Risk Management Tools & Resources

 


Risk Perspectives in Telehealth: Credentialing and Privileging

telehealth-credentialing-privileging-risks

Laura M. Cascella, MA, CPHRM

Credentialing and privileging — the processes by which a healthcare organization assesses and confirms the qualifications of a healthcare provider and authorizes the provision of specific services — play an important role in patient safety and high-quality care. These processes are essential for traditional, in-person care as well as for healthcare delivered through telecommunication technology (telehealth).

Although a telehealth provider at a remote location (distant site) will not have the same relationship with a healthcare facility (originating site) as its onsite providers do, the facility still must exercise the same level of due diligence in its screening and selection processes. Individuals accountable for credentialing and privileging must ensure that the distant site practitioner is legally allowed to provide care to the specified patient population and is qualified for the scope of services requested.1

Credentialing and privileging can be time-consuming and expensive, often creating a barrier for smaller hospitals and healthcare facilities looking to increase their patients’ access to specialty care through telehealth. To address this issue, the Centers for Medicare & Medicaid Services (CMS) issued regulations on credentialing and privileging requirements for telehealth practitioners. CMS Conditions of Participation allow the governing body of an organization whose patients are receiving telehealth services to rely on credentialing and privileging decisions made by a distant site hospital or telemedicine entity, such as a teleradiology group or ambulatory surgery center.2 This process often is referred to as “credentialing by proxy.”

Credentialing by proxy helps organizations save time and money, but requirements must be met by both the originating site and the distant site. These requirements are as follows:

  • The two parties must have a written agreement.
  • The distant site must be a Medicare-participating hospital or telemedicine entity.
  • The telehealth provider must be privileged at the distant site.
  • The distant site must provide the originating site with a current list of the telehealth provider’s privileges.
  • The telehealth provider must hold a license that is issued or recognized by the state in which the originating site is located.
  • The originating site must conduct an internal review of the telehealth provider’s performance and provide this information to the distant site.
  • The originating site must inform the distant site of all adverse events and complaints regarding the services provided by the telehealth provider.3

Credentialing by proxy helps reduce the time and financial burdens associated with the originating site having to duplicate credentialing and privileging processes. However, due diligence and oversight of telehealth services are still essential. The American Society for Health Care Risk Management states “Risk managers at originating- and distant-site hospitals should collaborate with medical staff leaders to confirm that applicable credentialing requirements are in place for their telemedicine providers.”4

Further, the governing body at the originating site is responsible for ensuring that the distant site hospital or telemedicine entity is providing telehealth services that comply with CMS Conditions of Participation and other standards for contracted services.5

Beyond federal credentialing and privileging standards, states, accrediting bodies, certifying organizations, and third-party payers also may have credentialing and privileging standards related to telehealth. Healthcare organizations engaged in telehealth activities and programs should be aware of the requirements that apply to them.

For more information about credentialing and privileging of telehealth services, visit the Center for Connected Health Policy and the American Telehealth Association. For more detailed information about credentialing and privileging in healthcare organizations, see MedPro’s guideline on these topics.

Endnotes


1 ECRI. (2022, February 21). Telemedicine. Healthcare System Risk Management. Retrieved from www.ecri.org

2 42 U.S.C. § 482.12; 42 U.S.C. § 482.22; 42 U.S.C. § 485.616

3 42 U.S.C. § 482.22

4 Russell, D., Boisvert, S., & Borg, J. D. (Eds.). (2018). Telemedicine risk management considerations. The American Society for Healthcare Risk Management. Chicago, IL: ASHRM.

5 42 U.S.C. § 482.22