Exploring Primary Source Verification, Best Practices for Quality

October 28, 2019 - All healthcare organizations strive to deliver the highest quality of care to their patients, especially in the age of value-based care. Key to achieving that goal is hiring providers who have the qualifications and experience to meet the organization’s standards.

But an increasing number of challenges make it difficult to effectively complete primary source verification, the foundation of credentialing.

For example, technology has become both a blessing and a curse for medical staff professionals and other medical credentialing entities. While apps, software, and the Internet streamline credentialing, technology has made it easier for individuals to doctor documents, including diplomas, certifications, and reference letters.

Healthcare organizations are also facing a workforce crisis. The Association of American Medical Colleges (AAMC) recently projected a physician shortage of up to 120,000 doctors by 2030, and  other clinical professions, including nursing, are seeing their numbers dwindle.

With looming provider shortages, healthcare organizations rely on staffing agencies to place locum tenens practitioners, applicants from overseas, and providers who practice in non-affiliated or competing hospitals and practices.

Healthcare organizations may be under pressure to fill staffing gaps to provide adequate and competent care for their member population. But verifying the qualifications of all providers who interact with patients must remain an organization’s top priority.

Primary source verification is key to meeting credentialing, quality, and safety goals.

What is primary source verification?

Through primary source verification, healthcare organizations communicate directly with an originating source to validate the accuracy of a provider's educational degrees, licenses, credentials, references, or other pieces of information that may impact performance.

For example, healthcare organizations should reach out to an applicant’s medical school to verify that the information provided on the diploma is accurate and complete. Verifying credentials directly with the primary source eliminates the risk of relying on potentially fraudulent documents and misinformation from non-primary sources.

Continuing to perform primary source verification throughout a provider's employment at the organization ensures that the clinician maintains qualifications and has the appropriate skills to deliver high-quality care.

What constitutes a primary source?

A primary source is the originating source of the information.

According to Jan Laws, CPCS, CPMSM, a credentialing expert with over 20 years of medical staff services experience, healthcare organizations should contact:

• Educational institutions to verify medical school and post-graduate training records
• Federal and state government agencies to verify licenses, sanctions, National Practitioner Data Bank (NPDB), state certifications, controlled substance/narcotics certification, background checks, criminal history, and military personnel records
• Hospitals and past employers to verify professional history and privileges granted
• Professional associations to verify affiliations and professional certifications

Healthcare organizations should also contact individuals if the provider presents with a peer reference or confirmation.

These sources allow healthcare organizations to “ask questions to corroborate and verify the accuracy of what they wrote, and that this individual, in fact, had the necessary familiarity with the provider to make a professional assessment or recommendation,” writes Laws, a current member of the product management team at symplr.

Direct contact also enables the organization to determine whether the source’s relationship with the provider is acceptable according to internal bylaws and credentialing policies, she says.

While communicating directly with an organization is ideal, healthcare organizations can verify information online and still meet primary source verification requirements. For example, the Joint Commission and other accreditors allow for verification through the American Medical Association’s Physician Masterfile, which is a current and historical database of the education and professional certifications of more than 1.4 million physicians.

Similar sources include the American Board of Medical Specialties for verification of a physician’s board certification and the Educational Commission for Foreign Medical Graduates for verification of a physician’s graduation from a foreign medical school.

Identifying information to be verified by a primary source

According to an article from Joint Commission International, healthcare organizations should perform primary source verification for medical school diplomas, specialty training or residency certificates, licenses to practice, registration with a medical or dental council, or any other credential required by law, regulation, or hospital policy, as well as an credentials issued by recognized education or professional entities as the basis for clinical privileges.

Payers and other major accreditation organizations, such as CMS, National Committee for Quality Assurance (NCQA), and Det Norske Veritas Healthcare, Inc. (DNV), have similar requirements for primary source verification—although their requirements can differ.

For example, the National Association Medical Staff Services (NAMSS) reports that the Joint Commission, which certifies over 22,000 healthcare organizations and programs in the US, set a primary source verification standard for malpractice and adverse action checks through the NPDB. CMS, however, does not have any stated requirement to verify with the data source.

Determining what information must be traced to the primary source depends on the organization that accredits the hospital or practice, as well as the facility’s own bylaws, policies, and procedures. But industry experts do offer best practices to navigate the different standards set by accreditation organizations and payers.

The Joint Commission, for instance, requires healthcare organizations to conduct primary source verification for medical school diplomas, specialty training or residency certificates, licenses, as well as any credentials issued by a recognized education or professional entity. However, it doesn’t require primary source verification of other items such as professional history, recommendation letters, criminal background checks, IDs, or immigration and financial documents unless these are required by hospital policy.

“These verifications should be highly considered by the hospital, though, because they are best practices and can prevent a potentially harmful situation resulting from the appointment of a practitioner who provided fraudulent credentials,” the accreditation organization stresses.

NAMSS also recommends that healthcare organizations perform primary source verification if just one accrediting organization requires it or there are not stated requirements. For example, the association cites that neither CMS nor the Joint Commission has stated requirements for verifying board certification. In that case, NAMSS suggests performing primary source verification as a best practice.

How to perform primary source verification

Healthcare organizations can obtain primary source verification via writing, telephone, or online—although the traditional method of communication (i.e., writing) is best.

Letters, faxes, emails, and other forms of written communication provide a record of the exchange that can be kept in a provider’s file for future credentialing and enrollment processes. The written verification is also the gold standard for demonstrating to accreditation organizations that primary source verification was performed.

When written communication is not available, healthcare organizations can turn to the phone. But providers should keep a detailed record of the phone call, Law stresses.

She advises credentialers verifying information by phone to record the name of the organization, individual contacted, date, phone number of the individual contacted, questions asked and their responses, name and signature of the person collecting the verification information, and date verification was completed.

Similarly, organizations should keep a record of website verifications by noting the confirmation of the verification, URL of the website, date verified, and name or signature of individual conducting verification. Some credentialing software can capture this information as a screen grab.

Obtaining primary source verification is an intensive process. Medical staff professionals and other credentialing staff must perform large amounts of manual work to ensure providers are qualified to deliver patient care. This time-consuming and complex work can detract from other tasks necessary for keeping organizations running.

But healthcare organizations don’t have to go at the process alone. Credentials verification organizations (CVOs) exist to help navigate the patchwork of verification standards and requirements across different accreditation organizations and conduct primary source verification.

Ultimately, healthcare organizations are responsible for ensuring that their providers are qualified. But in a world of advanced technology and provider shortages, it can help to get support from qualified professionals who have dedicated resources for credentialing.

_________________________________________________________________________________

About symplr: 

This may come as no surprise, but we like things to be easy. Our mission, is to lead the industry in simple, easy-to-implement compliance and credentialing software and services.

We are an industry leader in governance, risk and compliance (GRC) software as a service solutions. We help healthcare organizations mitigate risk and ensure compliance. symplr has a single mission: to make healthcare GRC simpler for all constituents of the healthcare community. We’re recognized for our innovative and easy-to-use software as a service solutions and healthcare services, both of which significantly reduce the cost of compliance and increase operational efficiency. 

Our goal is to make governance, risk and compliance the simplest part of your business. It’s right in our name. Spelling aside.