iceforhealth.org1.a... · web viewthis tool has been broken into the sections of the...

Shared CredentialingAudit Training Tool

2019 2020 Standards

This tool has been broken into the sections of the Credentialing and Recredentialing Shared Audit Tool. Each section describes in detail how to complete the 2019 2020 Shared Credentialing Audit Tool. For comprehensive interpretation of the standards, refer to the 2019 2020 NCQA Standards, Medicare Managed Care Manual (CMS), Department of Healthcare Services (DHCS) and Department of Managed Health Care (DMHC).

Shared Credentialing Audit Training Tool – 20192020

Audit scope is limited if Provider Organization holds an NCQA status. See section: ICE Audit Process for Organizations Certified or Accredited by NCQA. For Provider Organizations holding CVO Certification or using an NCQA Certified CVO, the file review portion is limited in scope to timeliness.

20192020_SA_Training Tool_01_2019 2


Audit Summary Report

Health Plan Audit DemographicsName of Plan

Auditor: Name of Plan

Performing Audit:

Auditor E-mail: Auditor Phone #: NCQA Accreditation

Expiration Date

Provider Organization (PO) Audit DemographicsPO Name: Audit Address:

PO’s MSO: City/State/Zip: PO’s Contact:

Contact Phone #: Contact E-mail: PO’s Medical

Director: Medical Director

E-mail:

Audit Date: NCQA

CertificationType:

Credentialing Certification (CR)

Other: ______________

Certified Entity PO MSO

ExpirationDate:

File Selection Methodology:

8/30 5% or 50, minimum 10/10 Other (add comment)

Comments:

Time frame of file selection (mm/yy –

mm/yy):

Audit via Onsite or Desktop

Secondary or additional PO names: Auditor Guidelines

NAME OF PLAN AUDITOR Name of person performing audit

NAME OF PLAN PERFORMING AUDIT Health Plan performing audit

AUDITOR E - MAIL E-mail of Health Plan auditor who conducted the audit

AUDITOR PHONE # Phone number of Health Plan auditor who conducted the audit

NCQA ACCREDITATION EXPIRATION DATE NCQA accreditation expiration date

PO NAME Name of PO being audited, not MSO



PO’S AUDIT ADDRESS The location where the audit took place/POs address

PO’S MSO Input one of the following MSO Name Same as PO, or N/A

PO’S CONTACT PO’s credentialing contact

CONTACT PHONE PO’s credentialing contact’s phone number

CONTACT E-MAIL ADDRESS PO’s credentialing contact’s e-mail address

MEDICAL DIRECTOR PO’s Medical Director’s Name

MEDICAL DIRECTOR E-MAIL ADDRESS PO’s Medical Director’s e-mail address

AUDIT DATE Date audit performed

NCQA CERTIFICATION TYPE Specify Certification type and specify if the PO or if the MSO is certified

EXPIRATION DATE

PO Certification Expiration Date

FILE SELECTION METHODOLOGY

8/30 or 5% or 50, minimum 10/10Other (add comment)

COMMENT SECTION Input the detail of the file review (e.g., if the PO does not have 30 files to pull, etc.) If a MSO is owned by a PO or vice versa, this is not delegation and must be documented in the comments.

TIME FRAME OF FILE SELECTION 1 year (mm/yy – mm/yy)

SECONDARY OR ADDITIONAL PO NAMES

Add additional PO names/sites for clarity (if POs share the same Credentialing Committee).

If there are separate Committee’s, post separate results.When entering into the document more than one secondary name,List one PO per line with a return in between each name.Example: ABC XYZ Group

If the groups share the same committee, but have different organizational providers or different delegation agreements, a separate audit must be posted.



Introduction

The following guidelines are established for both NCQA accredited and non-accredited provider organizations (PO).

For PO groups that have not obtained an NCQA status, all CR elements are applicable.

Note: PO organizations may obtain NCQA CR Accreditation (previously referred to as CR Certification), NCQA Health Plan (HP) Accreditation or NCQA Credentials Verification Organization (CVO) Certified. If PO group is a certified CVO or utilizes a certified CVO, all elements still apply but allowances are granted under CR 3 and CR 5 (see sections for more details). Auditors will utilize the ICE Shared Audit Tool or the ICE Accredited Shared Audit Tool, as applicable

to document the data collected during the review that is then scored by ICE participating health plans. Audits may be performed on-site or desk-top.

Definitions

Annual Audit - An oversight assessment completed within (12) months from the previous audit date with a 2-month grace period allowance. [Note: All audits must be completed within 12-months unless preapprovevd by all ICE health plan participants.]

Auto-Credit - Credit given to elements that have been audited by a previous accreditation authority and meets industry compliance. Those elements will not be subjected to oversight.

Audit Date – The date of the file review.

CMS – Centers for Medicaid and Medicare services.

Credentials Committee Minutes – A document from a peer review committee which includes thorough discussion of credentialing files, decisions/recommendations and follow-up of issues.

Credentials Verification Organization (CVO) – An organization that conducts primary-source verification of practitioner credentials for other organizations. An organization may obtain the following certifications under NCQA CVO status: licensure, DEA or CDS certification, education and training, work history, malpractice history, medical board sanctions, Medicare/Medicaid sanctions, processing application and attestation content and ongoing monitoring of sanctions (license and Medicare/Medicaid).

Exit Interview – Auditor discussion of audit results with delegate via phone, email or in person.

Factor – A scored item in an element.

Look-back period – Is the date range used for pulling files for a review. ICE uses as 12 month look-back period, e.g., 08/2019 – 07/2020.

Management Service Organization (MSO) – an entity that, under contract, provides services such as a facility, equipment, staffing, contract negotiation, administration, and marketing.

National Committee for Quality Assurance (NCQA) - Is a private, 501(c)(3) not-for-profit organization dedicated to improving health care quality.



NCQA File Methodology – See CR 3 for more detail.

NCQA CR Accredidation – A provider organization that has achieved an NCQA accreditation in credentialing would receive auto-credit for certain standards of credentialing, see guidelines (CMS, Medicaid or state requirements are not included in auto-credit). NCQA CVO Certification – An organization that has been certified by NCQA to collect primary source verifications. An organization that has obtained this certification will still need to have a full file/policy review but does not need to be evaluated on actual verification documentation but on the current and timely verifications.

NCQA Health Plan Accreditation – A health plan organization that has achieved NCQA accreditation and would receive auto-credit for credentialing. An organization that has obtained this accreditation will still need to have a file/policy review for CMS, Workers’ Compensation or state requirements.

Organizational Providers (OP) Credentialing (or referred to as facilities and HDO’s) – Credentialing of facilities including hospitals, home health agencies, skilled nursing facilities & rehabilitation facilities, etc.

Pre-Assessment – Evaluation of a potential delegate’s credentialing program prior to executing a delegated agreement.

Shared Audit Process – A process by which one accredited health plan conducts an oversight audit of a provider group and shares the audit results with other participating health plans to reduce the amount of audits conducted.

Sub-delegation – Occurs when a group has delegated certain activities to in turn uses another entity to complete some of its delegated activities. [Note: Using a vendor for ongoing monitoring of sanctions is not considered delegation by NCQA.]

Timeliness – A term used when auditing file elements to confirm they are within 180-calendar days of credentials committee decision.

ICE Audit Process for all Organizations

The auditor will send out the pre-posting letter requesting document submission. The auditor will obtain a full spreadsheet of all credentialed practitioners. The spreadsheet obtained

must be a full practitioner listing to determine appropriate methodology and not health plan specific to ensure the sampling is appropriate for all health plans.

o At a minimum, spreadsheet must include the following:

Name Degree Role (PCP/SPEC) Specialty Status (Cred/Recred) Current Cred Date (and Previous for Recred) Optional: Board certification status

The spreadsheet obtained must be a full roster to determine appropriate methodology. It should not be health plan specific to ensure the sampling is appropriate for all health plans.

o The auditor will request files based on file methodology: Using the NCQA 8/30 file methodology the auditor will select 30 initial and 30

recredential files for the specified audit time period. The first 10 initial and 10



recredential files from the PO will need to be submitted for the audit. Additional files will be requested if there is a deficiency within the first 8 elements or additional elements are required for the review.

If using the 5 percent or 50 of its files, whichever is less, at a minimum, the sample must include at least 10 credentialing files and 10 recredentialing files that were processed since the last annual audit to ensure information is appropriately verified. If fewer than 10 practitioners were credentialed or recredentialed within the look-back period, the organization must audit all of those files. [This method may be used for PO’s that credentialed and recredentialed up to 400 providers in the 12 month look-back. 5% of 400 = 20 or 10 credentialing and 10 recredentialing files. If the volume of files credentialed/recredentialed in the 12 month look-back period was greater than 400 the 8/30 methodology should be used.]

PO submits copies of the following policies and procedures and other non-file elements.

(CR 1.A.) Practitioner Credentialing Guidelines

(CR 1.B.) Practitioner Rights

(CR 1.C.) Credentialing System Controls

(CR 1.D) Performance Monitoring for Recredentialing (CMS/DHCS)

(CR 1.E) Contracts - Opt-Out Provisions (Medicare Opt-Out Policy) (CMS/TRICARE)

(CR 1.F) Medicare Exclusion/Sanction Policy (CMS/TRICARE/DHCS)

(CR 2) Credentialing Committee [Auto-Credit – see NCQA Accredited PO section]- Policy and minute evidence

(SV .A.) Practitioner Office Site Quality, if applicable (CMS/DHCS)

(SV .B.) Practitioner Office Site Quality, if applicable (CMS/DHCS)

(CR 5) Ongoing Monitoring of Sanctions, Complaints and Adverse Events [Auto-Credit – see NCQA Accredited PO section]- Policy and ongoing monitoring evidence

(CR 5.B) Monitoring Medicare Opt-Out Reports (CMS)- Policy and ongoing monitoring evidence

(CR 5.C) Monitoring Medi-Cal Suspended and Ineligible Provider Reports (DHCS)- Review the first sheet of the report or other method utilized by the PO, which includes the staff

signature and date for each monthly report during the auditing period (1yr)

(CR 6.A.) Notification to Authorities and Practitioner Appeal Rights- Review Policy and procedures for Factors 1-2.



- Review Policy and Procedures filing for 805 and 805.01 Reports to the Medical Board.

(CR 6.) Fair Hearing Panel Composition (CMS)- The policy must indicate that the majority of the hearing panel members are peers of the affected

practitioner.

(CR 7.A-E) Assessment of Organizational Providers - Auto-credit given if CR Accredited after 7/01/2018.

(CR 7.B) Medical Providers for Medicare (CMS)- The PO’s policy and procedures must address the 10 additional Medicare Providers and Suppliers

(CR 7.D) Assessment of Medical Providers (CMS) - Review OP Tracking Log/Spreadsheet or Files reviewed/approved during the audit period.

(CR 7.F) Accreditation/Certification of Free Standing Surgical Centers (FSSC)- Review evidence of Medicare certification/participation letter for FSSC that are not accredited with

AAAHC, TJC, and AAAASF.- OP Tracking Log/Spreadsheet with Medicare Number is an acceptable method.

(CR 8.A.1-6) Delegation Agreement

(CR 8.A) Delegation Agreement (DHCS)

(CR 8.A) Written Delegation Agreement (CMS)

(CR 8.C.1-4) Review of Delegate’s Credentialing Activities, as applicable

(CR 8.D) Opportunities

(CA 9.A) Written Process for Identification of HIV/AIDS Specialists (DMHC/DHCS)

(CA 9.B) Evidence of Implementation (DMHC/DHCS)

(CA 9.C) Distribution of Findings (DMHC/DHCS)

PO submits the following file information:File Review

Review sections CR 3 / R 3 / CMS 3 / CR 4 for information on the file elements under initial and recredentialing that should be submitted for review by auditing Health Plan. See also Desk Audit Process document.

o Additional files should be requested, when following the 8/30 rule, if there is a deficiency or additional elements are required for the review. Note: If any element is deficient, or is N/A during the first 8 files reviewed, additional files for those elements will need to be reviewed. There must be (8) file elements reviewed for each factor. For example, if auditing credentialing files and the 7th file is N/A for board certification, auditor must also review board certification from file 9, 10, etc., as applicable, until (8) are scored for board certification. If the 2nd file is scored as “0” for license verification, then all remaining files of the (30) must be reviewed for this element.



ICE Audit Process for Organizations Certified (POC) or Accredited by NCQA (CR )

The following elements are not part of the NCQA Accreditation review or are not eligible for automatic credit and must be reviewed as part of the delegation oversight process.

Auditors must review CR 1 and CR 6 and CR 8, if applicable, for all Certified or Accredited PO’s Score CR 7 (only if accredited prior to 7/2018) and 8 as applicable, N/A if no OP Contracts or Delegation. This audit can be conducted on-site or as a desk-top audit.


The auditor will obtain a spreadsheet of all credentialed practitioners from the PO and select 30 initial and 30 recredential files for the specified audit time period, using the NCQA 8/30 file methodology. The auditor will also obtain a spreadsheet of all Organizational Providers if applicable for the review.

o The auditor will request 10 initial and 10 recredential files from the PO for the audit. Additional files will be requested if there is a deficiency within the first 8 elements or additional elements are required for the review.

OR

The auditor may also use the 5 percent or 50 files, whichever is less, to ensure that information is appropriately verified. At a minimum, the sample must include at least 10 credentialing files and 10 recredentialing files that were processed since the last annual audit. If fewer than 10 practitioners were credentialed or recredentialed within the look-back period, the organization must audit all of those files. [This method may be used for PO’s who credentialed and recredentialed up to 400 providers in the 12 month look-back. 5% of 400 = 20 or 10 credentialing and 10 recredentialing files. If the volume of files credentialed/recredentialed in the 12 month look-back period was greater than 400 the 8/30 methodology should be used.]

o The spreadsheet obtained must be a full practitioner listing to determine appropriate methodology and not health plan specific to ensure the sampling is appropriate for all health plans.

For POs with Medicare; auditors will need to review timeliness for DEAs, Work History and Attestation Questions. [180 days]

Review CR 3, R 3, CMS for information on the file elements under initial and recredentialing that should be submitted that do not receive auto-credit (CMS, State, MediCal) See tool.

PO submits the following additional information:

(SV.A. 1-5) Practitioner Office Site Quality (CMS/DHCS)o Review policies for Elements 1-5.

(SV.B. 1-5) Practitioner Office Site Quality (CMS/DHCS)o Review the evidence.

CR 5 Ongoing Monitoring Evidence



For POs participating with Medicare, MediCal auditors will review evidence as outlined in document.

(CR 6.B) Fair Hearing Panel Composition (CMS)

( CR 7) Organizational Providers, if applicable (only required if prior to 7/2018 Accreditation)

( CR 8) Delegation of CR, if applicable

This audit can be conducted on-site or as a desk-top audit. Score Elements 7 and 8 as applicable, NA if no OP Contracts or Delegation. Auditors must review CR 1 and CR 6 for all Certified or Accredited PO’s

The following elements are not part of the NCQA Certification/Accreditation review or are not eligible for automatic credit and must be reviewed as part of the delegation oversight process.Auditors must review CR 1 and CR 6 for all Certified or Accredited PO’s

PO submits copies of the following policies and procedures and other non-file elements. (CR 1.A.1-10) Practitioner Credentialing Guidelines

- Review Policy and Procedures for Factors 1-10

(CR 1.B.1-3) Practitioner Rights- Review Policy and Procedures for Factors 1-3

(CR 1.C) Performance Monitoring for Recredentialing (CMS/DHCS)- The policy must indicate that the PO’s recredentialing policy and procedure, requires review of

information from quality improvement activities and member complaints in the recredentialing decision making process for all practitioners.

(CR 1.D) Contracts - Opt-Out Provisions (Medicare Opt-Out Policy)(CMS/TRICARE)- The policy must indicate that the PO does not employ or contract with practitioners who have opted

out of participation in the Medicare program and includes the verification source used to conduct the Medicare Opt-Out verification.

(CR 1.E) Medicare Exclusion/Sanction Policy (CMS/TRICARE/DHCS)- The policy must indicate that the PO does not employ or contract with practitioners who

have been excluded or sanctioned from participating in Medicare and includes the verification source used to conduct the Medicare sanction verification.

(CR 5.B) Monitoring Medicare Opt-Out Reports (CMS)- Review the first sheet of the report which includes the staff signature and date for each report

during the auditing period (1yr)

(CR 5.C) Monitoring Medi-Cal Suspended and Ineligible Provider Reports (DHCS)- Review the first sheet of the report or other method utilized by the PO, which includes the staff

signature and date for each monthly report during the auditing period (1yr)

20192020_SA_Training Tool_01_2019 10


(CR 6.A.1) Actions Against Practitioners- Review Policy and procedures for Factors 1.

- Review Policy and Procedures filing for 805 and 805.01 Reports to the Medical Board.

(CR 6.A.2) Making the appeal process known

(CR 6.B) Fair Hearing Panel Composition (CMS)- The policy must indicate that the majority of the hearing panel members are peers of the affected

practitioner.

(CR 7.A-E) Assessment of Organizational Providers - After 7/1/18 PO may obtain CR Accreditation and auto credit is available for CR 7. Verify the date

of Certification or Accreditation to determine which is applicable.Auditor must review all elements for CR 8. Auto credit cannot be given as it is no longer reviewed under the scope of certification. After 7/1/18 PO may obtain CR Accreditation and auto credit is available for CR 7. Verify the date of Certification or Accreditation to determine which is applicable.

(CR 7.B) Medical Providers for Medicare (CMS)- The PO’s policy and procedures must address the 10 additional Medicare Providers and Suppliers

(CR 7.D) Assessment of Medical Providers (CMS) - Review OP Tracking Log/Spreadsheet or Files reviewed/approved during the audit period.

(CR 7.F) Accreditation/Certification of Free Standing Surgical Centers (FSSC)- Review evidence of Medicare certification/participation letter for FSSC that are not accredited with

AAAHC, TJC, and AAAASF.- OP Tracking Log/Spreadsheet with Medicare Number is an acceptable method.

(CR 8.A.1-6) Delegation Agreement - Review agreement(s) between PO and Sub-delegate for all applicable factors

(CR 8.A) Delegation Agreement (DHCS)- The written delegation agreement requires at least quarterly reporting.

(CR 8.A) Written Delegation Agreement (CMS) - The PO’s delegation agreement must include a statement requiring the delegate to adhere to

MA/CMS requirements.

(CR 8.C.1-4) Review of Delegate’s Credentialing Activities, as applicable- Review evidence that the POs review included an annual review of the sub-delegates policy

and procedures- Review evidence that the POs review included an annual file review of the sub-delegate- Review evidence that the POs review of an evaluation of the sub-delegates performance

against NCQA standards for delegated activities.- Review evidence that the POs received and evaluated regular reports at least semi-annually.

(For delegates contracted for Medi-Cal reports are due quarterly.

(CR 8.D) Opportunities- Review evidence that the PO followed up on any corrective actions.

(CA 9.A) Written Process for Identification of HIV/AIDS Specialists (DMHC/DHCS)- Policy must indicate annual review.

20192020_SA_Training Tool_01_2019 11


(CA 9.B) Evidence of Implementation (DMHC/DHCS)- Review current and prior year screening documentation to support annual screening.

(CA 9.C) Distribution of Findings (DMHC/DHCS)- Review evidence of notifying the department responsible for authorizing standing referrals (e-mails,

memo).


Review the following information for the 10 initial and 10 recredential files selected by the Health Plan.

Additional files will be requested if there is a deficiency or additional elements are required for the review.

Initial Credentialing – Review the checklist and the following documentation for each initial file: [1.] (CR C3.A.2) A valid DEA/CDS certificate – Verification conducted within 180 calendar days of Credentialing

Committee decision (CMS) [2.] (CR C3.A.5) Work History - Verification conducted within 180 calendar days of Credentialing Committee

decision.[3.] (CR C3.B.3) Medicare and Medicaid sanctions (CMS/TRICARE/DHCS)

- Review OIG verification. Date of query and staff initials must be evident on checklist or report must be in file.

[4.] (CR C3.B.4) Medi-Cal Sanctions (DHCS) - Review of the Suspended and Ineligible Report. Date of query and staff initials must be evident on

checklist or report must be in file. [5.] (CR C3.C.1-6) Application and Attestation (CMS) - Verification of questions completed and attestation

signed within 180 calendar days of Credentialing Committee decisions [6.] (CR C3.D) Hospital admitting privileges (CMS/DMHC/DHCS), if applicable, otherwise send documentation

of coverage (primary source is not required)[7.] (CR C3.E) Medicare Opt-Out review (CMS/TRICARE)

- Review evidence via checklist or other documentation that indicates review of information from the most recent CMS.gov Opt-Out sites.

Recredentialing – Review the checklist and the following documentation for each recredential file:[1.] (CR R3.A.2) A valid DEA/CDS certificate – Verification conducted within 180 calendar days of Credentialing

Committee decisions (CMS) [2.] (CR R3.B.3) Medicare and Medicaid sanctions (CMS/TRICARE/DHCS)

- Review OIG verification. Date of query and staff initials must be evident on checklist or report must be in file. (CMS)

[3] (CR R3.B.4) Medi-Cal Sanctions (DHCS) - Review of the Suspended and Ineligible Report. Date of query and staff initials must be evident on

checklist or report must be in file. [4.] (CR R3.C.1-6) Application and Attestation (CMS) - Verification of questions completed and attestation

signed within 180 calendar days of Credentialing Committee decisions (CMS)

20192020_SA_Training Tool_01_2019 12


[5.] (CR R3.D) Hospital admitting privileges (CMS/DMHC/DHCS), if applicable, otherwise send documentation of coverage (primary source is not required)

[6.] (CR R3.E) Medicare Opt-Out review (CMS/TRICARE)- Review evidence via checklist or other documentation that indicates review of information from the most

recent CMS.gov Opt-Out sites.[7.] (CR R3.F) Review of Performance Information – Must include QI Activities and Grievance/Complaints

(CMS/DHCS)- Review evidence of documentation – Check List, Reports, Form/sheet detailing the PO’s findings.

20192020_SA_Training Tool_01_2019 13


Auditors must review CR 1 for ALL POs. No Auto-Credit.all Certified or Accredited PO’s

CR 1: Credentialing Policies

Element A: Practitioner Credentialing Guidelines

The organization Specifies:

1. The types of practitioners it credentials and recredentials

2. The verification sources it uses The policy must describe the sources used to verify credentialing information of each of the

following criterion:- State License to Practice- DEA Registration- Education and Training- Board Certification- Work History- Malpractice Claims History- Current Malpractice Insurance Coverage- Hospital Admitting Privileges- State Sanctions and Restrictions on Licensure and Limitation on Scope of Practice.- Medicare/Medicaid Sanctions

If one verification source is missing, then this factor is non-compliant. Pencils are not an acceptable writing instrument for credentialing documentation.

3. The criteria for credentialing and recredentialing Policies must define the criteria required to reach a credentialing decision and must be designed

to assess the practitioner’s ability to deliver care. Examples of criteria:

- A current and valid, unencumbered license to practice medicine in his/her state of practice- Appropriate malpractice claims history- Must not have engaged in any unprofessional conduct or unacceptable business practices- Absence of sanctions or restrictions on licensure- Current and valid DEA to practice in CA- Absence of use of illegal drugs- Absence of criminal history

4. The process for making credentialing and recredentialing decisions Policies must define the process used and the criteria required to reach credentialing decisions

that are designed to assess the practitioner’s ability to deliver care. At a minimum, the Credentialing Committee must receive and review the credentials of

practitioners who do not meet the PO’s established criteria Policy must identify what is considered acceptable to be determined as a clean file, if the PO

utilized a clean file process.

20192020_SA_Training Tool_01_2019 14


5. The process for managing credentialing files that meet the organization's established criteria The PO’s policies and procedures must describe the process used to determine and approve

clean files. They must identify the Medical Director or equally qualified practitioner as the individual with the authority to determine that a file is “clean” and to sign off on it as complete, clean and approved. If the PO identifies an equally qualified practitioner to review the clean files, the practitioner must be responsible for oversight of the credentialing process.

- If the Medical Director or equally qualified practitioner signs off on clean files, the sign-off date is the Committee date.

- If the PO decides not to use the Medical Director or equally qualified practitioner, the PO can continue to send “clean files” to the Credentials Committee.

6. The process for requiring that credentialing and recredentialing are conducted in a nondiscriminatory manner Policies must explicitly state that credentialing and recredentialing decisions are not based

solely on an applicant’s race, ethnic/national identity, gender, age, sexual orientation or patient type in which the practitioner specializes and describe the steps for monitoring and preventing discriminatory practices during the credentialing/recredentialing processes.

The PO’s procedures for monitoring and preventing discriminatory credentialing decisions may include, but are not limited to: periodic audits of practitioner complaints to determine if there are complaints alleging discrimination; maintaining a heterogeneous Credentialing Committee membership and requiring those responsible for credentialing decisions to sign an affirmative statement to make decisions in a non-discriminatory manner.

Monitoring involves tracking and identifying discrimination in credentialing and recredentialing processes. Policy must indicate that monitoring is to be conducted at least annually.

Examples for monitoring for discriminatory practices:- Having a process for performing periodic audits of credentialing files (in-process, denied

and approved files)- Having a process for performing annual audits of practitioner complaints about possible

discrimination. (Can be reviewed and discussed during quarterly or semi-annual review of complaints)

Preventing involves taking proactive steps to protect against discrimination occurring in the credentialing and recredentialing processes.

Examples for preventing discriminatory practices:- Maintaining a heterogeneous credentialing committee and requiring those responsible

for credentialing decisions to sign a statement affirming that they do not discriminate.- Timeframe for prevention: None. Only review policy, committee members can attest

annually or at each meeting. The above information is intended to provide examples of how to ensure the nondiscriminatory

credentialing process. The auditor will be looking for a description in the credentialing policies and procedures of how the PO ensures credentialing and recredentialing are conducted in a nondiscriminatory manner. An auditor is not required to look for evidence of implementation of this process.

7. The process for notifying practitioners if information obtained during the organization's credentialing process varies substantially from the information they provided to the organization Policies must describe the process for notifying practitioners. A statement that practitioners are

20192020_SA_Training Tool_01_2019 15


notified of discrepancies does not meet the requirement.

8. The process for notifying practitioners the credentialing and recredentialing decision within 60 calendar days of the credentialing cCommittee's decision The PO is not required to notify practitioners regarding recredentialing approvals, but must have

a process for notifying practitioners of initial credentialing decisions (approvals/denials) and recredentialing denials.

9. The Medical Director or other designated physician's direct responsibility and participation in the credentialing program

10. The process for securing the confidentiality of all information obtained in the credentialing process, except as otherwise provided by law The PO’s credentialing policies and procedures must clearly state the information obtained in

the credentialing process is confidential. The organization must also describe the mechanisms in effect to ensure confidentiality of

information collected.procedures it uses to keep this information confidential.11. This number is reserved to maintain consistency with NCQA standards. Do not measure.

Note: Policies & procedures pending approval from the Credentialing Committee at the time of the audit will be scored non-compliant for those elements that are not current at the time of the audit. Note in comments.

Element B: Practitioner RightsThe organization notifies practitioners about their right to: The PO policies and procedures must state how the following 3 factors are met and how the

practitioners are notified (e.g. application, contract, Website, letter):

1. Review information submitted to support their credentialing application Policies should allow for review of information obtained from outside sources (e.g. state licensing

agency, malpractice carrier) with the exception of references or other peer review protected information.

2. Correct erroneous information (submitted by another source) Policy must clearly state:

- The time frame for changes- The format for submitting corrections- Where corrections must be submitted-

3. Receive the status of their credentialing or recredentialing application, upon request Must describe the process for responding to such request including information that the PO may

share with the practitioners.

Element C: Credentialing System ControlsThe organization’s credentialing process describes: This element applies to both paper and electronic credentialing processes.

20192020_SA_Training Tool_01_2019 16


1. How primary source verification information is received, dated and stored. The organization’s policies and procedures describe how credentialing information is received,

stored, reviewed, tracked and dated.2. How modified information is tracked and dated from its initial verification.

Policy must clearly state how it tracks:- When the information was modified.- How the information was modified.- Staff who made the modification.- Why the information was modified.

3. Staff who are authorized to review, modify and delete information, and circumstances when modification or deletion is appropriate. The organization’s policies and procedures identify the:

- L evel of staff who are authorized to access, modify and delete information.- Circumstances when modification or deletion is appropriate.

4. The security controls in place to protect the information from unauthorized modification. Policies and procedures describe the process for:

- Limiting physical access to the credentialing information, to protect the accuracy of information gathered from primary sources and NCQA-approved sources.

- Preventing unauthorized access, changes to and release of credentialing information.- Password-protecting electronic systems, including user requirements to:

o Use strong passwords.o Avoid writing down passwords.o Use different passwords for different accounts.o Change passwords periodically.

- Changing or withdrawing passwords, including alerting appropriate staff who oversee computer security to:

o Change passwords when appropriate.o Disable or remove passwords of employees who leave the organization.

If the PO contracts with an external entity to outsource storage of credentialing information, the contract describes how the contracted entity ensures the security of the stored information.- Review the contract if outsourcing.

5. How the organization audits the processes and procedures in factors 1–4. The policies and procedures describe the audit process for identifying and assessing risks and

ensuring the specified policies and procedures are followed. The description includes:- The audit methodology used, including sampling, the individuals involved in the audit and

audit frequency.- The oversight of the department responsible for the audit.

Element CD: Performance Monitoring for Recredentialing – CMS/DHCS

The organization’s recredentialing policies and procedures require information from quality improvement activities and member complaints in the recredentialing decision making process. (Source: Medicare Managed Care Manual, Chapter 6 § 60.3; DHCS All Plan Letter (APL) 17-01919-004 and Exhibit A, Attachment 4 of Plan Contract)

Not applicable if the PO does not hold Medicare and/or Medi-Cal Contracts

Element DE: Contracts – Opt-Out Provisions – CMS/TRICARE

20192020_SA_Training Tool_01_2019 17


The Medicare Advantage organization has policies and procedures to ensure that it only contracts with physicians who have not opted out. (Source: Medicare Managed Care Manual: Chapter 6 § 60.2)

Not applicable if the PO does not hold a Medicare Contract The policy must indicate that the PO does not employ or contract with practitioners who have opted

out of participation in the Medicare program and includes the verification source used to conduct the Medicare Opt-Out verification.

Opt-out practitioners may provide care to commercial members only

Element EF: Medicare – Exclusion/Sanctions – CMS/TRICARE/DHCS

The Medicare Advantage organization must have policies and procedures that prohibit employment or contracting with practitioners (or entities that employ or contract with such practitioners) that are excluded/sanctioned from participation (practitioners or entities found on OIG Report) (Source: Medicare Managed Care Manual, Chapter 6 § 60.2; DHCS All Plan Letter 17-019APL 19-004)

Not applicable if the PO does not hold a Medicare or Medi-Cal Contracts.

20192020_SA_Training Tool_01_2019 18


CR 2: Credentialing Committee

Best Practices (not scored) Ad hoc Credentialing Committee meeting minutes must be documented at the time of the ad hoc

meeting, and must be presented at the next formal meeting. Minutes should be signed by the Committee Chair and dated within one month or by the date of

the next meeting. If minutes are not signed and/or dated, auditor to educate and include in comment section (Do not score down).

Meetings should include a quorum of practitioners for each meeting, as established in the PO’s policy. If a quorum was not met, educate. (Do not score down.)

Element A: Credentialing CommitteeThe organization’s Credentialing Committee:1. Uses participating practitioners to provide advice and expertise for credentialing decisions.

The PO must have policy and procedures as well as evidence to be compliant. Review the PO’s documented process and the committee minutes for evidence.

Policies: The policy states that Credentialing committee is comprised of a range of participating

practitioners. If a PO’s Credentialing Committee is comprised of PCPs only, the PO must have the following in

order to be compliant:– Policies state that specialists are consulted, when necessary and appropriate.

Evidence: Representation includes a range of participating practitioners in the PO’s network. There is evidence through their Committee minutes that a specialist was consulted, when

applicable.- There is a listing that indicates what specialists are used, if appropriate.

2. Reviews credentials for practitioners who do not meet established thresholds. The PO must have policy and procedures as well as evidence to be compliant. Review the PO’s documented process and the committee minutes for evidence.

Policies: The credentialing committee must receive and review the credentials of practitioners who do not

meet the PO’s established criteria. The credentialing committee must give thoughtful consideration of the credentialing information.

Evidence: There is evidence that the Credentialing Committee reviewed credentials for practitioners who do

not meet established thresholds The committee’s discussion must be documented within its meeting minutes. Credentialing Committee meetings and decision making may take place in the form of real-time

virtual meetings (e.g. through video conferencing or WebEx conferences with audio). All meetings, including ad hoc, may not be conducted only through email.

20192020_SA_Training Tool_01_2019 19


3. Ensures that files that meet established criteria, are reviewed and approved by a medical director or designated physician The PO must have policy and procedures as well as evidence to be compliant. Review the PO’s documented process and the committee minutes or files for evidence. Score compliant if PO presents all files, including clean files to the CR committee.

Policies: The policy states that the Credentialing Committee ensures the files that meet established criteria

are reviewed and approved by a Medical Director or designated physician.

Evidence: The PO may choose to continue to submit all practitioner files to the Credentialing Committee for

review, or it may implement a process for the Medical Director to review clean files, as described in the credentialing policies and procedures.

If the Medical Director or designated physician reviews the clean files, there must be evidence of the designated Medical Director’s or designated physician’s review and approval in the practitioners file or on a list of all practitioners who meet the established criteria.

Auditor to review the PO's policy and reports. Reports may include Credentialing Committee meeting minutes or files or a list of approved practitioners signed or initialed by the medical director, for evidence that the requirement is met.

CR 3: Initial Credentialing Verification

General Updates: MSOs contracted with multiple POs process: When conducting file review for multiple POs who

are serviced by the same MSO, the Auditing Plan must determine whether all POs use the same Credentials Committee.- If an MSO is contracted with multiple POs, has one set of policies and procedures and all of the

POs use the same Credentials Committee, then the Auditing Plan will pull one file sample across all contracted POs and apply the same score for CR 3 (CR C3 & CR R3) and CR 4 for each PO.- If all other elements are the same, post only one audit and indicate each PO name on page

3 under secondary or additional PO names.- If the groups share the same committee, but have different organizational providers or

different delegation agreements, a separate audit must be posted.- If an MSO is contracted with multiple POs, has one set of policies and procedures and the PO

has separate Credentials Committees, the Auditing Plan will pull one file sample for each PO and post separate audits.

POs Combining Credentialing Committees within the annual audit period:

- If a PO merges their credentialing committee with another at any time during the annual audit period, a separate file pull and audit must be conducted for the PO. The PO will be audited for the combined committee and will have one audit at the next annual audit.

New MSO: If a PO has changed management companies and the files from the PO were forwarded to the new MSO, the files may undergo recredentialing when appropriate. If files were not submitted to the new MSO, the practitioners must be initially credentialed by the new MSO within six months of acquiring the PO. If files were forwarded to the new MSO but were found to be non-compliant, the

20192020_SA_Training Tool_01_2019 20


new MSO may choose to initially credential all of the providers within six months of the effective date with new MSO.

POs with multiple MSOs: POs must have delegation oversight audits for each contracted MSO and would require separate posting letters.

POs Purchased by another PO: If a PO purchases another PO and obtains the credential files, they can continue with the current recredentialing process.

File Pull (8/30 method OR 5% with minimum: 10/10): Obtain a full spreadsheet of all credentialed practitioners (including terminated practitioners) who have been part of the PO’s network any time during the look-back period to make the file selection. The only exception is if the practitioner was terminated for non-compliance with recredentialing standards (Non-responder). At a minimum, spreadsheet must include the following: Name, Degree, Role (PCP/SPEC), Specialty, Status (Cred/Recred) and Current Cred Date. Board Cert status optional.

If utilizing the NCQA 8/30 file methodology select 30 Initial Credential files and 30 recredential files. The auditor will request 10 initial and 10 recredential files from the PO for the audit. Additional files will be requested if there is a deficiency within the first 8 elements or additional elements are required for the review.

If using the 5 percent or 50 of its files, whichever is less, at a minimum, the sample must include at least 10 credentialing files and 10 recredentialing files that were processed since the last annual audit to ensure information is appropriately verified. If fewer than 10 practitioners were credentialed or recredentialed within the look-back period, the organization must audit all of those files. [This method may be used for PO’s that credentialed and recredentialed up to 400 providers in the 12 month look-back. 5% of 400 = 20 or 10 credentialing and 10 recredentialing files. If the volume of files credentialed/recredentialed in the 12 month look-back period was greater than 400 the 8/30 methodology should be used.]

– The file pull for credentialing and recredentialing files should include a range of practitioners with various types of degrees and specialties, including nurse practitioners and behavioral health practitioners.

– Do not include hospital based practitioners (Anesthesiology, Radiology, Telemedicine, Pathology, etc.) or those with Section 2113 certificates or Section 2168 licensures.

– If the PO does not have any recredentialing files for the audit period, the auditor needs to look at the entire history to establish if recredentialing is being done to ensure compliance.

– Do not include provisionally credentialed files.

– (TRICARE ONLY) Certified Nurse Midwives (CNMs) may be included in the file pull.

Provisional Credentialing: Auditor will not review any files that have been provisionally credentialed within the last 60 days. PO must complete a full credentialing review within 60 calendar days after being provisionally credentialed. If a file is pulled and it was not approved after 60 calendar days, this will be scored non-compliant for all elements. If provisional file is less than 60 calendar days, review next file.

NCQA defines “provisional” credentialing as a process by which an organization may approve (as temporary) a provider for no more than 60 days, with only validating completion of an application/attestation, license verification and malpractice history (NPDB) verification until all the standard elements are fully verified. Provisional status is not valid for recredentialing.

Hospitals define “provisional” status to represent a provider that has undergone full NCQA credentialing requirements but is still being monitored for up to 1-year. [ICE would not consider this “provisional’.]

Practitioner Termination: If a PO terminates a practitioner and later wishes to reinstate, the PO must initially credential the practitioner if there is a break in service for more than 30 days.

20192020_SA_Training Tool_01_2019 21

Christopher, Mei Ling, 10/01/19,

Stress during training that we require a full spreadsheet.


Using the 8/30 NCQA File Methodology: When auditing using the 8/30 NCQA file methodology, the Auditing Plan uses the following method:- After reviewing 8 files if any of those 8 files are non-applicable for that element (e.g., DEA),

review additional files to have a total denominator of 8.- After reviewing 8 files if one or more of the elements are non-compliant, review remaining files

for the element(s) that are non-compliant. If the PO has not initially credentialed at least 30 files, note that the file pull was exhausted.

Using the 5 percent or 50 with minimum of 10/10:- When using the 10/10 file methodology, if a file has an element that is non-applicable or is

deficient, you do not continue reviewing files.

Using the Internet for PSV: When auditing the primary source verification on documents that are printed/processed from an internet site (e.g., AIM, NPDB), the data source date (as of date, release date) must be queried within the timeframe. The date of the query must be verified prior to the Credentialing Committee decision. If there is no data source date, the verifier must document the review date on the verification or the checklist.

NCQA Certified CVO: Timeliness of elements must be verified for NCQA certified CVOs. NCQA only requires a checklist for elements they are certified in.

PSV Documentation Methodology: The Auditor may accept verifications using any of the following documented methods or a combination, however the Health Plan retains the right to request PSV documents in addition to a checklist:

Credentialing documents signed (or initialed) and dated by the verifier.

Auditors may accept a signed (or initialed) and dated checklist for primary source verification of the elements or a single signature and date on the checklist, if the signature and date apply to all verifications. The checklist must include the source used, appropriate expiration dates (to review for timeliness), the date of the verification, the signature or initials of the person who verified the information and the report date, if applicable.

- Auditor should review the PO’s checklist prior to requesting files to ensure it is compliant with the elements listed above.

- Auditor is to request 2 complete files with PSV documentation for initial credentialing and 2 recredentialing files to ensure compliance.

- If any items are not appropriately documented on the checklist you must request the PSV documentation for that element.

Automated credentialing system. The organization may use an electronic signature or unique electronic identifier of staff to document verifications (to replace the dating and initialing of each verification) if it can demonstrate that the electronic signature or unique identifier can only be entered by the signatory. The system must identify the individual verifying the information and the date of verification.

If the verification is from a report, NCQA uses the date generated by the source when the information is retrieved. If the source report does not generate a date, NCQA uses the date noted in the credentialing file by the organization staff who verified the credentials. The individual who verified the credentials must also sign or initial the verification.

Use of web crawlers. The organization may use web crawlers to verify credentialing information from approved sources. The organization shows evidence that the web crawler collects information only from approved sources.

20192020_SA_Training Tool_01_2019 22


NCQA Certified CVO Audit Disclosures: When a Health Plan audits a PO who utilizes a NCQA certified CVO you should only review file elements for timeliness. If and it is noted that an inappropriate PSV methodology was utilized, the Health Plan gives the PO a warning regarding the discrepancy and will score the audit on timeliness only. For example, when completing the shared audit tool, the PO will receive a “100%” however; the auditor will mark in the “Comment” section a statement regarding the inappropriate verification. Each Health Plan may take action if they deem necessary.

File Review Results Grid: The results will auto populate from the Initial and Recred file tabs. For any non-compliant element or if denominator is less than 30 for an 8/30 file pull, explain why in the section below the table.

Initial Credentialing: Initial credentialing is only for those practitioners who are initiating a contract with the PO. A recredentialing file that was placed into the initial credentialing file pull due to being out of recredentialing timeframe limit should not be included in the initial credentialing files. It must be included in the universe of recredentialing files. If this is the case and using the 8/30 file review methodology, review the next file using the 8/30 NCQA file methodology.

(TRICARE ONLY) Certified Nurse Midwives (CNMs) may be included in the file pull and if they are selected the delegate must verify they are certified by American Midwifery Certification Board, auditors are to check for certification.

Recredentialing Verification

General Updates: New MSOs: If a PO has changed management companies and the files from the PO were forwarded

to the new MSO, the files may undergo recredentialing when appropriate. If files were not submitted to the new MSO, the practitioners will be initially credentialed by the new MSO within six months of acquiring the PO.

Late Recredentialing: Per NCQA, a practitioner cannot be initially credentialed if their recredentialing is past due. The exception is: if a practitioner is on active military assignment, maternity/medical leave or sabbatical.

Recredentialing: PO must formally recredential its practitioners within 36 months through information verified from primary sources.

- A practitioner cannot be initially credentialed if their recredential cycle is past due. If an initial file is actually a recredential file, return the file into the first 8 of the recredential file pull and review an additional 22 recredential files or until file pull is exhausted. The file will be deficient for the recredential cycle length.

- Exception: If a practitioner is on active military assignment, maternity/medical leave or sabbatical, recredentialing must be completed within 60 calendar days of when practice is resumed.

20192020_SA_Training Tool_01_2019 23


Element A: Credentialing VerificationThe organization verifies that the following are within the prescribed time limits:

1. A current and valid license to practice.

Verification Time Limit: 180 calendar days

For web queries, use the data source date – e.g., release date or as of date

2. A valid DEA or CDS certificate, if applicableNCQA - Verification Time Limit: None. The certificate must be effective at the time of credentialing decisionCMS - Verification Time Limit: 180 calendar days. (I.)The following requirements are applicable for both NCQA and CMS. The PO may credential a practitioner whose DEA certificate is pending or pending a DEA with a

California address, if the PO has a documented process for allowing a practitioner with a valid DEA certificate to write all prescriptions requiring a DEA number for the prescribing practitioner until the practitioner has a valid DEA certificate.

If a practitioner does not have a DEA or CDS certificate, the PO must have a documented process to require an explanation why the practitioner does not prescribe medications and to provide arrangements for the practitioner's patients who need prescriptions requiring DEA certification.documents the lack of DEA or CDS certificate in the file, as well as the name of the designated practitioner. Both requirements must be met to meet compliance otherwise score down.

If unable to get a copy of the DEA, PO can confirm with: Confirmation from the National Technical Information Service (NTIS) database.

https://classic.ntis.gov/products/dea/ Confirmation from the American Medical Association (AMA) Physician Masterfile (DEA only). American Osteopathic Association Official Osteopathic Physician Profile Report or Physician

Master File (DEA only). Confirmation from the state pharmaceutical licensing agency, where applicable. DEA Registration Validation Website

https://www.deadiversion.usdoj.gov/webforms/validateLogin.jsp The document must be date stampedd and initialed or the checklist must be initialed and dated. Auditor must note in comments time limit or evidence deficiency. Auditor must note in comments if 180 calendar days is met or not met for CMS contracted groups.

3. Education and training, as specified in the explanationNCQA - Verification Time Limit – Education/training: Prior to the credentialing decision.CMS - Verification Time Limit: 180 calendar days. If a PO uses an AMA report, the report must state that the education/training has been “verified”.

“Being verified” or “being re-verified” is non-compliant.

If a practitioner submits transcripts to the PO in the institution’s sealed envelope with an unbroken institution seal, this is acceptable as PSV from graduation of medical or professional school education and training if the PO provides evidence that it inspected the contents of the envelope and confirmed that the transcript shows that the practitioner completed (graduated from) the appropriate training program.

If a practitioner is not board certified in the sub-specialty in which he/she is applying, there must be evidence of verification of residency and training in the sub-specialty (e.g., Fellowship in Cardiology, Rheumatology, Pediatric Endocrinology etc.), as relevant to the credentialed specialty.

20192020_SA_Training Tool_01_2019 24

https://www.deadiversion.usdoj.gov/webforms/validateLogin.jsp

https://urldefense.proofpoint.com/v2/url?u=https-3A__nam01.safelinks.protection.outlook.com_-3Furl-3Dhttps-253A-252F-252Furldefense.proofpoint.com-252Fv2-252Furl-253Fu-253Dhttps-2D3A-5F-5Fclassic.ntis.gov-5Fproducts-5Fdea-5F-2526d-253DDwMFAg-2526c-253DWlnXFIBCT3pmNh-5Fw8hYeLw-2526r-253DjK9H5czcPV7i-5F-5FWYJFKGId-2DTT7czX-5Fw-5FDo6nr5-2DdnXc-2526m-253DAIeIXP0Fjpq54GNysYEbl7rF7vGbw-2DZnSHKqzRuVTrI-2526s-253D2m-2Dune-2DtCNqWgete-2Df-2DVR1Hk4WmbiHYiMKcKGj-5FIPiY-2526e-253D-26data-3D02-257C01-257Cbryanne.jeffery-2540changehealthcare.com-257C32b7fba0003d441c4eb408d6cf5175e2-257Cd13a3cbde4ce45e191c298859a236439-257C0-257C0-257C636924346165153109-26sdata-3DVw-252BUWTRJXrlIWECwJtCIYefZiU7QJu7mnur5bvOu-252Bos-253D-26reserved-3D0&d=DwMFAg&c=WlnXFIBCT3pmNh_w8hYeLw&r=jK9H5czcPV7i__WYJFKGId-TT7czX_w_Do6nr5-dnXc&m=dWEuH4_RBAU9670avl0qgAgWEdamA_-Y22Hop576KjI&s=QAEm0uXUpEofaTJV2OVCklwtTmAs1mWDIG_Gq5ztOAA&e=


If practitioner is Board Certified, Education and Training is scored 1. If Residency is verified and practitioner is not Board Certified, then Education/Training is scored and Board Certification is scored N/A.

Education and Training is not combined with Board Certification, therefore apply NCQA 8/30 file methodology as applicable for this factor.

4. Board certification status, if applicableVerification Time Limit – Board certification: 180 calendar days

If a practitioner is board certified and the organization communicates this to it members, it must verify the certification, even if the board is not acceptable for verification of education and training because it does not primary-source verify. This also applies to Nurse Practitioners.

Expiration date of the board certification must be documented in the credentialing file.

If ABMS or the certifying board does not provide the expiration date for a practitioner's board certification, the PO must verify that the board certification is current.

If practitioner has a lifetime certification status, verification of lifetime status must be documented in the credentialing file.

If board certification has expired it may be used as verification of education and training. (Per NCQA)

Education and Training is not combined with Board Certification, therefore apply NCQA 8/30 file methodology as applicable for this factor. This is not an issue if you are following the 10/10 file methodology.

(TRICARE ONLY) If CNMs are included in the file pull auditors must check for verification that they are certified by the American Midwifery Certification Board.

5. Work history [Not applicable for Recredentialing]Verification Time Limit: 180 calendar days NCQA changed the time limit verification to 365 days however, due to other California regulators

(e.g., CMS, DMHC, etc.) the ICE Policy Committee has decided to continue to require the 180 calendar day time frame.

PO must document review of work history on the application, CV or checklist that includes the signature or initials of staff who reviewed work history and the date of review.

Work history must include the beginning and ending month and year for each work experience. The month and year do not need to be provided if a practitioner has had continuous employment

at the same site for five years or more. The year to year documentation at that site meets the intent.

If the practitioner completed education during the last 5 years and there is documentation that the practitioner went straight into practice, check for gaps since initial licensing, date and initial.

If the practitioner has practiced fewer than 5 years from the date of credentialing, the work history starts at the time of initial licensure. Experience as a non-physician health professional (e.g., RN, PA, APN, and LCSW) within the 5 years must be included. (Score compliant if initial health care work experience coincides with the time of the current application to the PO.)

The PO must review for any gaps in work history. If a work history gap of 6 months to 1 year is identified, the PO must obtain an explanation from the practitioner. Verification may be obtained verbally or in writing for gaps of 6 months to one year.

Any gap in work history that exceeds 1 year must be clarified in writing from the practitioner. The explanation of the gap needs to be sufficient to ascertain that the gap did not occur as a result of adverse and/or reportable situations, occurrences, or activities.

6. A history of professional liability claims that resulted in settlement or judgment paid on behalf of the practitioner.

20192020_SA_Training Tool_01_2019 25


Verification Time Limit: 180 calendar days Claims history (5 years) via the National Practitioner Databank (NPDB) or the malpractice carrier.

- NPDB query or malpractice carrier claims history documentation with date of query and staff initials must be evident on checklist or report must be in file.

For POs using the Continuous Query (formerly Proactive Disclosure Service (PDS)- Evidence of current Continuous Query enrollment must be provided.- Continuous Query report must be reviewed within 180 calendar days of the initial

credentialing decision.- Evidence of review must be documented in the file or on checklist.

Element B: Sanction Information

The organization verifies the following sanction information for credentialing

Verification time limit: 180 calendar days.1. State sanctions, restrictions on licensure or and limitations on scope of practice

The PO may obtain verification from the NPDB from all practitioners types listed below or The PO verifies the most recent five-year period available through any of the following sources:

Physicians- Appropriate state agencies- Federation of State Medical Boards (FSMB)Chiropractors- State Board of Chiropractic Examiners- Federation of Chiropractic Licensing Boards’ Chiropractic Information Network Board Action

Databank (CIN-BAD)Oral Surgeons- State Board of Dental Examiners or State Medical BoardPodiatrists- State Board of Podiatric Examiners- Federation of Podiatric Medical BoardsOther Nonphysician health care professionals- State licensure or certification board- Appropriate state agency

For POs using the Continuous Query (formerly Proactive Disclosure Service (PDS)- Evidence of current enrollment must be provided.

- Report must be reviewed within 180 calendar days of the initial credentialing decision.

- Evidence of review must be documented in the file or on checklist.

2. Medicare and Medicaid sanctionsThe organization may obtain verification from any of the following sources:

Verification sources for Medicare/Medicaid sanctions- NPDB- List of Excluded Individuals and Entities (maintained by OIG and available over the

Internet)- State Medicaid agency or intermediary.- Medicare intermediary Medicare Exclusion Database- Federal Employees Health Benefits Plan (FEHB) Program department record, published

by the Office of Personnel Management, Office of the Inspector General.

20192020_SA_Training Tool_01_2019 26


- AMA Physician Master File.- FSMB

For POs using the Continuous Query (formerly Proactive Disclosure Service (PDS))- Evidence of current enrollment must be provided.

- Report must be reviewed within 180 calendar days of the initial credentialing decision.

- Evidence of review must be documented in the file or on checklist.

For CMS/Medi-Cal (DHCS) Only (B.3II.)- OIG must be the verification source

- Date of query and staff initials must be evident on a checklist or the OIG page must be in the file.

- File sScore will populateunder the CMS scoring section as Met = 90-100%, Not Met = 0-89%.

For Medi-Cal Only (DHCS) (B.4III.)- The Suspended and Ineligible List must be the verification source

- Date of query and staff initials must be evident on a checklist or the report page must be in the file.

- File sScore under will populate the DHCS scoring section as Met = 90-100%, Not Met = 0-89%.

- (VI.) For CMS and Medi-Cal, document on CA ICE Tool Tab if there was evidence of reviewing the EPLS/EEDP/SAM database at the time of initial and recredentialing. Evidence via a checklist with the verification source, the date of review and initials/signature is acceptable. (Exclusion Extract Data Package (EEDP)

Element C: Credentialing ApplicationApplications for credentialing include the following.

1. Reasons for inability to perform the essential functions of the position

2. Lack of present illegal drug use PO’s application may use alternative language or general language that may not be exclusive to

present use or only illegal substances.

3. History of loss of license and felony convictions At initial credentialing, the practitioner must attest to any loss of license or felony convictions since

their initial licensure. At recredentialing, practitioners may attest to any loss of license or felony convictions since the

last credentialing cycle.

4. History of loss or limitation of privileges or disciplinary actions At initial credentialing, the practitioner must attest to any loss or limitation of privileges since their

initial licensure. At recredentialing, practitioners may attest to any limitation of privileges since the last

credentialing cycle.

5. Current malpractice insurance coverage Malpractice coverage can be obtained by the application.

- The application form must include specific questions regarding the dates and amount of the practitioner’s current malpractice insurance.

20192020_SA_Training Tool_01_2019 27


- The practitioner must attest to the amount and dates of coverage. If the practitioner has applied for coverage, but the coverage is pending, the practitioner

may indicate the amount as zero or indicate coverage pending on the application, however, the practitioner must have coverage prior to approval.

A copy of the insurance face sheet or Certificate of Insurance (COI) or a federal tort letter may also be obtained in lieu of collecting information on the application. It must include the insurance effective and expiration dates (a future effective date is acceptable.)

There must be evidence that the practitioner has current and adequate malpractice coverage prior to the Credentialing Committee approval date. Coverage can be effective for future date or start date as long as they are not allowed to see members until the coverage is in effect.

6. Current and signed attestation confirming the correctness and completeness of the application Attestation must be signed and dated within the timeframe and must include all elements to be

compliant. If practitioner needs to re-sign the attestation it must be a full signature, just dating and initialing is

not acceptable. The 180 calendar day time frame is based on the date the practitioner signed the application.

- If the signature or attestation exceeds 180 calendar days the practitioner must attest only that the information on the application remains correct and complete, by re-signing and re-dating the attestation. Practitioner does not need to complete another application.

If practitioner completes all the questions, no further evidence is required. If the attestation is not signed and/or dated, within the appropriate time frame, all application

elements are non-compliant (except current malpractice coverage if copy of face sheet is obtained).- If one of the above questions is not answered, only that element will be scored non-compliant.- If one of the questions is answered incorrectly, auditor will not need to go any further to clarify

the answer. This element is only to answer the above 1-6 questions and that practitioner attest to the questions. Auditor may recommend suggestions to follow-up on questions answered that may appear to be answered incorrectly.

- When reviewing the CAQH application, review attestation questions in addition to the form that contains the generated date and the last update (attestation date). If the generated date on the form is older than 180 days, but there is a current attestation date, you may accept the application.Note to Auditor: the Work History or Malpractice Insurance may require an update or verification by another means.

Verification Time Limit: 180 calendar days NCQA changed the time limit verification to 365 days; however, due to other California regulators

(e.g., CMS, DMHC, etc.) the ICE Policy Committee has decided to continue to require the 180 calendar day time frame.

NCQA does not require a date stamp on the initial application.

Element DIV: Hospital Admitting Privileges – CMS/DMHC/DHCS

Practitioner must have clinical privileges in good standing. Practitioner must indicate their current hospital affiliation or admitting privileges at a participating hospital. (Source: Medicare Managed Care Manual, Chapter 6 § 60.3; All Plan Letter(APL) 17-01919-004 and DMHC TAG 6/09/14)This element is applicable for all products.Primary source verification is not required. Verification Time Limit: 180 calendar days Data source: applications, curriculum vitae, hospital listing or letter from hospital

20192020_SA_Training Tool_01_2019 28


If a practitioner has admitting privileges, the following must be noted to be compliant:- Current status is obtained from the attestation questions, hospital letter or practitioner directory

(e.g. unrestricted, restricted).- Type of admitting privileges (e.g., active, courtesy, temporary) can be found in the application,

hospital letter or directory Practitioner (in the appropriate specialties) must have a formal inpatient coverage arrangement. If the practitioner does not have clinical privileges, the PO must have a written statement delineating

the inpatient coverage arrangement. This file will be scored compliant and not scored N/A.- If the coverage letter is not dated, recommend it be dated. Do not score as deficient.

Mid-level providers (Nurse Practitioners) may not have privileges or coverage arrangements. If they do mark them compliant. If they do not mark them as “N/A”.

Allied health practitioners (Chiropractors, Optometrists, etc.) will not have hospital privileges and documentation in the file is not required for these types of practitioners.

Specialties such as Dermatology, Podiatry or Ophthalmology may not have hospital privileges, documentation must be noted in the file as to the reason for not having privileges. (e.g. A note stating that they do not admit as they only see patients in an outpatient setting is sufficient)

Element EV.: Monitoring Physicians Who Have Opted Out – CMS/TRICAREThe Medicare Advantage Organization monitors its credentialing files to ensure that it only contracts with practitioners who have not opted out. (Source: Medicare Managed Care Manual, Chapter 6 § 60.2) The PO is responsible for reviewing the information via hard copies, electronic or one of the CMS.gov

Opt-Out sites. Certain healthcare provider categories cannot opt-out of Medicare. These include chiropractors,

physical therapists and occupational therapists in independent practice. Score as N/A. If a PO employs their practitioners, the initial credentialing review of employed practitioners must

include a review of the Medicare Opt-Out Report.- Note: Confirmation has been received from CMS that review of Opt-Out reports is required at

credentialing and recredentialing. All files for POs that employ their practitioners must have evidence of review in all files credentialed.

The following are acceptable ways to verify review of the Opt-Out report:1. Checklist/Verification: Must have the following elements to be compliant.

- Staff initial/signature- Run date from CMS.gov Opt-Out reports (if the run date is not included on the checklist, but

can be found on the report, give full compliance and note in comments section that checklist needs to include the run date).

- Indicate whether or not the practitioner is listed on the report. (Auditors: If the status for the report is not indicated review the Opt-Out report for compliance)

OR2. Pages of the CMS.gov listing report showing where the providers name would have been listed in

alpha order. (Make sure report date/run date and staff initials are present) If a PO uses a CVO for credentialing, evidence of this element must be provided for review during the

audit, as this element is not reviewed by NCQA for certification.

Element FVII.: Review of Performance Information – CMS/DHCSThe organization includes information from quality improvement activities and member complaints in the recredentialing decision-making process. Source: Medicare Managed Care Manual, Chapter 6 § 60.3; APL 17-01919-004) Verification Time Limit: Last recred cycle to present. Factors 1 & 2 must be present for Element F to be compliant.

20192020_SA_Training Tool_01_2019 29


1.. Quality activities (e.g., adverse events, medical record review and data from quality improvement activities. Performance information may also include additional information such as: utilization management data, enrollee satisfaction surveys, other activities of the organization)

Not all quality activities need to be present to be compliant. Other activities may consist of medical record site review, medical record review, access

studies.

2. Grievance/complaints

CR 4: Recredentialing Cycle Length

Element A: Recredentialing Cycle LengthThe length of the recredentialing cycle is within the required 36-month time frame.

Only the files that have been recredentialed within the time period and have gone to committee will be included in the file review.

o If the auditor discovers that a file was selected that has not gone through the recredentialing cycle or committee and it is non-compliant for recredentialing auditor will include in comments but not in the file review.

The entire roster should be reviewed for recredentialing timeliness, not just those processed in the last 12 months. The Auditor also must note in comments the total # of providers that appear on the spreadsheet that have not been recredentialed within the last 36 months.

A PO that determined that there was a system wide problem with its initial credentialing process, and as a result implemented corrective action through early recredentialing may present evidence of such actions to the health plan during the audit. - The Health Plan auditor will comment in recredentialing cycle length that PO has gone through

early recredentialing to correct deficiencies found in the initial credentialing process.

If a file was recredentialed early to correct a deficiency, score file non-compliant for cycle length and make comments.

A recredentialing file that was placed into the initial credentialing file pull due to being out of timeframe should not be included in the initial credentialing files. It must be included in the universe of recredentialing files. If this is the case, review the next file using the 8/30 NCQA file methodology.

A recredentialing file that is past due cannot be terminated and then reinstated before or within 30 days and processed as an initial credentialing file. The past due file should be recredentialed as soon as possible instead of being terminated.

If a practitioner is given administrative termination for reasons beyond the PO’s control (e.g., the practitioner failed to provide complete credentialing information), and is then reinstated within 30 calendar days, the PO may recredential the practitioner as long as it provides documentation that the practitioner was terminated for reasons beyond its control and was recredentialed and reinstated within 30 calendar days of termination. The PO must initially credential the practitioner if reinstatement is more than 30 calendar days after termination.

Extending the recredentialing cycle length: A PO must verify that a practitioner who returns from military assignment, maternity/medical leave or a sabbatical has a valid license to practice before he or she resumes seeing patients. Within 60 calendar days of when the practitioner resumes practice, the PO must complete the recredentialing cycle. If there is a termination of 30 days, the PO can initially credential the practitioner before rejoining the PO.

Only the files that have been recredentialed within the time period and have gone to committee will be included in the file review. If the auditor discovers that a file was selected that has not gone through

20192020_SA_Training Tool_01_2019 30


the recredentialing cycle or committee and it is non-compliant for recredentialing auditor will include in comments but not in the file review. Auditor also must note in comments the total # of providers that appear on the spreadsheet that have not been recredentialed within the last 36 months.

SV: Practitioner Office Site Quality (Source: Medicare Managed Care Manual, Chapter 6 § 60.3; NCQA Medicaid MED 43; Health Plans) [N/A – Unless par for Medicare and/or MediCal AND delegated for Site Visits.]

Element A: Performance Standards and Thresholds

The organization sets site performance standards and thresholds for:

1. Accessibility equipment. The PO has standards and thresholds for providing accessible equipment for members with

physical or mental disabilities. This includes scales and exam tables and equipment for treatment and diagnosis.

12. Physical accessibility The PO must have standards and thresholds that address ease of entry into the building or

practice site and accessibility of space within the building or practice site. Accessibility standards must include standards for ease of access for physically disabled

patients.

Office-site criteria - Example- Handicapped accessible- Adequate seating

32. Physical appearance PO standards and thresholds must at a minimum include cleanliness, lighting and safety plus

any others that the PO deems appropriate.

Office-site criteria - Examples Physical appearance

- Clean- Well-lit waiting room- Posted office hours

43. Adequacy of waiting and examining-room space The PO must have standards and thresholds for the appropriate size and seating for waiting

rooms. Standards should consider number of patient visits per hour and the number of practitioners.

54. Adequacy of medical/treatment record keeping The PO must have standards and thresholds for medical/treatment record orderliness, security,

confidentiality and documentation.

Medical record keeping criteria - Examples- Secure/confidential filing system- Legible file markers- Records can be easily located

If the criteria for Accessible Equipment, Physical Accessibility and Appearance and Adequacy of Waiting room, Examining rooms and Medical/treatment record keeping is outlined on the site audit tool, this is compliant.

20192020_SA_Training Tool_01_2019 31


Update the site visit tool.


Element B: Site Visits and Ongoing Monitoring

The organization implements appropriate interventions by:

1. Continually monitoring member complaints for all practitioner sites The PO must have a process to monitor and investigate member complaints related to the quality

of practitioner office sites. for detecting deficiencies. The methods for monitoring deficiencies may include process must include continual monitoring of member complaints and other data. (e.g., complaint monitoring, practice-specific member surveys, reports from provider relations staff visits and staff audits.)

This information may be found in the Quality Committee minutes, QI/QA Department or logs.

Policy may include establishesd reasonable thresholds, taking into consideration the severity of the issue, for the number of complaints it must receive before conducting an office site visit.

Evidence must indicate the following (if applicable): PO must provide evidence for tracking member complaints against thresholds. Evidence can be

logs or spreadsheets.

2. Conducting site visits of offices within 60 calendar days of determining that the complaint threshold was met

Policy applies to all practitioners within its network and must state the following:

PO will conduct site visits for complaints related to:

- Physical Accessibility (e.g., handicapped accessibility)

- Physical Appearance (e.g., cleanliness and orderliness, well-lit waiting room, posted office hours)

- Adequacy of Waiting and Examining Room space (e.g., adequate waiting room space, adequate number of examining rooms per practitioner)

- NCQA does not require site visits for complaints about accessible equipment, availability of appointments or adequacy of treatment record keeping however, they must be included on the site tool and P&Ps.

- Site visit will be performed within 60 calendar days of the complaint threshold being met.

Evidence must indicate the following (if applicable):- A site visit resulting from a complaint must include an evaluation of all office site criteria.

However, it is not required to conduct a site visit for complaints about adequacy of treatment record keeping or availability of appointments.

- The site visit must be performed within 60 calendar days of the complaint threshold being met.- Reviewer must see evidence of site visit being performed if complaint threshold is met.

3. Instituting actions to improve offices that do not meet site standards and thresholds in Element A

Policy must include if a site does not meet the PO’s performance thresholds, the site must develop and implement an action plan for improvement.

If a site does not meet the PO’s performance threshold, there must be evidence that the PO has developed and implemented an action plan for improvement.

Evidence of the CAP and notation regarding distribution to and education of the applicable practitioner must be documented on the spreadsheet or report. Documentation can be kept in the credentialing file or separately.binder.

20192020_SA_Training Tool_01_2019 32


This is above and beyond the requirement.


Noted above.


4. Evaluating the effectiveness of the actions at least every six months, until deficient offices meet site standards and the thresholds in Element A

Policy must include the process for evaluating the effectiveness of the action plan at least every six months, until the offices meet the threshold.

If a deficiency is found during the site visit, a follow-up visit must occur within 6 months. Evidence of the site visit must be documented in the spreadsheet or report. Documentation can

be kept in the credentialing file or binderseparately.

5. Documenting follow-up visits for offices that had subsequent deficiencies.

Policy must state that the PO conducts a follow-up visit of a previously deficient office if the practice site meets the reasonable complaint threshold subsequent to correcting the deficiencies. PO conducts a follow up visit of a previously deficient office if the site meets the complaint threshold subsequent to correcting the deficiencies.

Follow up visit must be conducted within 60 calendar days of the reasonable complaint threshold being met.

If one of the PO’s practitioners meets the criteria, there must be evidence of the office site visit in the spreadsheet or report. Documentation can be kept in the credentialing file or binder.

If there is another complaint within the same office regarding the same issue, the PO is required to perform another site audit; it must follow-up as required.

If there is another complaint about the same office, but for different office-site criteria, the PO must perform another site visit.

Notes: Auditor must document in the appropriate section of the documentation pageAudit Tool tab the following for all audits including NCQA certified POs:

Identify the threshold for site visits per the PO’s policy and procedure. Document the number of complaints identified. Whether or not policy states that when appropriate, complaints will be forwarded to the

applicable Health Plan upon receipt. This is for those Health Plans that do not delegate monitoring of complaints (do not score downmust be answered).

Note: Both Policies and Evidence must be reviewed for compliance

Health Plan Complaint Threshold

Health Plan Site Visit Delegatio

nThreshold

Determination# of Complaint meeting Health Plan Thresholds

Aetna Health of California Inc. Yes Health Plan 1Alameda Alliance for Health No Health Plan 2N/AAnthem Blue Cross Yes Health Plan 3Blue Shield of California No Health Plan 3N/ACare1st Health Plan No Health Plan N/ACigna Healthcare of California/Great West No Health Plan NACommunity Health Group No Health Plan N/A3Health Net of California, Inc. No Health Plan N/A3Kaiser Foundation Health Plan, Inc. Yes Health Plan 1Molina Healthcare of California No Health Plan N/A1Scan Health Plan No Health Plan N/ASharp Health Plan No Health Plan N/A1UnitedHealthCare of California No Health Plan NAWestern Health Advantage Yes Health Plan 3

20192020_SA_Training Tool_01_2019 33


CR 5: Ongoing Monitoring

Element A: Ongoing Monitoring and InterventionsThe organization implements ongoing monitoring and takes appropriate interventions by:If an NCQA CVO (certified in ongoing monitoring) performs ongoing monitoring, score compliant for factors 1 & 2 and note in evidence section that PO is using an NCQA CVO and receiving sanction alerts.

1. Collecting and reviewing Medicare and Medicaid sanctions The PO must have policies and procedure as well as evidence to be compliant. Note missing elements in comments.Policies Policies must describe how the PO verifies the practitioner’s Medicare and Medicaid status.Evidence The PO is responsible for reviewing the information within 30 calendar days. . If PO utilizes a spreadsheet, auditor may choose to spot check evidence. If a spreadsheet is not

utilized, auditor to review evidence from each quarter. Score non-compliant and comment if PO is not following a consistent process for ongoing

monitoring. If reports are not reviewed at all or not reviewed on a monthly basis, note in comments which

reporting cycle is missing and score non-compliant. The PO that subscribes to a sanctions alert service must have evidence of its subscription to the

sanctions alert service during the look back period. For POs using the Continuous Query- The Continuous Query generates individual alerts from NCQA-recognized sources reporting

an action. PO must provide evidence of the practitioner’s continuous enrollment in the Continuous Query and must have a process for reviewing sanction alerts within 30 calendar days of their release.

- PO must show evidence of the annual enrollment listing of providers enrolled and review of alerts within 30 calendar days of its release.

- Per NCQA, if no reports were received for ongoing monitoring, PO will only need to document or note that no reports were received during the monthly look-back period.

- This documentation can be kept electronically or via an electronic or paper log/checklist. A spreadsheet/tracking log may be used as documentation for compliance. Name of board/entity,

date of query, date of report, and signature/initials of staff must be included. Auditors may spot check as needed, however it is not mandatory.

All evidence may be kept electronically. If an NCQA CVO performs ongoing monitoring, score compliant and note in evidence section

that PO is using an NCQA CVO and receiving sanction alerts. Review delegation agreement, as applicable.

Note examples in documentation tab of evidence source, e.g., minutes, spreadsheet, monitoring process.

Note: Tools to evaluate and/or document ongoing monitoring are available to auditors and POs.

20192020_SA_Training Tool_01_2019 34


2. Collecting and reviewing sanctions or and limitations on licensure The PO must have policies and procedures as well as evidence to be compliant. Note missing elements in comments.Policies The PO must have policies and procedures for ongoing monitoring of sanctions and limitations

on licensure. Policies must state which verification sources are used. Policies must state how the PO queries information if reporting entities do not publish sanction

information, on a set schedule, at least every 6 months, if applicable. Mark this element as compliant even if the language is not in the policies and recommend that they add it.

Policies must state how the PO queries information if the reporting entities do not release sanction information reports, if applicable. PO is required to conduct individual queries for any affected practitioner 12-18 months after the last credentialing cycle. Mark this element as compliant even if the language is not in the policies and recommend that they add it.

Evidence The PO is responsible for reviewing the information within 30 calendar days for those boards that

release on a set schedule. Any board that releases on a routine schedule (monthly/quarterly); this is considered a set schedule. Auditor should refer to the ICE Ongoing Monitoring Document for reporting schedule.

Compare practitioner types being monitored with practitioner types listed on PO spreadsheet. If any discrepancies found, score non-compliant.

If PO utilizes a spreadsheet, auditor may choose to spot check evidence. If a spreadsheet is not utilized, auditor to review evidence from each quarter.

Score non-compliant and comment if PO is not following a consistent process for ongoing monitoring.

If reports are not reviewed at all or not reviewed on a monthly basis, note in comments which reporting cycle is missing and score non-compliant.

If the PO subscribes to a sanctions alert service, there must be evidence of its subscription to the sanctions alert service during the look back period and review information within 30 days of its release. For POs using the Continuous Query- The Continuous Query generates individual alerts from NCQA-recognized sources reporting

an action. PO must provide evidence of the practitioner’s continuous enrollment in the Continuous Query and must have a process for reviewing sanction alerts within 30 calendar days of their release.

- PO must show evidence of the annual enrollment listing of providers enrolled and review of alerts within 30 calendar days of its release.

- Per NCQA, if no reports were received for ongoing monitoring, PO will only need to document or note that no reports were received during the monthly look-back period.

- This documentation can be kept electronically or via an electronic or paper log/checklist. In areas where reporting entities do not publish sanction information on a set schedule, the PO

must query for this information at least every 6 months. To demonstrate performance against this element indicator, the PO must document that the reporting entity does not routinely publish sanction information.

If the reporting entity does not release sanction information reports, the PO is required to conduct individual queries for any affected practitioner 12-18 months after the last credentialing cycle.

A spreadsheet/tracking log may be reviewed as documentation for compliance. Must include following: Name of board, date of query, date of report, and signature/initials of staff. Auditors may spot check as needed, however it is not mandatory.

20192020_SA_Training Tool_01_2019 35


If an NCQA CVO performs ongoing monitoring, score compliant and note in evidence section that PO is using an NCQA CVO and receiving sanction alerts. Review delegation agreement, as applicable.

Note examples in documentation tab of evidence source, i.e., Minutes, spreadsheet, monitoring process

Note: Tools to evaluate and/or document ongoing monitoring are available to auditors and POs.

3. Collecting and reviewing complaints The PO must have policies and procedures as well as evidence to be compliant. Note missing elements in comments. Policy and evidence may be found in the Quality department.Policies Policies must state PO evaluates practitioner’s specific complaints upon receipt Policies must state PO evaluates practitioner’s history of complaints at least every 6 months. Policies state that Quality or collecting and reviewing complaints are not delegated and

complaints are forwarded to the Health Plans as applicable, is compliant for this factor.Evidence The PO must investigate practitioner specific complaints from members upon their receipt. The PO must evaluate practitioner’s history of issues, if applicable, at least every 6 months. The NPDB Continuous Query does not meet this factor.

4. Collecting and reviewing information from identified adverse events Adverse event is an injury that occurs while a member is receiving healthcare service from a

practitioner. The PO must have policies and procedures as well as evidence to be compliant. Note missing elements in comments. Policy and evidence may be found in the Quality department.Policies Policies must state monitoring for adverse events occurs at least every 6 months. Policies that state that Quality / collecting and reviewing adverse events are not delegated and

events are forwarded to the Health Plans as applicable, is compliant for this factor.Evidence The PO must monitor practitioner adverse events at least every 6 months. The PO may limit monitoring of adverse events to primary care physicians and high-volume

behavioral healthcare providers. The NPDB Continuous Query does not meet this factor.

20192020_SA_Training Tool_01_2019 36


5. Implementing appropriate interventions when it identifies instances of poor quality related to factor 1-4Policies The PO must have policies and procedures as well as evidence to be compliant. Note missing elements in comments. Policy and evidence may be found in the Quality department.Evidence The PO must have a process to determine if there is evidence of poor quality that could affect the

health and safety of its members and implement the appropriate policy based on action/intervention.

Interventions can be identified in one of the following: Committee minutes, practitioner files, or PO file binders.

Note in comments if there are no sanctions, complaints or adverse events.

Element B: Monitoring Medicare Opt-Out Report - CMSThe organization maintains a documented process for monitoring whether network physicians have opted out of participating in the Medicare program. (Source: Medicare Managed Care Manual, Chapter 6 § 60.3)

Medicare Opt-Out applies to: MD, DO, DDS, DMD, DPM, OD and PA, NP, CNS, CRNA, CNM, Psychologist, LCSW, RD or Nutrition Professional.

The PO must have policy and procedures as well as evidence to be compliant. Note missing elements in comments.

The PO is responsible for reviewing the information quarterly from one of the CMS.gov Opt-Out sites.

The report must be dated and initialed.

If any reports are not reviewed within the appropriate timeframe, score as non-compliant.

A check list may be used to document the date of electronic file download. The check list must contain the date of the download and signature of the PO personnel who verified it.

Score N/A and note in comments if a PO does not have a Medicare contract, but has a process for monitoring physicians who have opt out of participating in the Medicare program.

PO must review quarterly Opt-Out reports even if they employ their practitioners.

If PO uses a CVO for ongoing monitoring verify that the monitoring reports includes Opt-Out reports. Auditor needs to ensure that reports are from CMS Contractor.

Element C: Monitoring Medi-Cal Suspended and Ineligible Provider Reports - DHCSThe organization will verify that their contracted providers have not been terminated as Medi-Cal providers or have not been placed on the Suspended and Ineligible Provider List. (Source: APL 17-01919-004, Plan Contract) The PO must have policy and procedures as well as evidence to be compliant.

PO must review the Suspended and Ineligible Provider list on a monthly basis.

Evidence can be one of the following:

- The PO can develop a tracking log to include the report run date, review date, initials of person reviewing report, the list reviewed and the web link used.

20192020_SA_Training Tool_01_2019 37


- The PO can print the parts of the list that are applicable. OR- The PO can print the entire list.

20192020_SA_Training Tool_01_2019 38


Auditors must review CR 6 for all Certified or Accredited OrganizationsCR 6: Notification to Authorities and Practitioner Appeal RightsElement A: Actions Against Practitioners(Source: Medicare Managed Care Manual, Chapter 6 § 60.4)

The organization has policies and procedures for:

1. The range of actions available to the organizationPolicies must specify: The PO reviews participation of practitioners whose conduct could adversely affect members’

health or welfare. The range of actions that may be taken to improve the practitioner performance before termination

(e.g. Profiling, Corrective Actions, Monitoring, Medical Record Audit, etc.). The PO reports its actions to the appropriate authorities.

- Appropriate Licensing Board, NPDB,

- Medical Board of California 805 and 805.01 reports or the appropriate licensing board (15 days after a recommendation or final determination), Policies are not required to specify all of the details of the 805 and 805.01 reporting requirements.

[The following types of providers require 805 and 805.01 reporting: Medical Doctors (MD), Dentists (DDS), Osteopaths (DO), Podiatrists (DPM), Marriage Family Therapist (MFT), Licensed Clinical Social Workers (LCSW), Psychologists (PsyD, PhD) and Physician Assistants (PA).]

2. Making the appeal process known

The PO’s policies and procedures must give practitioners the right to appeal and must include the following steps within the appeal process:

- Provide written notification when a professional review action has been brought against a practitioner, including reasons for the action.

- Allow practitioners to request a hearing/appeal and the timing for submitting the request.

- Policy must state that the PO cannot have an attorney, if the practitioner does not have attorney representation. [CA Business & Professions Code 809.3(c)]

Element B: Appeals Process for Termination/Suspension - CMSThe Medicare Advantage organization’s policies and procedures regarding suspension or termination of a participating physician require the organization to:

Ensure that the majority of the hearing panel members are peers of the affected physician. (Source: Medicare Managed Care Manual, Chapter 6 § 60.4)

A peer is an appropriately trained and licensed physician in a practice similar to that of the affected physician. Panel members do not have to possess identical specialty training.

Policies and procedures do not always have to state the word “majority”, but at least 51% of the members must be peers.

20192020_SA_Training Tool_01_2019 39


CR 7: Assessment of Organizational Providers (OPs)Prior to 7/1/18 a PO may obtain CR Certification did not include OPs and CR 7 should be assessed.After 7/1/18 PO may obtain CR Accreditation and auto credit is available for CR 7. Verify the date of Certification or Accreditation to determine which is applicable.General Updates:- Contracting Status: All Health Plans will ask the PO the following questions:

- Do you directly contract with ANY Organizational Providers? - Are you responsible for claims payment for those Organizational Providers?

- Exception: - If the PO does not contract with Organizational Providers, then all of CR 7 is not applicable.

Policies and procedures are not required if the PO does not contract directly with OPs. Do not score this section and check the N/A box of the SA Tool.

- MSO: If a MSO with multiple POs is utilizing one policy and procedure for all organizations, the policy and procedure is considered compliant if it states “as applicable” after the facility type.

- Audit process to assess the current annual audit cycle12 month look-back period instead of the entire OP spreadsheet.

Audits will be conducted utilizing the NCQA 8/30 file methodology. The auditor will request a spreadsheet with all organizational providers and will select 15 10 initial and 15 10 recreds reviewed during the annual audit cycle12 month look-back period to complete their file review. and apply the 8/30 rule for spreadsheets and file review. Under the 8/30 rule, eight initials and eight recreds will be reviewed with nothing further reviewed if all providers were compliant.

Element A: Review and Approval of Providers

The organization’s policy for assessing a health care delivery provider specifies that before it contracts with a provider, and for at least every three years thereafter, it: (Source: Medicare Managed Care Manual, Chapter 6 § 70)

1. Confirms that the provider is in good standing with state and federal regulatory bodies Policies must specify the sources used.

2. Confirms that the provider has been reviewed and approved by an accrediting body Policies must state which accrediting bodies it accepts for each type of provider. A PO that contracts only with accredited facilities must have a written policy stating that it does

not contract with unaccredited facilities. In this case the PO meets this factor.

3. Conducts an onsite quality assessment, if the provider is not accredited Policies must state that if the provider is not accredited an onsite quality assessment must be

conducted. The PO must develop a selection process and assessment criteria for each type of non-accredited provider with which it contracts which includes a process for ensuring that the provider credentials its practitioners.

A CMS or state review may be used in lieu of a site visit and may not be greater than 3 years old at the time of verification/approval.

A PO that contracts only with accredited facilities must have a written policy stating that it does not contract with unaccredited facilities. In this case the PO meets this factor.

If the state or CMS has not conducted a site review of the provider, and the provider is in a rural area, as defined by the U.S. Census Bureau, the organization PO must provide evidence that the provider meets the criteria.is not required to conduct a site visit and would be marked compliant. File must indicate it is a rural area.

20192020_SA_Training Tool_01_2019 40


Element B: Medical Providers The organization includes at least the following medical providers in its assessment:

1. Hospitals

2. Home health agencies

3. Skilled nursing facilities

4. Free-standing surgical centers

- Policies and procedures must include all facility types in which they contract. If PO is not contracted with a facility type, it does not have to be stated in the policy. Policy may state all types as applicable.

- Complete the grid of the SA tool as follows: - Yes “1” = PO is contracted with OP and it states so in the policy- No “0” = PO is contracted, but OP is not stated in the policy- N/A = PO is not contracted for the OP

Element B: Medical Providers and Suppliers required by CMS In addition to the provider types listed above, Medicare Advantage organizations must also provide documented processes for assessing the following types of providers in which they contract: (Source: Medicare Managed Care Manual, Chapter 6 § 60.3)

HospicesClinical laboratoriesComprehensive outpatient rehabilitation facilities (CORF)Outpatient physical therapy providers (only applies to institutional facilities who take Medicare Part A. Does not apply to independently licensed PTs)Outpatient speech pathology providersEnd-stage renal disease services providersOutpatient diabetes self-management training providersPortable X-ray suppliersRural health clinics (RHC)Federally qualified health centers (FQHC)

Applies to Medicare/CMS Only Policy and procedures must state which organizational provider types are contracted. A

statement in the policies and procedures would meet the requirement. POs that contract with these types of OPs and do not provide a documented process will be

scored 0%. If the policies and procedures address all types of providers the PO will be considered compliant

and will not need to specify which types they do not contract with. Complete the grid of the SA tool as follows:

- Yes “1” = PO is contracted with OP and it states so in the policy- No “0” = PO is contracted, but OP is not stated in the policy- N/A = PO is not contracted for the OP

Scoring for Element B: On the Audit Results Page of the Audit Tool (page 4): For Commercial - Score will be populated in the top box, accordingly. For CMS - Score will be populated in the bottom box.

20192020_SA_Training Tool_01_2019 41


Element C: Behavioral Health ProvidersThe organization includes behavioral healthcare facilities providing mental health or substance abuse services in the following settings:

1. Inpatient

2. Residential

3. Ambulatory If the PO has “carved out” behavioral healthcare services, this is not applicable. Policies must address each facility (inpatient, residential, ambulatory) that they are contracted with. If the policies and procedures address all types of providers the PO will be considered compliant and

will not need to specify which types they do not contract with. PO will not be compliant if their policies and procedures state “all behavioral facilities, as applicable.” Complete the grid of the SA tool as follows:

- Yes “1” = PO is contracted with OP and it states so in the policy- No “0” = PO is contracted, but OP is not stated in the policy- N/A = PO is not contracted for the OP

Element D: Assessing Medical ProvidersThe organization assesses contracted medical health care providers against the requirements and within the timeframe in Element A. (Source: Medicare Managed Care Manual, Chapter 6 § 70)

If the PO uses a comprehensive spreadsheet or log showing credentialing of Medical organizational providers, use the spreadsheet results to calculate compliance, and completion of the File Review Results Grid is not required. If individual records are reviewed, select 30 20 medical provider files (15 10 initials and 15 10 recredentialing) with various types of providers within the selection.

Review the entire spreadsheet but only score for current audit time frame. - Only score providers reviewed/approved since the previous audit (e.g., if previous audit was

conducted 7/1/18 19 and the OP was reviewed/approved 3/1/17 19 this would be outside the time frame).

- Audits will be conducted utilizing the NCQA 8/30 file methodology. Auditors will request a spreadsheet of all organizational providers and will select 15 10 initial and 15 10 recreds reviewed during the 12 month look-back period last audit cycle and for the apply the 8/30 rule for spreadsheets and file review. Under the 8/30 rule, eight initials and eight recreds will be reviewed with nothing further reviewed if all providers were compliant.

- Each element should be reviewed within 36 months of the prior verification. Credentialing Committee review is not required and not assessed for the 36 month timeframe.

- If there was no activity in the applicable time frame, note in comments, and score as N/A.

Applies to Medicare/CMS Only: - CMS Institutional provider and suppliers must be certified by CMS.- Note in the comments if provider is not certified.

Scoring for Element D: On the Audit Results Page of the Audit Tool (page 4): - For Commercial - Score will be populated in the top box, accordingly.- For CMS - Score will be populated in the bottom box, accordingly.

20192020_SA_Training Tool_01_2019 42


Training – ensure it has the required data. Show examples.


Note: POs must ensure that Medicare-covered benefits are provided only by providers that have signed

participation agreements with CMS. Comment on number and types of OPs reviewed.

20192020_SA_Training Tool_01_2019 43


Element E: Assessing Behavioral Health ProvidersThe organization assesses contracted behavioral healthcare providers. If the PO uses a comprehensive spreadsheet or log showing credentialing of Behavioral Health

organizational providers, use the spreadsheet results to calculate compliance, and completion of the File Review Results Grid is not required. If individual records are reviewed, select 30 20 Behavioral Health provider files (15 10 initials and 15 10 recredentialing) with various types of providers within the selection. Review the entire spreadsheet but only score for current audit time frame. Only score providers

reviewed/approved since the previous audit (e.g., if previous audit was conducted 7/1/17 19 and the OP was reviewed/approved 3/1/16 19 this would be outside the time frame).

Audits will be conducted utilizing the NCQA 8/30 file methodology. Auditors will request a spreadsheet of all organizational providers and will select 15 10 initial and 15 10 recreds reviewed during the last audit cycle and apply the 8/30 rule for spreadsheets and file review. Under the 8/30 rule, eight initials and eight recreds will be reviewed with nothing further reviewed if all providers were compliant. Each element should be reviewed within 36 months of the prior verification. Credentialing

Committee review is not required and not assessed for the 36 month timeframe. If there was no activity in the applicable frame, note in comments and score as N/A.

Comment on number and types of OPs reviewed

20192020_SA_Training Tool_01_2019 44


PPG/IPA: DATE OF AUDIT: CONDUCTED BY:

Comments

FILE Facility Name Facility Type

Prior License

Verification Date

Prior License Status

Current Verification

Date

Current License

Status # m

onth

s

Prior Accreditation

Verification Date

Prior Accreditation Body/Status

Current Accreditation

Verification Date

Current Accreditation Body/Status #

mon

ths Prior Site Visit

DatePrior Site Visit

StatusCurrent Site

Visit DateCurrent Site Visit Status

# m

onth

s Prior Cred Date

Current Cred Date

Medicare Cert #

Confirmation of good standing with Fed Reg. Bodies

(OIG)

1 sample (ABC) Home Health 05/12/08 Active 06/30/10 Active 25 05/10/08 TJC , Active 04/12/11 TJC, Active 35 05/12/08 Active 06/30/11 37 06/01/08 06/01/11 1234 05/05/11

2 sample (ABC) SNF 03/15/11 Active 03/15/11 02/07/10 DHCS or

CMS, compliant 04/06/11 03/05/111234567

License Accreditation Body Site Visit (if not accredited)

File Review (Each element should be validated within 36 months of the prior validation date.)File Information

Organizational Provider - Random File Audit Tool

20192020_SA_Training Tool_01_2019 45


Organizational Provider: Elements D & E

Verification is conducted on all medical providers and behavioral health providers prior to completion of the credentialing process and on-going every three (3) years.

The PO verifies the following:

Confirms that the provider is in good standing with state and federal regulatory bodies State (Department of Health Care Services) – A copy of the license and expiration date Physician-owned clinics are not required to be licensed by DHCS, but they must be accredited by

an agency approved by the Medical Board. If the physician-owned clinic is appropriately accredited, there would not be a violation of the Knox-Keene Act or Title 28.

If a state license is not issued by the Department of Health Care Services, the facility should have a business license or certificate of occupancy.

Federal Regulatory Bodies- Review of OIG or Medicare/Medicaid sanctions must be documented on the spreadsheet or

in the file.- The monthly review of the OIG report as part of the “Ongoing Monitoring” qualifies as

compliant for this section as long as the facilities are included on the OIG Report. The facilities are located at the top of the report.

- If Medicare and Medicaid sanctions are not reviewed, this will be scored non-compliant for Federal Regulatory bodies, as applicable.

Confirms that the provider has been reviewed and approved by an accrediting body

When conducting a credentialing audit on behalf of ICE, the following Accrediting Entities have been approved for use by the ICE Policy Committee. All other entities are not approved for use when conducting a shared audit.

Hospital:AOA/HFAP, DNV, TJC, CIHQ

Clinical Lab:CLIA, COLA, CAP, other CMS approved sources

Portable X-ray Supplier:FDA Certificate

Home Health:ACHC, CHAP, TJC

Comprehensive Outpatient Rehabilitation Facilities: CARF/CCAC, TJC

Outpatient Physical Therapy Providers:AAAASF

Skilled Nursing Facilities: CARF/’CCAC, TJC

Providers of End-stage Renal Disease Services:TJC

Speech Pathology Providers: AAAASF

Free Standing Surgical Centers: AAAHC, AAAASF, TJC, AOA, HFAP

Hospice:CHAP, TJC

Rural Health Clinics:TJC, AAAASF

Behavioral Health Providers: CARF/CCAC, COA , HFAP, TJC

Outpatient Diabetics Self-Management Training Providers: AADE, IHS

Federally Qualified Health Centers:TJC

American Association for Accreditation of Ambulatory Surgical Facilities (AAAASF)- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- website: http://www.aaaasf.org

Accreditation Association for Ambulatory Health Care (AAAHC)20192020_SA_Training Tool_01_2019 46

http://www.aaaasf.org/


- accreditation report or a letter from the regulatory and accrediting bodies regarding the status of the provider

- website: http://www.aaahc.org

American Association of Diabetes Educators (AADE)- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- website: https://www.diabeteseducator.org/

Accreditation Commission for Health Care Inc. (ACHC)- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- website: http://www.achc.org/accredited_organizations.php

Center for Improvement of Healthcare Quality (CIHQ)- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- website: https://www.cihq.org

Clinical Laboratory Improvement Amendments (CLIA) - Certificate or CLIA Waiver

- other CMS approved accreditation organizations can be found under download “List of Accreditation Organizations at https://www.cms.gov/Regulations-and-Guidance/Legislation/CLIA/Accreditation_Organizations_and_Exempt_States.html

College of American Pathology (CAP)- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- website: http://www.cap.org

Commission on Accreditation or Rehabilitation Facilities (CARF)- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- website: http://www.carf.org

Commission on Office Laboratory Accreditation (COLA)- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- website: http://www.cola.org

Continuing Care Accreditation Commission (CCAC) (this is part of CARF)- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- websites: http://www.carf.org

Community Health Accreditation Program (CHAP)- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- website: http://www.chapinc.org

20192020_SA_Training Tool_01_2019 47

http://www.chapinc.org/

http://www.carf.org/

http://www.cola.org/

http://www.carf.org/

http://www.cap.org/

https://www.cms.gov/Regulations-and-Guidance/Legislation/CLIA/Accreditation_Organizations_and_Exempt_States.html

https://www.cms.gov/Regulations-and-Guidance/Legislation/CLIA/Accreditation_Organizations_and_Exempt_States.html

https://urldefense.proofpoint.com/v2/url?u=https-3A__www.cihq.org&d=DgMFAw&c=A-GX6P9ovB1qTBp7iQve2Q&r=yq55K-nleKyDV88geYQoullcnHEISN9FQ9QUxm8VMw0&m=I-BCmhufwnKVT2XT6uyEReeQzZVVb--TpwRSfVZsnoo&s=6hb3L-VAvlxgj4fc0aYnqZNGF3miPDnJhV990zybGew&e=

http://www.achc.org/accredited_organizations.php

https://www.diabeteseducator.org/

http://www.aaahc.org/


Council on Accreditation for Children and Family Services (COA)- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- website: http://www.coanet.org/front3/index.cfm

Det Norske Veritas National Integrated Accreditation for Healthcare Organization (DNV)NIAHO))- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- website: http://www.dnvaccreditation.com/pr/dnv/default.aspx

Food and Drug Administration (FDA)- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- website: http://www.fda.gov

Healthcare Facilities Accreditation Program (HFAP), accrediting program approved by the American Osteopathic Association (AOA)- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- website: http://www.hfap.org

Indian Health Service (IHS)- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- Website: https://www.ihs.gov

The Joint Commission (TJC)- accreditation report or a letter from the regulatory and accrediting bodies regarding the

status of the provider- website: http://www.jointcommission.org

Note: A Medicare certification number is not acceptable for use in lieu of a site visit if a facility is not accredited.

20192020_SA_Training Tool_01_2019 48

http://www.jointcommission.org/

https://www.ihs.gov/

http://www.hfap.org/

http://www.fda.gov/

http://www.dnvaccreditation.com/pr/dnv/default.aspx

http://www.coanet.org/front3/index.cfm


Conducts an on-site quality assessment, if the provider is not accredited If an organizational provider is not accredited, the PO develops and implements standards of

participation, including conducting a site visit. Unlike the requirement for accredited providers, NCQA requires site visit for non-accredited facilities to include a process for insuring that the provider credential its practitioners.

CMS or state review or certification does not serve as accreditation of an institution; however, in the case of non-accredited institutions, the PO may substitute a CMS or state review in lieu of the required site visit. However, a letter from CMS which shows that the facility was reviewed and indicates that the facility passed inspection is applicable in lieu of the survey report if the PO reviewed and approved CMS criteria as meeting its standards. Site visit cannot be greater than 3 years old.

NCQA does not require the organization to conduct site visits of non-accredited providers in the following circumstances:

The state or CMS has not conducted a site review of the provider, andThe provider is in a rural area, as defined by the U.S. Census Bureau- For providers in rural areas, non-accredited sites do not need to have state or CMS site

audits. According to the U.S. Census Bureau definition, rural areas comprise of open country and settlements with fewer than 2,500 residents.

The organization must identify excluded providers and provide the evidence that the above conditions are met.

- If the organization is not approved by an accrediting body, then an onsite quality assessment must be conducted at least every three years. This includes CMS or State Audits, which cannot be older than 36 months at the time of verification.

Note: A Medicare certification number is not acceptable for use in lieu of a site visit if a facility is not accredited.

Confirms at least every three years that the provider continues to be in good standing with state and federal regulatory bodies and, if applicable is reviewed and approved by an accrediting body In order to confirm that POs are conducting organizational provider recredentialing timely, one

must ensure the appropriate documents are date stamped or have some indication of a verification date. Although there is no time limit for gathering the credentialing verifications for organizational providers (e.g., 180-day rule), date stamps/verification dates are needed in order to ensure that each is being re-verified every three (3) years as required.

Element F: Accreditation/Certification of Free-Standing Surgical Centers in California – CH&SCThe organization has documentation of assessment of free-standing surgical centers to ensure that if the organizational provider is not accredited by an agency accepted by the State of California, the organization is certified to participate in the Medicare Program, in compliance with California Health and Safety Code § 1248.1.

- The PO must have a certification letter from Medicare stating the facility is certified.- If certification letter is not present, attestation in file or Medicare certification number on the

spreadsheet will be acceptable. A CMS Survey, which includes the certification number is also acceptable.

- Free-Standing Surgical Centers Scenarios: If a surgical center is associated with a TJC (The Joint Commission), American Association for

Accreditation of Ambulatory Surgical Facilities (AAAASF), Accreditation Association for Ambulatory Healthcare (AAAHC) accredited hospital or Healthcare Facilities Accreditation Program (HFAP),

20192020_SA_Training Tool_01_2019 49


accrediting program approved by the American Osteopathic Association (AOA),CR 7.F is not applicable.

CR 8: Delegation of CR

General Updates: All contracted MSOs will be considered a delegated entity when auditing for the ICE Shared

Credentialing Program. Each Health Plan will audit the MSO as delegated and will use the information appropriately per their Health Plan performance thresholds.

If a MSO and a PO are owned or under the same ownership, this is not considered delegation. If a PO changes MSOs during the annual audit period, score only the current agreement and note

changes in the comment section to include termination date of prior MSO. If a PO terminates a delegation arrangement during the annual audit period, note the termination

date in the comments and score N/A. If a PO with Medicare or Medi-Cal contracts delegates to an NCQA Certified entity, the PO must

audit for Medicare, Medi-Cal and DMHC requirements. Acceptance of certification only will not meet compliance for the additional regulatory requirements.

If the PO participates in the commercial or Medi-Cal lines of business and utilizes the delegate for their specialty panel for HIV/AIDs practitioners, CR 9 must be included in the annual oversight review.

Delegated Entity Clarification: If PO gives another organization the authority to perform certain functions on its behalf, this is

considered delegation, e.g., Primary Source Verification of License, collection of the application, verification of Board Certification.

Ongoing monitoring or data collection and alert services are NOT seen as delegation. If PO uses another organization for collecting data for ongoing monitoring or sanctions monitoring for CR 3 B or CR 5, and the PO then handles the review of information and intervention, it is not considered delegation.

If information is gathered from a company website and the PO staff is pulling the queries for OIG or other types of queries, it is NOT considered delegation.

Delegation oversight process for POs with more than 4 delegates: Auditors must list all delegates with their delegation agreement effective date on the Audit Tool. If delegates have more than 4 delegates:

- Auditors will select and review a sample of up to 4 delegates for oversight of CR 8 Elements A, C-E.

- The following year, auditor will select the rest of the delegates that were not audited from the previous year.

- Each audit year select different delegates for the review.

For POs with fewer than four delegates all delegates need to be assessed.

- Always complete the grid on the tool when a PO delegates any part of the credentialing process.

- Must list all delegates with their NCQA Certification Expiration date and the Delegation Agreement Effective Date on the CA ICEAudit Tool tab under CR 8.

- If the PO did not use the delegate during the look-back period, but has not termed their Delegation Agreement, note this on the tool and score N / A.

- Effective date may be at the front of the delegation agreement- If date is not in the front, take the latest signatory date from both parties as the effective date.

20192020_SA_Training Tool_01_2019 50


Element A: Written Delegation Agreement

Element A: Written Delegation Agreement

The written delegation agreement (Source: Medicare Managed Care Manual, Chapter 11 § 110.2)

1. Is mutually agreed upon Dated and signed agreement between both parties must be evident. NCQA considers the effective date specified in the delegation agreement as the mutually

agreed-upon effective date. The effective date may be before or after the signature date on the agreement. If the agreement has no effective date, NCQA considers the signature date (the date of the last signature) as the mutually agreed upon effective date.

NCQA may accept other evidence of the mutually agreed-upon effective date: a letter, meeting minutes or other form of communication between the organization and the delegate that references the parties’ agreement on the effective date of delegated activities.

NCQA requires submitted evidence for all other delegation factors to consider the same mutually agreed-upon date as the effective date for the delegate’s performance of delegated activities.

Use the original effective date, or as described above, not an Amendment date.

2. Describes the delegated activities and the responsibilities of the organization and the delegated entity.

- Delegation agreement specifies the credentialing activities:- Performed by the delegate in detailed language- Not delegated, but retained by the organization

- If the PO subdelegates, the delegation agreement must state the PO or the organization is responsible for subdelegate oversight.

The PO may include a general statement that addresses the retained functions (e.g., the PO retains all other CR functions not specified in this agreement as the delegate’s responsibility).

3. Requires at least semiannual reporting of the delegated entity to the organization. Information reported by the delegate on what activities are delegated Reporting can be lists of credentialed/recredentialed practitioners, committee meeting minutes How and to whom information is reported. Score 100%compliant “1” for NCQA certified CVOs.

4. Describes the process by which the organization evaluates the delegated entity’s performance.

5. Specifies that the organization retains the right to approve, suspend and terminate individual practitioners, providers and sites, even if the organization delegates the decision making.

If the delegation agreement does not specify the right to approve language, but it is documented through another communication between the organization and the PO, score compliant.

If delegate does not have decision making authority (i.e. CVO for primary source verification) score N/A.

6. Describes the remedies available to the organization if the delegated entity does not fulfill its obligations, including revocation of the delegation agreement.

20192020_SA_Training Tool_01_2019 51


Element A: Delegate Adherence to Medicare Advantage Requirements- CMS

All delegation agreements include a statement that delegates must adhere to Medicare Advantage requirements. (Source: Medicare Managed Care Manual, Chapter 11 § 110.2):

1. The organization may delegate authority for performing the functions within the NCQA/CMS standards to another entity; however, it must maintain responsibility for ensuring that the function is being performed according to organization expectations and to NCQA standards. The following assessment for compliance of delegated NCQA/CMS standards is based on NCQA/CMS’s delegation policy. There is evidence that both parties to the agreement have signed and dated the agreement. The PO’s delegation agreement must include a statement requiring the delegate to adhere to

CMS regulations. If agreements have language that the delegate will adhere to state and federal regulations, the

agreement is considered compliant. This language is not required for CVO agreements – Score N/A and note in comments

Element A: Delegate Adherence to MediCal Requirements - DHCS

The written delegation agreement (Source: MediCal Exhibit A, Attachment 4 of Plan Contract – QI Activities):Requires at least quarterly reporting of the delegated entity to the organization.

Element B: Pre-Delegation EvaluationFor new delegation agreements initiated in the look-back period, the organization evaluated delegate capacity to meet NCQA requirements before delegation began. (Source: Medicare Managed Care Manual, Chapter 11 § 110.2) A PO may use an accredited Health Plan audit as the pre-delegation evaluation. If a PO uses a

Health Plan audit, the auditor must review evidence that the Health Plan audit was reviewed, e.g., Committee minutes, email approval or other methods indicating acceptance of review. If a PO changes MSOs, the PO must evaluate the new MSO prior to contracting.

The PO must have a systematic method for conducting this evaluation, especially if more than one delegation agreement is in effect. The following list are examples:- Site visit- Written review of the delegate’s understanding of the standards and the delegated tasks- Staffing capabilities - Performance records (e.g., Audit)- Exchange of documents and review- Pre-delegation/Committee meetings

20192020_SA_Training Tool_01_2019 52


- Telephone consultation- Virtual review

Auditors need to review for any amendments or newly delegated activities within the last 12 months. If there were any amendments, the PO must have documentation, dated before delegation began showing that it evaluated the entity before implementing delegation.- Note in comments newly added activities.

If the pre-delegation evaluation was performed more than 12 months prior to implementing delegation, the PO must conduct another pre-delegation evaluation.

If contract effective date is more than 12 months, score N/A. For NCQA CR Certified PO or NCQA Certified CVOs and the contract effective date is less than 12

months, score 100%compliant “1”.

Element C: Review of Delegate Credentialing ActivitiesFor delegation arrangements in effect for 12 months or longer the organization. (Source: Medicare Managed Care Manual, Chapter 11 § 110.2):NCQA defines “annual” for this section as “A 12-month period, with a 2-month grace period.”If the activities are completed in more than 12 months, but within 14 months please note in Comments.1.

Annually reviews its delegate’s credentialing policy and procedures. Review evidence that the PO’s staff or committee annually reviewed their delegate’s

credentialing policies and procedures, e.g., audit tool, audit correspondence, audit summary documentation, committee minutes, and email approval, noted in their database or other methods.

A PO may use an accredited Health Plan audit/ICE Shared Audit as the annual evaluation. If a PO uses a Health Plan audit/ICE Shared Audit, the auditor must review evidence that the Health Plan audit was reviewed, e.g., audit tool, audit correspondence, committee minutes, email approval, noted in their database or other methods indicating acceptance of review.

For delegates that are NCQA Certified or Accredited, including Certified CVOs: Review evidence of annual review of policy and procedures for delegated functions, as

applicable If delegating to a PO for all credentialing functions, review of CR 1 and CR 6 is required.

Policies for CR 2 and CR 5 receive oversight relief.2.

Annually audits credentialing and recredentialing files against NCQA standards for each year that delegation has been in effect.- Review evidence that the PO’s staff or committee annually reviewed their delegate’s files, e.g.

audit tool, audit correspondence, audit summary documentation, committee minutes, noted in their database or other methods.

- A PO may use an accredited Health Plan audit/ICE Shared Audit as the annual file audit evaluation. If a PO uses a Health Plan audit/ICE Shared Audit, the auditor must review evidence that the Health Plan audit was reviewed, e.g., audit tool, audit correspondence, audit summary documentation, committee minutes, email approval, noted in their database or other methods indicating acceptance of review.

- If a PO does not use a Health Plan’s audit, the PO must audit per the ICE shared audit tool or per NCQA standards.

- For delegates NCQA Certified in CR, Accredited as a Health Plan, NCQA Certified CVOs and the contract effective date is greater than 12 months, score 100%compliant “1”.

- Score N/A if there was no initial credentialing or recredentialing activity.3.

Annually evaluates delegate performance against NCQA standards for delegated activities.

- This audit includes all pieces of the credentialing process (e.g., policies and procedures, site visits, as applicable, file audit, etc.)

- For delegates NCQA Certified in CR, Accredited as a Health Plan, NCQA Certified CVOs and the contract effective date is greater than 12 months, score compliant “1”100%.

20192020_SA_Training Tool_01_2019 53


4.

Semiannually evaluates regular reports, as specified in element A.

- Assess the Quality or Credentialing Committee Minutes- It is acceptable to only receive lists of credentialed and recredentialed practitioners from

NCQA-accredited or NCQA-certified delegates.- Delegates that are not NCQA-accredited or NCQA-certified need to demonstrate that it collects

credentialing data from the delegate, evaluates that data, and takes corrective action if needed and follow-up on deficiencies.

- If no performance issues are identified, reporting could be limited to lists of credentialed and recredentialed practitioners.

- For MSOs – see reporting numbers which can usually be found in the Quality Improvement Meeting Minutes.

- If the PO holds DHCS contracts, quarterly reporting is required and (note in comments).- For non-certified CVOs, invoices of providers reviewed may be used as reports- For NCQA Certified CVO’s score compliant “1”100%.-

Element D: Opportunities for ImprovementFor delegation arrangements that have been in effect for more than 12 months, at least once in the past year, the organization identified and followed up on opportunities for improvement, if applicable. (Source: Medicare Managed Care Manual, Chapter 11 § 110.2) Findings from the PO’s pre-delegation evaluation, annual evaluation, file audits or ongoing reports

can be sources for identifying areas of improvement for which it takes actions. The PO can use a Health Plan audit to look for opportunities of improvement. If the PO sees that the

Health Plan found opportunities for improvement, the PO reviews the corrective action plan (CAP) from the delegated entity and reviews to see if the audit and CAP were reviewed and approved, i.e., committee minutes, email approval or other method indicating acceptance of review of the CAP.

If contract effective date is less than 12 months or if no opportunities for improvement, score N/A.

Score this element compliant “1”100% if all delegates are NCQA Accredited or NCQA Certified in CR or CVO, unless the element is NA. NCQA-Certified CVOs must be certified to perform the activity being delegated by the organization.

20192020_SA_Training Tool_01_2019 54


CA 9: Identification of HIV/AIDS Specialists (Source: CA H&SC §1374.16; DMHC TAG (QM-004), DHCS MMCD All-Plan Letter 01001)

Element A: Written Process

There is a written policy and procedure describing the process that the organization identifies or reconfirms the appropriately qualified physicians who meet the definition of an HIV/AIDS specialist, according to California State regulations on an annual basis. Written policy and procedure regarding the identification of HIV/AIDS specialists.

Element B: Evidence of ImplementationOn an annual basis, the organization identifies or reconfirms the appropriately qualified physicians who meet the definition of an HIV/AIDS, specialist according to California State regulations. Evidence that the PO identifies HIV/AIDS specialists on an annual basis. Review current and previous year’s survey/spreadsheet/credentialing attestation/logs. This does not require screening of all the PO’s practitioners, only those who potentially may qualify

and wish to be listed as HIV/AIDS specialists. Instead of the Credentialing Department, the department responsible for standing referrals may

conduct the annual survey. This would meet the intent of this requirement. Annual screening must be completed within 12 months of prior year’s annual screening. (12 months

is applicable for each practitioner) (A 2 month grace period will be allowed). Auditor to include dates (Month/Year) of query annual queries (prior and current). Auditor to note in comments if annual screening is over 12 months and how many months it is over. If the PO contracts with a specialty PO or uses the hospital’s specialists, score N/A for Element B and

make a note in the comments.

Element C: Distribution of FindingsThe list of identified qualifying physicians is provided to the department responsible for authorizing standing referrals. Once the PO has determined which, if any, of its physician’s qualify as HIV/AIDS specialists under

the above regulations, this list of qualifying practitioners is sent (e.g. e-mail, letter) or made available to the department responsible for authorizing standing referrals.

Distribution of findings must be communicated within 30 days from the completion of the screening/survey assessment. (E.g. Use the date of the last survey collected/signed to begin your calculation).

If the PO has the list but distributes after 30 days or does not distribute it then scored at 50%. Auditor to include date (Month/Year) of current distribution. A verbal statement that the list was provided to the appropriate department is not acceptable

evidence of compliance with Element C. If the list is available to the appropriate department electronically, it is not required to send the list. No

evidence is required. Note in comments. If the survey revealed that there are no qualified contracted HIV/AIDS specialists within the PO,

communication regarding HIV/AIDS specialists availability to the appropriate department (e.g., UM or case management) is all that is necessary and will be scored as 100% compliant “1” and note in comments that they do not have contracted HIV/AIDS Specialists.

If the PO does not have any contracted HIV/AIDs specialist, note in comments and score compliant.. If annual screening was not conducted and a list was distributed with old information score as non-

compliant “0”.

20192020_SA_Training Tool_01_2019 55

iceforhealth.org1.a... · web viewthis tool has been broken into the sections of the...

Documents