the two sides there is no love lost. Consider this caveat to Smoak’s words: “The AMA statement conveys very specific and limited praise only in reference to CAQH’s attempts at limiting the administrative hassles faced by physicians and patients,” an AMA spokesman said. “Our limited praise should not be mistaken for broad approval of the other issues raised in the CAQH report.”

However, the CAQH report does underscore that health plans are much more serious about credentialing these days.

“Primarily because of accreditation requirements and also because of the increased interest in liability against managed care plans,” says James Doherty Jr., J.D., a former counsel for a Medicaid HMO, who now teaches managed care law at the University of Maryland. “If someone can show that you negligently credentialed — you didn’t check references when you said you would, and therefore someone got hurt — it makes it much easier to make a case. In my MCO, we had our liability carrier come in, and one of the things that he was concerned about was the credentialing program.”

You would think that physicians, for their part, would be very concerned about an issue that is crucial to their income and reputations. Nevertheless, Morrow says that physicians commonly report to credentialing committees that they did not defend themselves in front of state medical boards.

“They tell us that they took the sanction, such as ‘You must attend classes’ or something like that, without really putting forth a good legal defense, because they don’t really want to spend $20,000 or $30,000 over something that really isn’t going to impact their ability to practice medicine that much,” he says.

Poor licensing procedures

The licensure process as practiced by state medical boards, rather than the credentialing process implemented by HMOs and hospitals, is really to blame for allowing incompetent physicians to practice, many experts contend.

Says Doherty: “For example, with my Medicaid MCO, the state was very aggressive about saying, ‘You’ve got to have a good credentialing program; we’re going to survey you’ and all of that, and one of my executives actually looked at the state official and said, ‘You’re the guys who are issuing the licenses, so what you’re telling me is that there are bad docs who are falling through the cracks of the licensure process and you want me to catch them in the secondary safety net of credentialing.’ So there was some tension there. There are some criticisms of the state licensure boards that the system means doctors policing themselves. The same thing is true of attorneys and anybody else, but when you’re policing yourself, you’re not as aggressive as you should be.”

Morrow points out that HMO officials do consider licensing “one of the major ways of tracking bad physicians,” but there may be a danger in relying too much on the state medical boards.

“We at the health plan level routinely scour the medical board action reports,” says Morrow, “but the fact is that if the board allows a doctor to continue with his license, that’s tantamount to saying that he’s probably OK, given the controls that are on the system.”

Morrow is also wary of the idea that any physician sanctioned by a state medical board would then be reviewed by one entity –NCQA or URAC, for example — and that the organization’s decision would then be binding on all the HMOs that the physician works with.

“The ultimate judge of the ability of somebody to practice is the medical board,” says Morrow. “If the board has said, ‘Your infraction was bad, but it was not egregious enough for us to terminate your license,’ then what standard are we holding the physician to?”

There is also the question of where the information that is used to judge physicians comes from.

“The old rule of ‘garbage in, garbage out’ applies, and the wide variety of sources from which managed care organizations obtain the information that underlies the credentialing process have different levels of reliability and currency,” says Goddard.

The tool that’s often mentioned as the best way for health care organizations to weed out bad physicians is the National Practitioner Data Bank, created by Congress and launched in 1990. It has collected more than 227,000 reports on malpractice judgments and disciplinary actions, including state medical board sanctions.

Morrow says that One Health Plan of Georgia routinely checks the data bank for information on current physicians at the time of recredentialing, and on potential contracted physicians prior to accepting them into the network.

Only hospitals and insurers have access, but consumer groups want the data bank to be available to patients as well. This impulse may arise from the notion, gaining prevalence, that no one cares about your health more than you do. That HMOs and hospitals have the information on rogue physicians might not be enough to satisfy today’s consumer that that information will be put to good use.

The data bank is not foolproof, however — a point the AMA has been making all along and that seems to have gotten some support from a General Accounting Office report issued late last year.

Thomas R. Reardon, M.D., the AMA’s immediate past president, explains that the GAO says the data bank is “riddled with duplicate entries, inaccurate data, and incomplete and inappropriate information. In addition, many of the medical malpractice citations name the patient as well as the practitioner — raising a serious red flag regarding patient privacy.”

The AMA likes how information is collected and stored on the Federation of State Medical Boards website, with Reardon saying that the states are “far ahead of the National Practitioner Data Bank in collecting and disseminating useful information.”

As already noted, though, URAC’s surveys have cast some doubt on the ability of the state medical boards to monitor credentials.

In addition, even if the AMA’s concerns about the national data bank are addressed, there would still be ways in which rogue physicians could slip through. They could, for instance, hide behind lawsuits launched against institutions.

“When a facility gets sued, it tries not to have the doctor named; it tries to get that out of there,” says Doherty. He says a hospital must report a settlement for negligence under its own name to the data bank — regardless of which doctor was responsible.

“A lot of times, they try to get the docs out of the lawsuit as soon as possible, so that the hospital is the settling party, in order to shield their staff docs from excessive data bank reports,” says Doherty. “The government is kind of alarmed at the low level of data bank reporting by hospitals, but in my experience, hospitals do some back flips to try to protect their on-staff docs.”

Morrow adds: “It’s really tough to hide. The exception is when there’s a joint lawsuit — in other words, where the institution is sued and you are part of the suit but you are not named individually. At that point, you can hide from it. If you’re working for the institution and you’re not individually named, sometimes there is some debate over what should or shouldn’t be put into a data bank.”

PPO problems

As Goddard indicated — when he mentioned PPO credentialing “where used” — the issue may not be so important with HMOs as it is with PPOs.

“One of the more interesting policy issues in managed care is whether to require credentialing and active quality improvement programs of PPOs,” he says. “This question is made more complex by the fact that the term ‘PPO’ covers an incredibly diverse group of managed care organizations, from very loosely structured discounted fee-for-service networks to highly structured plans that resemble HMOs in many respects.”

URAC’s D’Andrea points out that more Americans are enrolled in PPOs than in HMOs and that those PPOs, in many cases, direct patients to specific providers. “However, PPOs are fundamentally different from HMOs in some ways,” he says. “Very large PPO networks typically don’t do as much in terms of credentialing, but that’s because they’re not trying to influence quality in the same way as HMOs. A credentialing system that works for HMOs may not necessarily be appropriate for PPOs. That debate hasn’t been resolved.”

Of course, if an HMO or hospital really, really wants to do a thorough background check on a physician, it can — for a price.

“Because managed care organizations are often under pressure and are scrutinized about how they spend dollars, any dollar that is not spent on direct patient care is a dollar that they’re often criticized for not spending on care,” says D’Andrea. “It’s possible to devise a super-rigorous credentialing program. The question that raises is, would the benefit justify the cost?”

Recipe for credentialing

All systems are subject to failure, yet following certain guidelines for credentialing should make it extremely difficult for incompetent physicians to practice for your HMO.

Thomas G. Goddard, J.D., senior director at CHPS Consulting, says that there is broad agreement as to the elements of a good credentialing system that are embodied in accreditation standards and state laws. They are:

  • a written credentialing plan,
  • clinical leadership of the credentialing program,
  • an effective credentialing committee (with at least some participation from nonemployee participating providers) that is active, keeps good minutes, and accesses appropriate clinical peer input when discussing standards of care for a particular type of provider,
  • a connection between the credentialing process and the network’s provider selection criteria,
  • a requirement of certain minimal information to be submitted by applicants (e.g., current DEA certificate or state controlled substance license, proof of liability insurance, history of sanctions, and professional liability claims history),
  • a verification process of such elements of the application as state licensure status, board certification and/or highest level of training or education completed by the practitioner, hospital privileges, and professional liability claims history,
  • a process to assure that credentialing information is complete before submission to the committee,
  • mechanisms to communicate with providers about their credentialing status and to allow providers to submit additional or corrective information,
  • biennial recredentialing, and
  • a thorough mechanism for oversight of delegated (or contracted) credentialing activities, including onsite visits, periodic status reports, and written agreements with the contractors.