Keys to successful contracting and credentialing: honesty, questions, compliance

Contracting and credentialing are critical aspects when it comes to providers and payment. Insights and suggestions for avoiding missteps and getting the best agreement when it comes to contracting and credentialing were presented by Anna Whites and Nathan Moore, Compliance Officer at Premier Tox Laboratory, in a Health Care Compliance Association (HCCA) webinar on September 13, 2017.

Contracts

Whites defined a contract as an agreement that contains every aspect of what each party is required to do, noting that state and federal law outline contractual terms. Because different states have different laws, she recommended ensuring that the state law relied upon in the contract be the state where the individual or entity is located. She stressed the importance of reading the contract, understanding what it contains, and asking questions before signing. “Contract terms govern,” she said, and once the contract is signed, the parties can’t take the conditions back unless the contract provides for modifications as part of the terms. She also warned that the contract may require compliance with terms in other documents, for example, a provider manual.

  • Payor contracts. Provisions of payor contracts usually include services covered, provider types covered, frequency of services, and term and termination. Whites recommended providers pay close attention to these terms to ensure that they are able to meet the specifics of the provisions. Terms in payor contracts also address claims management. Providers should focus on the details of how, when, and where to submit a claim as well as how payment is made (electronically or paper), how medical necessity is defined, and how denials and appeals will be handled. In addition, providers must be aware of fee schedules included in the contract to ensure they know what they will be paid and if they are comfortable with the amount of the payment.
  • Provider contracts with health care entities. Provider contracts include the scope of services, reporting and oversight requirements, licensure and/or credentialing requirements, hours and payment, liability and insurance, and behavioral health carve-outs. Whites pointed out that when entering into a contract, parties must be aware of who is responsible for mistakes and whether tail coverage is provided. She recommended asking many questions about liability and obtaining coverage.
  • Entity provider contract with physicians and other staff. Under these contracts, the terms will include scope of services, who is in charge, who is liable, cost of services and whether the contract is with an employee or independent contractor. Providers need to determine whether employees or independent contractors are better for their organization.

In negotiations of contracts, there should be a discussion between the parties. The discussions should allow for changes and modifications. Parties should consider proposing pilots and new services. White highly recommended engaging an attorney to provide legal oversight of the contract and review the terms and provisions as well as the state and federal requirements.

Moore addressed the compliance oversight component in contracting and provided the following recommendations.

  • Ensure processes are in place to identify nonstardard terms or terms that would not be fulfilled in the organization in day to day operations.
  • Clarify any requirements that seem too rigorous prior to executing the contract.
  • Create awareness and make recommendations on how to fulfill any new requirements by coordinating with the appropriate department head.

Credentialing

Credentialing generally takes place when joining a new practice, becoming a participating provider, adding new providers to an existing group, updating information for carriers, and at the start of a new practice, Whites said. Credentialing involves collecting and verifying information about a provider’s professional qualifications, such as relevant training, licensure, certification and/or registration to practice in a health field, and academic background. Information collected before the process begins includes such documents as a copy of state licensure, a copy of board certification, proof of current malpractice coverage, a statement of disclosure of ownership and control interest statement, and a summary of any prior malpractice or disciplinary action. During the credentialing process, payors assess whether a provider meets certain criteria related to professional competence and conduct, Whites explained. Relevant factors may include location, cultural diversity, ability to speak other languages, treatment provided to children, availability, crisis training such as ability to provide care in emergency and address behavioral issues, and ability to refer and admit (to other hospitals or entities).

Whites recommended providers to be aware of specific degree requirements of the payor or network, state requirements regarding credentialing, and billing regulations that may limit reimbursable services to certain provider types. When permitted, Whites suggested submitting a resume. She also stressed that it is a provider’s right to: (1) request a status of the application, (2) review information that the payor used to deny or defer credentialing, and (3) correct any inconsistencies between the information obtained by the provider.

Credentialing issues

Whites and Moore identified issues and areas providers must be aware of to ensure that they are in compliance with requirements. Some of those areas include:

  • Cooperate in CMS audits and sites visits to ensure providers are properly enrolled, credentialed, and operating. Not cooperating may result in revocation of provider agreement.
  • Maintain compliance with payor requirements, good intentions are irrelevant to CMS.
  • Regularly review credentialing and licensing to ensure they are up to date.
  • Screen for excluded providers on available sources, prior to employment of individuals or contracting with vendors and maintain screening records for seven years. Develop a removal and notification process.
  • Ensure that providers are properly enrolled in Medicare and Medicaid enrollment systems.
  • Be aware of billing issues such as out-of-network denials, nonpayment for new provider types, and services that payors will not pay for because they were provided by a noncredentialed provider.
  • Ensure that providers are aware of coverage and payment rules regarding telemedicine.

Conclusion

Whites emphasized transparency and clarity in responses in contracting and credentialing. She stressed that providers must be honest because information is much more readily available to parties seeking it, for example, from the national databank. She noted that there are severe penalties for errors in credentialing and pointed out that CMS can exclude providers for multiple years. On the other hand, she said there are unintended negative consequences related to credentialing that arise from such things as not updating an address, not disclosing working with an excluded entity, and being responsible for a prior owner’s bad actions.

Kusserow on Compliance: Effective hotline programs

All healthcare organizations need confidential compliance communication channels. First and foremost among them is a hotline. By definition, all effective compliance programs should have a hotline. It is an important avenue of communication between employees and management, in that it permits employees to report sensitive matters outside the normal supervisory channels.  The reality is that developing and monitoring a hotline is a critical part of any effective compliance program. It provides an avenue of communication that permits employees to report sensitive matters outside the normal supervisory channels. The compliance officer bears the responsibility of constantly reviewing and improving the effectiveness of the hotline operation.  The US Sentencing Commission, the HHS Office of Inspector General (OIG), and Department of Justice (DOJ) all call for having a hotline, as well as other authorities, including the Sarbanes-Oxley Act for publicly traded companies and the federal courts in connection with unlawful harassment. Failure to establish positive internal compliance reporting channels often results in reporting externally to the OIG and DOJ from “whistleblowers.” The challenge is establishing effective internal compliance communication. Today, it is the exception to find organizations trying to manage a hotline function internally. The fact is that any advantage of internally operated hotlines is more than off-set by the disadvantages.

From a practical standpoint, it simply is not cost effective to operate a hotline 24/7 internally.  Even those that decide to operate and manage the function in house are confronted with a number of challenges—it is extremely inefficient, costly and seldom meets any minimum standards. Hotline numbers will need to be “backstopped” against tracing and all caller identification systems have to be blocked. People answering the calls in house should not be highly visible to the work force. Confidence comes from neither party being known to the other. Hotline vendors have the training and experience to handle complainants. Callers are generally nervous and afraid and knowing they are providing information to an outside party generally is reassuring. They always raise the question of whether anonymity is truly offered and whether employees will ever sufficiently trust calling an employee. It has become the standard practice for organizations to outsource their hotline to a vendor.  However, evaluating those providing the best service at the right price is a challenge. The following are questions that can be used to determine a properly qualified vendor. Those failing key tests should be avoided as they may prove to be a future liability.

 

Questions for hotline vendors

  1. Cost of Service. Does the vendor charge an established fixed rate or sliding rate based upon number of calls? Seek a fixed, not a variable rate, based upon number or time of calls. A good rule of thumb is that the cost of a hotline service should not exceed $1-3 per employee per year.

 

  1. Industry Focus. Can the vendor evidence having understanding and expertise of issues related to the health care industry? Failing to understand healthcare standards and regulatory matters limits the ability to properly debrief callers. Ask for a breakdown of the types of clients they serve by industries.

 

  1. Hours of Service. Does the vendor provide 24/7 service? If not, don’t use them.

 

  1. Call Centers. Does the vendor provide call services? If so, avoid them completely. Call centers provide outbound calls used to promote services and products. Others answer after hour services for businesses (doctors, plumbers, electricians, etc.) and relate messages to their clients. The people doing this are performing a clerical function and answering hotline calls requires more professional expertise. Furthermore, there is the risk of having calls interrupted by a call for some needing emergency service.

 

  1. Hotline Service Types. Does the vendor provide multiple levels of service for (a) receiving live operator calls and (b) a web-based reporting system that prompts individual complainants? One level alone is not enough.

 

  1. Avoiding Vendor Contract Traps. Does the contract permit cancellation at any time with a simple 30 day notice? If not, don’t use them. Staying with a vendor should be because of good service, not because of being locked into them by contract terms. If you have a current contract, check the termination clauses to see if cancelling a contract is cumbersome. If it is, ask to renegotiate the termination clause. If they decline, then take steps to follow termination procedures in the contract.

 

  1. Hotline Number. Does the vendor want to use their phone number? This is a common vendor trap to lock in users to their service. You advertise their number everywhere and to change would necessitate changing all the places you have advertise the number. Always use and own your own hotline number that can be pointed to a vendor.

 

  1. Language Translation. Does the vendor provide a language translation service to address non-English speakers?

 

  1. Check Vendor Background. What is the level of hotline experience among the ownership, management, and operation of the service?

 

  1. Length of Hotline Experience. How many years of experience can the vendor evidence in the management of hotline operations?

 

  1. Policies, Procedures, and Protocols. Does the vendor provide advice on developing operating protocols for following up an allegations and complaints received through the hotline?

 

  1. Business Associate Agreement (BAA). Does the vendor offer to sign a BAA to meet HIPAA protected health information (PHI) requirements for any patient related information received through the hotline? If they don’t know what that means, forget them.

 

  1. Timelines. Will the vendor agree to provide a full written report within one business day of receipt of the call and for urgent matters, immediate notification?

 

  1. Report Delivery Security. Does the vendor deliver call reports by the most secure means? It is critical to establish a secure call report submission process to a specific responsible party and to an alternate should the primary contact be unavailable? Any delivery of reports via fax or email lack necessary security. It is critical that reports are secured to protect those filing the report, as well as those who are subject of the report or mentioned in them. HIPAA PHI, proprietary and confidential data, and personnel information must be protected. Web-based reporting is the most secure with notification of a report being provided via email.

 

  1. Routine vs. Urgent Reporting. Does the vendor assist in establishing a process that alerts the primary contact to any urgent report received? A delay in reporting a serious issue could result in potential liabilities.

 

  1. Insurance. Does the vendor provide at least one to three million dollars liability coverage? If your vendor does not have this insurance, consider changing over to one that provides this assurance.

 

  1. Caller Contact Information. Does the vendor have procedures for providing callers with a means to call back without disclosing their identity?

 

  1. Personalized Service. Does the vendor provide the identity or identities of individuals available to respond to any issues or question that may arise, whether it relates to call reports, invoice issues, or providing general advice? Not having easy access to someone or having to go through a phone system moving you from one office to another before you find a stranger who may or may not be able to answer your questions can be frustrating. If possible, seek an identified accounts manager who will be responsible for any and all issues that arise under the contract.

 

  1. Training and Assistance. Does the vendor provide guidance on the best way to promote understanding of the hotline?

 

  1. Other Useful Benefits. Are there any other services or benefit provided under the contract? This would include such things as supporting policy and procedures for hotline management, poster templates, newsletters, etc. For smaller organizations, these benefits may exceed even the service fees paid to the vendor. Find out what they offer.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2017 Strategic Management Services, LLC. Published with permission.