‘Remove vendor credentialing requirements that add cost, but not value’
Sticking points remain. And the number of healthcare organizations participating in the dialogue remains low. But many who attended this summer’s Vendor Credentialing Summit in Alexandria, Va., hosted by the Healthcare Industry Supply Chain Institute, believe the industry is coming closer to reaching consensus on what has been a thorny issue.
“Overall, the Summit was very productive,” says Shawn Walker, owner, Bay State Anesthesia, North Andover, Mass., and past president of IMDA, the association for specialty medical distributors. “We clearly have our own perspective. But everyone who attends [the Summit] wants to make the process better and do what it’s supposed to do – protect the safety and privacy of patients.
“But we need to get more hospitals involved. They don’t understand the issues, because they’re not here to hear them.”
Best Practices
At the Summit, the Coalition for Best Practices for HCIR Credentialing (www.hcirbestpractice.org) released its “Joint Recommendations for Healthcare Industry Representative Credentialing Best Practices.” The document largely reflects the Coalition’s 2012 working draft, but also recommends HIPAA/HITECH training for Level I reps, that is, those who do not have access to clinical areas.
“A process with duplicative efforts, duplicative requirements, and duplicative costs without incremental value is not a viable long-term solution,” says Rhett Suhre, director, HCIR credentialing, Abbott, and an active member of the Coalition. “Aligning on best practices will be good for providers, suppliers and most importantly, patients.”
Organizers of the Coalition circulated a draft of recommended best practices for vendor credentialing in the summer of 2012. Borrowing from concepts proposed by the Indiana Hospital Association as well as Mayo Clinic Vice Chair, Supply Chain Operations Bruce Mairose, the committee sent the draft to various organizations for review, including the American Hospital Association, American College of Surgeons, Association of periOperative Registered Nurses and the American College of Cardiology, among others, and sought clarification on key points from OSHA, CDC, The Joint Commission and others.
“We have incorporated the information that we have received into the Best Practices recommendations and hope that this clears up some of the misunderstanding or misinterpretation,” says Suhre. “We will continue to seek input in areas that are not clear.”
Three levels of reps
As did the draft document of 2012, the Best Practices categorize sales reps into one of three categories, each with its own recommended set of requirements:
- Level I – HCIR guests. Defined as individuals who may seek access to a healthcare organization’s facility, however do not have access to clinical areas, do not provide technical assistance, do not operate equipment, do not enter patient care areas and do not provide assistance or consult with patient care staff or clinicians.
- Level II – Tech support and sales HCIRs. (Access to patient care environments excluding sterile or restricted areas.) Defined as individuals who serve primarily in a technical support role or product and service sales role. They may provide technical assistance, may occasionally assist with operation of equipment and be in a patient care environment that is not defined as a restricted or sterile procedure area. Their role requires them to often work in patient care areas where other visitors may be present and/or provide assistance to or consult with patient care staff. This also includes vendor and supplier sales representatives that interact with care providers for the purpose of sales, education and technical support.
- Level III – Clinical support and sales HCIRs. (Access to patient care environment including sterile or restricted areas.) Defined as individuals who serve primarily in a clinical support or product sales/service role while attending or observing patient procedures. They often provide technical information and serve as a resource for the medical professional by responding to questions regarding the appropriate operation of the medical equipment.
Much yet to be done
The newly published Best Practices add HIPAA/HITECH training to the Level 1 HCIR requirements, says Suhre. “This addressed the groups’ concerns about incidental exposure to protected health information. There are a couple of other areas that are being discussed, such as what drug screening – if any – is needed, as part of the credentialing process.”
Issues surrounding background checks are another case in point. “If a supplier follows the industry Best Practices recommendation, and the background check is done properly, there is no incremental value in additional background checks,” says Suhre.
Despite the areas of disagreement, Suhre is optimistic. “We now have a viable alternative solution that meets the common goals but in a more efficient and effective manner. In the past, there was not a viable alternative that everyone agreed on.
“We have begun to see adoption of the Best Practices, and the initial results are impressive. The number of adverse events has decreased or remained stable since the implementation of best practices. There have also been increased efficiencies, and the level of compliance has increased significantly. As more facilities adopt and implement the Best Practices, we will be able to provide more metrics on the advantages to alignment.”
Editor’s Note: JHC readers can view the Best Practices at http://www.hcirbestpractice.org/?page_id=9
Where’s the value?
It’s all about value, says Jim Ziegra, HCIR credentialing manager for heart pump manufacturer Abiomed, Danver, Mass.
“Background checks are a good example,” says Ziegra, who spoke about the topic at this summer’s Vendor Credentialing Summit. “Many [healthcare industry reps] are required to submit to a second and in some cases, a third background check as part of the credentialing process. We consider this superfluous and have to ask the question, ‘Does an additional background check add incremental value?’ If not, then eliminate it.”
Background checks are the cause of much discussion – and disagreement – among vendors and providers, says Ziegra. “One of the problems with defining a background check is a lack of consistent terminology and understanding, specifically, what the different types of searches will produce and how they are conducted. Also, keep in mind not all illegal or improper behaviors end up in a criminal court.”
After many hours of discussion among all stakeholders, the Coalition for Best Practices in Healthcare Industry Representative (HCIR) Requirements arrived at six essential “best practice” elements for an HCIR background check:
- Social security number trace/validation: Confirms year and state of issue along with names and addresses associated with SSN.
- Criminal records check: Five-year county, state, and federal criminal (felony and misdemeanor) background check – resident states only.
- National criminal database records check: Database check of available criminal records indexes.
- National sex offender public registry check: National database of registered sex offenders maintained by the U.S. Department of Justice.
- Healthcare sanctions search (HHS/OIG/GSA/FDA/OFAC list match): Identifies individuals listed by the government as excluded from participation in Medicare, Medicaid and other federal healthcare programs.
- Five-panel drug screening: Tests for drugs or controlled substances which are: 1) not legally obtained, or 2) legally obtained, but not used in a lawful manner.
Ziegra says employers of sales reps are in the best position to ensure that their reps meet all credentialing requirements. What’s more, employers have the legal right to ensure compliance. “Employers should be solely responsible for conducting HCIR background checks, retaining the results, and certifying same to healthcare providers,” he says.
Accuracy – or lack thereof
There’s an additional, contentious, issue associated with background checks – their accuracy, or lack thereof.
“Employers spend roughly $2 billion a year on background checks, and there are literally thousands of third party vendors who do background checks,” says Ziegra. “Legally, the company that does the background check is responsible for the accuracy of any report they produce. But remember that ALL records MAY contain errors, and most background check reports reflect this with a disclaimer. It is imperative that all background check reports be reviewed for completeness and accuracy by the [sales rep’s] employer.”
Employers can increase the likelihood of getting accurate background checks by:
- Working with a local firm they know and trust, and whom they can reach directly and immediately.
- Becoming familiar with the firm’s quality
- Determining if the firm has a membership in the National Association of Professional Background Screeners, which has an accreditation process for members.
What’s more, providers and vendors need to keep in mind the big difference between “information” and “proof,” continues Ziegra. “A third-party-generated report that indicates a criminal conviction is not the same as a certified copy of a conviction record from a court.”
Ziegra suggests employers take the following steps to help ensure the accuracy of the background checks they receive on potential employees:
- Understand how the court systems work – District, Superior, and Federal.
- Obtain a photo ID from all applicants and at least one other form of ID for verification.
- Obtain the Social Security Number of the applicant. When doing so, ask not just for the number, but also ask to see the card.
- During the application process, ask the candidate to list all the places he/she has lived for the last seven years. If the candidate says he can’t recall them all, consider that to be a very big red flag.
- Ask in writing if the candidate has ever been arrested or convicted in any jurisdiction. Sometimes arrests are incorrectly reported as convictions, and sometimes misdemeanor convictions are incorrectly reported as felonies.
- Do some in-house Internet searches (e.g., Google Advanced, Pipl, and Spokeo) to see what pops up.
- Check federal court records, nationwide, by setting up an account with PACER, the Public Access to Court Electronic Records.
Joint Commission to providers: ‘Say what you’re going to do. Do it’
For some time, the industry has looked to The Joint Commission to spell out the rules of the road for vendor credentialing – that is, exactly what vendors need to provide, and what healthcare providers should demand. Ten years ago, The Joint Commission might have complied. That’s because the organization was fairly prescriptive in dictating how providers should meet its standards.
But that has changed in the past 10 years, and that change is reflected in the organization’s approach to vendor credentialing, explains Roberta Fruth, PhD, RN, FAAN, CJCP and senior consultant for Joint Commission Resources, the organization’s consulting arm.
“We still have standards,” says Fruth, who spoke at this summer’s Vendor Credentialing Summit. But the organization doesn’t spell out how providers should meet them. “Now we say, ‘These [standards] are based on evidence-based practice. Based on your organization, the patients you serve and your resources, how are you going to meet them?’” Hospitals are expected to address these standards through their policies, programs and plans. The Joint Commission, then, determines through its survey process whether the provider is following through on its policies.
In July 2012, The Joint Commission published an FAQ spelling out its expectations regarding non-licensed, non-employee individuals in healthcare organizations, including healthcare industry representatives. (See http://www.jointcommission.org/standards_information/jcfaqdetails.aspx?StandardsFAQId=423&StandardsFAQChapterId=66.)
In the FAQ, the organization said that “in order to maintain patient safety, accredited health care organizations need to be aware of who is entering the organization and their purpose at the organization.”
“There are additional expectations for non-licensed, non-employees that have a direct impact on patient care,” including sales reps in procedure rooms/operating rooms providing guidance to the surgeon, and reps providing training to staff on equipment use, according to the FAQ. Additional requirements include:
- Taking steps to ensure that patient rights are respected, including communication, dignity, personal privacy and privacy of health information.
- Obtaining informed consent in accordance with organization policy.
- Implementing infection control precautions.
- Implementing a patient safety program.
From The Joint Commission’s perspective, the bottom line for providers is simple: Have a policy, then do what you say you’re going to do.
At Mayo Clinic, predictability and uniformity are key to making credentialing work
Predictability and uniformity of vendor credentialing requirements can lower costs for providers and suppliers, while ensuring patient safety, says James Stansel, coordinator, operations, Mayo Clinic Supply Chain Management, Jacksonville, Fla., and an attendee of this summer’s Vendor Credentialing Summit.
Mayo – which spans eight states and 15 acute-care facilities – took steps to provide both predictability and uniformity last year, when it drew up suggested standard requirements for vendor credentialing, hoping other healthcare providers would consider adopting them as well. That was accomplished largely through the work of Vice Chair Supply Chain Operations Bruce Mairose.
Mayo categorizes reps into three levels (the same approach adopted by the Coalition for Best Practices in HCIR Credentialing, in which Mayo participates), explains Stansel:
- Level I reps are those who do not go into patient care areas. Perhaps they call only on purchasing or central supply. Such reps need a company ID, and they need to agree to adhere to Mayo’s code of conduct policy for healthcare industry and supplier/sales representatives.
- Level II reps are those who call on clinical settings, such as doctors’ offices. Such reps need TB tests, flu shots (or masks), HIPAA training, other immunizations, etc.
- • Level III reps are those who set foot in the OR and other secure areas. Such reps must meet all the requirements of the Level II rep, as well as criminal background checks, drug screening, etc.
Mayo spells out its ground rules for vendor credentialing on its website, so there’s no confusion on the part of sales reps calling on a Mayo facility. “We’re trying to keep healthcare costs down,” says Stansel. “And one way to do that is to adopt a uniform policy.”
Distributor exec sees silver lining
There’s much that’s right about vendor credentialing today, says Doug Cones, director, sales operations, Cardinal Health. “I think the level of ongoing dialogue between providers and suppliers has improved, and has produced tremendous results in acceptable Best Practices, which exceed most provider requirements,” says Cones, referring to the recently released “Joint Recommendation for Healthcare Industry Representative Credentialing Best Practices,” compiled by the Coalition for Best Practices in HCIR Requirements (www.hcirbestpractice.org).
“The members of the Coalition have worked collaboratively to develop standards to meet the very important goals of patient safety and confidentiality. I believe the mission of the Coalition – to streamline the process for all stakeholders, suppliers and providers – is also correct.” Streamlining will lead to lower costs for providers and suppliers, he adds.
“Coming out of the Summit, we’re having good, candid discussions; we’re getting out the elephants in the room. I’m encouraged by the collaboration and best practices.”
That said, work remains to be done, says Cones. “Credentialing should be streamlined… to ensure that representatives who enter any healthcare facility have all met the standards.” With somewhere between 4,000 and 5,000 hospitals, and with some reps servicing 10, 20 or even more accounts, “there’s a high cost of non-standardization.
“The goal is to remove [requirements] that don’t matter – that add cost, but not value.”
Where UHC goes, other providers may follow
UHC’s endorsement of the recommended Best Practices for vendor credentialing, published by the Coalition for Best Practices in HCIR Requirements (www.hcirbestpractice.org), could cause other healthcare organizations to take a hard look at the document. That’s because Chicago-based UHC represents 118 academic medical centers and 299 affiliated hospital members.
Doug Smith, senior director, capital resources and supply chain services, is on the steering committee of the Coalition, and has served as a conduit between that organization and the UHC membership. In early 2013, Smith presented the recommended Best Practices to a UHC supply chain committee working on vendor management issues. After Bruce Mairose, vice chair, supply chain operations for Mayo Clinic (a UHC member) made a presentation to UHC supply chain representatives on the Best Practices, UHC moved to endorse them. They have since been posted on the organization’s website.
“We recognize our members will modify [the Best Practices] based on their organization’s or state’s requirements,” says Smith. “But we can endorse them and encourage our members to implement them.”
Few provider organizations attended the Summit, notes Smith. But providers and vendors will be best served by reaching consensus around credentialing, he adds. “People do believe that the Best Practices document is beneficial, and that it has the potential to reduce cost for suppliers as they try to meet the credentialing requirements.”
At Intermountain, everyone’s on the same page
Intermountain Healthcare has 99 percent compliance to its vendor credentialing program among the many suppliers who call on the facilities of the Salt Lake City, Utah-based IDN every day. It has been able to do so by gaining the support of hospital leadership, physicians and staff, says Jo Ann Autenrieb, supplier access program manager, who has been in charge of the IDN’s vendor credentialing program since 2007, and who has been a regular attendee at past Vendor Credentialing Summits. With that support in place, suppliers have little choice but to adhere to the program. It’s a simple formula, but it takes work.
“We have consistent education and communication, not only with our suppliers, but with everyone in the hospital organization,” says Autenrieb. Everyone at Intermountain knows what is expected of vendors and what they need to do in order to make sure suppliers are in compliance, she says. “We’re all on the same page.” Just as important, vendors know the rules too.
An active participant in the Coalition for Best Practices in HCIR Credentialing (www.hcirbestpractice.org), Autenrieb supports the recently published Best Practices, but points out that Intermountain is not in alignment with all of them. That’s because at Intermountain, as at other provider organizations, policies and procedures emanate from many different areas of the organization, not just supply chain, she says. And some policies are unique to Intermountain and its patient population. Given Utah’s young population, for example, pertussis is of great concern to the Intermountain staff. That’s why the IDN insists that Levels II and III sales reps be immunized – a more stringent practice than that recommended by the Coalition. Similarly, fire and safety codes vary from state to state, she adds. Individual healthcare organizations must adapt the Best Practices to their own localities.
Autenrieb believes vendor credentialing has progressed a great deal in recent years. Pointing to the growing analytics capabilities of vendor credentialing organizations, for example, she says that supply chain departments are able to run reports on supplier activity in various areas of the hospital.
Yet there’s room for improvement. The challenge is to get more hospitals and IDNs to buy into the Best Practices process. “It is pretty difficult and frustrating for a supplier to go from one hospital organization to another, each with its own expectations,” she says. At the same time, vendors need to educate themselves on the pressures and demands that hospitals face from various regulatory bodies, which affects hospitals’ approach to risk management, infection control and other topics.
The informed sales rep
If a sales rep were educated on basic cardiology issues, cardiologists would probably be more inclined to spend time with him or her. That’s according to Ron Anson, director of business development and entrepreneurship, American College of Cardiology, who tackled this topic at this summer’s Vendor Credentialing Summit.
For a little over two years, the American College of Cardiology has offered web-based and live training for reps on a number of topics, including the fundamentals of cardiology, structural heart disease, acute coronary syndromes, heart failure, coronary artery disease, and atrial fibrillation. “We want the industry representative to be of greater value to our membership, by being able to engage in conversation that goes beyond individual company product training or clinical application training,” said Anson following the Summit. “And we repeatedly get feedback from our members and reps that we’ve been successful in doing that.”
In response to a survey, approximately 60 percent of American College of Cardiology members said they meet with sales reps one to three times a week, and an additional 24 percent said they meet with reps four to six times every week, said Anson. Seventy-seven percent said they would be more likely to meet with a rep if he or she had ACC training.
The College’s 2.5-day live training programs are delivered at various locations by cardiologists, says Anson. “Before we started the program, we surveyed our membership, who felt that industry does an outstanding job at making sure reps know their products and their use. But we felt there could be improvement in their knowledge of utilization of competing products or treatments, and in the application of appropriate-use criteria and guidelines.”
At the conclusion of the training program (following successful completion of a final exam), attendees receive proof of attendance, and permission to run an American College of Cardiology logo on their business card.
“It is within the mission of the College to provide education on cardiovascular disease and treatments, and the College sees industry as another constituency that is in need of education from experts,” says Anson. “We at the ACC see the educational effort of the College as a key component of ensuring that industry representatives are prepared and have the knowledge base to enter the cath lab. Because of this, we see the ACC as needing to play a role in the credentialing process.”
Sidebar: Sticking points remain
Despite the progress in vendor credentialing, thorny issues remain:
- Background checks. Is it necessary for reps to have drug screening? Who should do it? How often? And how many drugs should reps be tested for?
- Business associate agreements. Do reps need to sign them? Do they even have the authority to do so?
- Rep competency. How can a rep demonstrate his or her competency to sell the products in his or her bag? And how would that be done by reps from general-line distributors, who represent thousands of products?
- What if a rep is identified as a sex offender? Who verifies that? And what happens if the finding is based on a mistake in the database?
- Which reps need to get vaccinations? For what diseases? And what if a rep is unable to get a vaccination due to a medical condition?
- And why is it relatively easy for healthcare organizations to get reports on which reps are compliant and which are not, but vendors sometimes find it difficult to get the same reports on their own reps?
“…independent reps at smaller firms also find it prohibitively expensive because they personally must absorb the qualification costs that the larger suppliers cover for their employed and contractual reps.” Intermountain Healthcare may be proud of their 99% compliance rate but the push to get contracts signed is leading to poorer quality of care in some areas. In one Utah city IHC is headed towards contracting with a vendor over 120 miles away for this very reason. That means no stat doses and reduction of service overall…some tests that cannot be conducted at all if held up by even minor traffic delays. The side effect of what happened to a local vendor that could not accommodate the increased cost of vendor credentialing. So…at the end of the day IHC can boast about their compliance raters…but at what cost to patient care? One physician said “You are setting medical care back 50 years here.” So again…at what cost?