The Credentialing Resource Center (CRC) is the premier destination for credentialing, privileging, and peer review expertise. Membership provides MSPs, quality professionals, and medical staff leaders with a collection of continuously updated tools, best practice strategies, and compliance tips developed by industry experts. With three membership tiers, you can customize your access level depending on your education and training needs. Learn more .
Bottom is a credentialing systems specialist at Ephraim McDowell Health in Danville, Kentucky with more than seven years of experience in medical staff services.
A version of this article was first published November 30, 2020, by HCPro's Credentialing Resource Center, a sibling publication to HealthLeaders.
As part of our initiative to highlight the efforts of MSPs everywhere, the Credentialing Resource Center Team is recognizing all-star MSPs in the community by featuring them in Credentialing Resource Center Digest.
In our latest feature, we would like to recognize Ann Bottom. Bottom is a credentialing systems specialist at Ephraim McDowell Health in Danville, Kentucky with more than seven years of experience in medical staff services.
"Ann is the epitome of a credentialing specialist. She works diligently on all tasks and never leaves a stone untouched. She is a team player and will go above and beyond the call of duty to ensure nothing falls through the cracks as regards credentialing," says Arnetta Meyers, lead credentialing systems specialist at Ephraim and the colleague who nominated Bottom. "Her work product is impeccable, and her work ethic is stellar. She manages the reappointments and expirables with ease, despite the volume and stress. Working with her is ideal, and we have become great friends in the process.
The CRC team reached out to Bottom so that we could get to know her better and hear about her work in the field. Below are the highlights of our conversation:
CRC: What aspect of your career are you most passionate about?
Bottom: I am most passionate about compliance with medical staff bylaws, rules, and regulations, which ultimately helps to ensure quality patient care provided by highly qualified providers.
CRC: What piece of advice would you give those entering medical staff services?
Bottom: Build strong professional relationships that you can rely on when you need advice or assistance.
CRC: If you could sum up being an MSP in three words or less, what would they be?
Bottom: Request and verify.
CRC: What movie do you think everyone should see at least once?
Bottom: It’s a Wonderful Life.
The CRC team thanks Bottom for her countless contributions to the medical staff services profession!
Is there a member of your team that you're especially grateful for this year? We want to know! Email CRC editor Karla Accorto at email@example.com with their name, organization, email address, and a few sentences about what makes them such a great MSP and team member. Your nominated MSP could be featured in an upcoming issue of our Credentialing Resource Center Digest!
Until organizations are capable of accurately capturing the activity of APPs, a temporary solution is to request that APPs provide a log of patients seen.
A version of this article was first published November 23, 2020, by HCPro's Credentialing Resource Center, a sibling publication to HealthLeaders.
Attribution of patient care for advanced practice professionals (APP) has the same implications as it does for physicians in regard to monitoring quality data and billing.
Most APPs are allowed to bill independently for their services; therefore, they must be able to appropriately track the care that they provide to ensure accurate billing.
Many organizations continue to struggle with appropriately attributing care provided by APPs, in particular, when there are specific supervision requirements that must be met before the patient encounter can be closed.
When this occurs, coding these encounters appropriately for billing purposes can be challenging due to limited resources/technological capabilities.
Organizations must find a way to resolve these challenges for many reasons, including patient safety, performance improvement endeavors, risk management, and regulatory and accreditation requirements.
Until organizations are capable of accurately capturing the activity of APPs, a temporary solution is to request that APPs provide a log of patients seen.
Another option is to attribute the outcome data to both the physician and the APP, as appropriate.
For example, attribution of a postoperative infection would be to both the surgeon and the assisting physician assistant, unless the record documents a clear break of technique or complication caused by one of the individuals.
Additionally, whenever a case has been evaluated by a peer review committee and it is determined that care deviated from expected standards, the committee should attribute the case separately to each member of the care team as appropriate.
For example, the committee would need to identify whether specific concerns regarding the care, treatment, or services that did not meet expectations should be attributed to the APP (or other members of the care team) rather than solely to the attending physician.
When a complication is identified and attributed to the APP, it is also important to determine if the complication resulted from the lack of appropriate supervision.
If so, then the complication and supervision concerns would also be attributed to the responsible attending.
A big takeaway from the HHS is the importance of taking appropriate actions beforehand to mitigate the potential of damage caused by ransomware.
A version of this article was first published November 16, 2020, by HCPro's Credentialing Resource Center, a sibling publication to HealthLeaders.
Although ransomware is not a new phenomenon, a recent increase in reported attacks, along with several well-publicized cases, have raised the public's awareness of the threat it poses.
Ransomware can be incredibly damaging because it is designed to infect a system, find and encrypt the system's data, and lock out users until they pay a ransom—typically in an anonymous electronic currency like bitcoin—to regain access through a decryption key.
U.S. Department of Health and Human Services (HHS) guidance states that healthcare entities can better protect against ransomware by implementing security measures required by the HIPAA Security Rule.
According to the guidance, these measures include limiting access to electronic protected health information (PHI) to personnel and software that require it; and conducting risk analyses to identify threats and vulnerabilities to PHI.
A big takeaway from the HHS is the importance of taking appropriate actions beforehand to mitigate the potential of damage caused by ransomware. Unlike malware that simply transfers PHI without authorization, ransomware makes the PHI unavailable or destroys it altogether.
To better prevent ransomware, all staff should be appropriately trained on email and web security as most malware and ransomware comes from those sources says Justin Jett, director of compliance and auditing at Plixer International, a security analytics company based in Kennebunk, Maine.
Additionally, companies should invest in heightened email security solutions, like anti-spam firewalls, which will help prevent the most obvious attacks from getting to employees' inboxes.
HHS guidance suggests that since HIPAA requires the workforces of covered entities to receive security training on detecting and reporting malware, employees can assist with early detection of ransomware by spotting indicators of an attack. These warning signs could include unusually high activity in a computer's CPU as the ransomware encrypts and removes files, or an inability to access files that have been encrypted, deleted, or relocated.
Even if hospitals are vigilant, ransomware attacks may still occur. Again, the guidance suggests that HIPAA compliance may help hospitals recover from ransomware attacks due to HIPAA's mandate for frequent backups of data.
Doron S. Goldstein, partner and co-head of privacy, data, and cybersecurity practice at Katten Muchin Rosenman, LLP, in New York City, warns, however, that some variants of ransomware can lie dormant for a period of time in order to migrate across systems, including into data backups.
Many hospitals and companies keep hot backups as part of their disaster recovery plan. These backups can be automatically or manually switched on if a system goes down.
If ransomware has infiltrated a backup, the backup's data could also become compromised and encrypted by the ransomware as soon as it's activated.
"The important thing about dealing with the impact of ransomware is that it may require additional or different protections compared to what other malware requires to avoid or mitigate its ill effects," says Goldstein.
The appropriate medical staff bylaws must be followed if findings lead to recommendation for action on a practitioner's medical staff membership and/or clinical privileges.
A version of this article was first published November 9, 2020, by HCPro's Credentialing Resource Center, a sibling publication to HealthLeaders.
Increasingly, organizations are implementing policies for evaluating older members of the medical staff—often for practitioners at age 70, or earlier if self-referral occurs. The policy may contain steps such as the following:
1. An anonymous evaluation by selected references.
Peers and staff who work closely with the practitioner.
Assessment of the six competencies (patient care, medical/clinical knowledge, practice-based learning and improvement, interpersonal and communication skills, professionalism, and systems-based practice).
2. Increased ongoing review.
3. Focused review.
4. Health evaluation.
The practitioner may use his or her own annual or employment physical.
The practitioner attests that he or she has had an annual physical and no health conditions that would prevent safe practice were found.
5. Annual, rather than biennial, reappointment.
6. A comprehensive fitness-to-work evaluation in the case of ongoing illness. If the practitioner can safely practice hospital medicine, reasonable accommodations will be made whenever possible in accordance with the Americans with Disabilities Act.
The results of any evaluation are reviewed and discussed with the affected practitioner and the appropriate clinical service line chief, the credentials committee chair, and the medical staff president, or their designees.
If findings do not identify potential patient care concerns, the results are filed in the practitioner’s peer review file as a matter of routine and the reappointment is processed in the usual manner.
However, if the results reveal a cause for concern, the information will be discussed with the affected practitioner and MEC, and action will be taken and protection afforded the practitioner in accordance with your hospital’s medical staff bylaws.
The appropriate medical staff bylaws must be followed if findings lead to recommendation for action on a practitioner’s medical staff membership and/or clinical privileges.
The same peer review process applies to employed and contracted practitioners.
However, administration must be notified and involved when any action is considered on these practitioners’ medical staff membership and/or clinical privileges, as the disciplinary process for these practitioners may differ.
This is a marked increase from the approximately one in 10 that reported using telemedicine in February.
Of those who reported using telemedicine in the month of June, 77% indicated that they had not utilized telemedicine prior to the COVID-19 pandemic.
Approximately 85% of PAs noted that they had begun using telemedicine in their practice as a way of preserving continuity of care while maintaining social distancing for nonemergent patients during the pandemic.
PAs working in primary care were also more likely to use telemedicine than PAs in hospitals, urgent care, and other settings.
Responses were collected from June 6 to June 28. Respondents included 566 PAs, 513 of which indicated they were currently practicing.
The majority of respondents (71.4%) identified as female. Almost half of all respondents (48.5%) reported working in an outpatient clinic or physician office, while 35% reported working in a hospital setting.
Top specialties of respondents included surgery (24.5%), primary care (21.4%), and emergency medicine (11.6%).
The physician reviewer can identify any major variations from standard care guidelines before the plan is implemented.
A version of this article was first published October 28, 2020, by HCPro's Credentialing Resource Center, a sibling publication to HealthLeaders.
Prospective review is the process whereby the evaluated physician describes to the physician reviewer a care plan for a particular patient.
This approach enables the reviewer to concur or disagree with the proposed treatment before the observed physician begins it.
The physician reviewer can identify any major variations from standard care guidelines before the plan is implemented; therefore, the medical staff can be confident about allowing the physician to proceed with the treatment.
This form of review also allows for modifications or adjustments to be made to the physician’s care plan before beginning any irreversible treatment or intervention.
That makes prospective focused review less disruptive to patient care than other FPPE methods.
Because the conversation between the physician and the reviewer occurs before the physician treats the patient, both parties can maintain an air of collegiality between the practitioners.
This, in turn, allows medical staff physicians to establish better interpersonal relationships.
According to the International Council of Nurses, an APP can be defined as “a registered nurse who has acquired the expert knowledge base, complex decision-making skills and clinical competencies for expanded practice, the characteristics of which are shaped by the context and/or country in which s/he is credentialed to practice.
A master’s degree is recommended for entry level.”
There are several APP positions within the healthcare system, including nurse practitioners (NP), physician assistants (PA), nurse midwives, and nurse anesthetists.
Among these exist various distinctions, most notably being independent versus dependent practitioners.
The latter are APPs that must be overseen either by a physician or other licensed independent practitioner. Specific supervision requirements are established by state law.
Consider this: PAs are healthcare providers with state authorization to practice medicine as part of a team of physicians.
They graduate from an accredited program that is modeled after the medical school curriculum and hold national certification in addition to a state license. NPs, on the other hand, must complete a master’s program that makes them eligible to obtain professional certification, usually focusing on one specialty; this certification must be renewed every five years.
Their job duties include assessing patients, ordering and interpreting diagnostic tests, making diagnoses, and initiating and managing treatment plans (including prescribing medication).
The chair wants to boil the data down to a few metrics that the board can track, following the "Less is more" principle.
A version of this article was first published October 19, 2020, by HCPro's Credentialing Resource Center, a sibling publication to HealthLeaders.
Although the board is ultimately responsible for oversight of the organization, the level of data detail presented decreases as the level of authority increases.
Unfortunately, physician performance data does not have the well-established metrics that are available for other data, such as financial data reporting. In this new era of quality data, the industry is still making its way through uncharted waters.
Take for example a hospital-board quality subcommittee that is still presenting a relative abundance of data with the assumption that it will help its members understand quality better.
The chair wants to boil the data down to a few metrics that the board can track, following the “Less is more” principle.
In order to do so, use the following principles, which can help guide development of an effective oversight report for the oversight bodies:
Define mutually agreed-upon measures and targets: It is not uncommon to assume that the board doesn’t know much about peer review data, and your job is to decide what data they need. Having an open dialogue with the board (typically the subcommittee) about what it would like to receive is a great way to increase the likelihood that it will understand what it receives.
Use a consistent format: If you see someone you meet in a work setting, like a hospital, and meet that person again in a recreational setting, like a soccer game, you may not recognize him or her because he or she is wearing different clothes. The same is true for data: Clothing data in different formats makes it more difficult to recognize the data’s meaning.
Provide detail only if needed for action: Too often, detail-level data is presented on every item just in case someone asks about it. At an oversight-body level, however, detail is only needed if the oversight body is being asked to take an action other than approving the data
A criteria-based program prevents physicians from applying for privileges they are not competent to perform, which, in turn, prevents denial of privileges.
A version of this article was first published October 14, 2020, by HCPro's Credentialing Resource Center, a sibling publication to HealthLeaders.
In order to consider a change to core privileges, you should first examine the privilege delineation system currently in place at your organization.
Most likely you will find many examples to bolster your case for a conversion to a criteria-based core privileging system. Areas that you want to evaluate include the following:
Consider the existing privilege list(s). Are they up-to-date, or are they 30 years old? Are any procedures on the lists obsolete or no longer performed at the organization? If the lists are not current, now is the time to start culling privileges for procedures not currently performed at the facility. If your forms are out-of-date laundry lists, the forms themselves provide ample examples of the complexity, burden, and difficulty in maintaining the multitude of privilege lists.
Is your privilege delineation system outlined in the bylaws or policies and procedures? There must be some form of continuity to the system.
Is your privilege delineation system criteria-based? A criteria-based program prevents physicians from applying for privileges they are not competent to perform, which, in turn, prevents denial of privileges. For example, if you require postgraduate training in general surgery to request the core and a physician has not had the required postgraduate training, then that physician does not meet the requirements for those privileges. Therefore, an application for those privileges is never acted upon, and no outright denial (a reportable occurrence and potential trigger of a fair hearing) happens.
When hospitals and their medical staffs establish expectations of physicians, it is critically important that the organization has the ability to provide physician-specific measurements that can be offered with reasonable assurances of accuracy in an individual physician performance report.
A version of this article was first published October 12, 2020, by HCPro's Credentialing Resource Center, a sibling publication to HealthLeaders.
Physicians may claim that the data used to carry out peer review is invalid.
This is a claim that many medical staff leaders have heard. It is true that the discovery of even the slightest inaccuracy will invalidate the entire performance report in the minds of some physicians.
They will assume, and no one would blame them, that if the report includes one inaccuracy it is likely that there are additional inaccuracies. The problem is that data are often imperfect, and waiting for perfect data may be an impossibly long wait.
It is imperative, however, that data be as accurate as possible. When hospitals and their medical staffs establish expectations of physicians, it is critically important that the organization has the ability to provide physician-specific measurements that can be offered with reasonable assurances of accuracy in an individual physician performance report.
By way of example, the organization may wish to report compliance with an evidence-based protocol. If the electronic health record (EHR) is robust, utilized by the vast majority of admitters, and is capable of producing a report automatically, this would be a good measure.
On the other hand, if the system is poorly utilized and manual abstraction is required to determine compliance, this measure may be a poor choice upon which to gauge physician competency and performance.
You may also hear the following claims from physicians in regard to the accuracy of performance data:
Attribution (“It’s not my patient”): Accuracy of attribution is critical to the credibility of the peer review process. If a question is raised about the quality of care delivered, it is important that the correct practitioner be identified. For example, a patient may have a surgical procedure by a gynecologist and then be transferred to an internist for continued medical care in the hospital. If there is a question about a direct complication from the surgical procedure itself, the gynecologist should get the query, not the internist. No system has perfect data or is able to always accurately attribute care to the appropriate physician; however, acknowledging this and working with physicians to improve the process will lend increased credibility to peer review efforts at your organization.
Risk adjustment (“My patients are sicker!”): The use of severity-adjusted data when available can help halt this objection at the start. Likewise, using national benchmarks, even if imperfect, is often better than some in-house-defined standard.
Sample size (“The ‘n’ isn’t big enough”): Sometimes we need to remind our colleagues that measuring performance is not the same as conducting a statistical study. Medical staff leaders are not using performance reports to decide when corrective action is necessary. These reports are part of the organization’s efforts to improve physician performance. If the physician follows national practice guidelines and delivers high-quality care to eight out of 10 patients, the concern should not be whether “n” is sufficient. The concern is that the physician did not deliver the best practice care to two of the 10 patients. Therefore, any “n” is sufficient.
Incomplete data: All medical data is incomplete to some extent. The easiest data to obtain—billing data—is frequently the most incomplete. It depends on what the physician wrote, what the coder could read of what the physician wrote, and what finally came out of the coding computer after all of the data was entered. This system filters data at many levels. Data extracted by nurses, such as core measure data, tend to be more complete. But again, there is a small amount of filtering here. The most complete data are those by physicians in the peer review process (if unbiased). But all of the data are valid for performance improvement purposes.