Breaking It Down: Understanding NCQA and CMS Requirements

Auditor Scrutinizing Financial Documents

CMS vs. NCQA Requirements

When it comes to credentialing and compliance, there’s a lot to keep in mind. One of the most fundamental issues is this: what compliance standards are you trying to meet?

The answer: it depends! For health plans, there are two major bodies to be familiar with: CMS and NCQA. The credentialing process itself is fairly similar for both CMS and NCQA, but there are substantial differences between the two organizations.

Basics of CMS Compliance: Staying Compliant With the Government

CMS stands for the Center of Medicare and Medicaid Services. It is a federal agency under the Department for Health and Human Services. CMS responsibility includes administering two major federally-funded government programs: Medicare and Medicaid.

At a minimum, all health plans contracted to serve Medicare or Medicaid members must demonstrate compliance with federal standards for credentialing. For example, this would include Medicare Advantage Plans and Medicaid Managed Care Organizations.  Section 42 in the code of Federal Regulations elucidates requirements for these programs. The regulations for Medicaid Managed Care are outlined below:

Medicaid Managed Care Regulations (42CFR § 438.214 Provider selection)

(a) General rules. The State must ensure, through its contracts, that each MCO, PIHP, or PAHP implements written policies and procedures for selection and retention of providers and that those policies and procedures include, at a minimum, the requirements of this section. 

(b) Credentialing and recredentialing requirements. (1) Each State must establish a uniform credentialing and recredentialing policy that each MCO, PIHP, and PAHP must follow. (2) Each MCO, PIHP, and PAHP must follow a documented process for credentialing and recredentialing of providers who have signed contracts or participation agreements with the MCO, PIHP, or PAHP. 

(c) Nondiscrimination. MCO, PIHP, and PAHP provider selection policies and procedures, consistent with §438.12, must not discriminate against particular providers that serve high-risk populations or specialize in conditions that require costly treatment. 

(d) Excluded providers. MCOs, PIHPs, and PAHPs may not employ or contract with providers excluded from participation in Federal health care programs under either section 1128 or section 1128A of the Act. 

(e) State requirements. Each MCO, PIHP, and PAHP must comply with any additional requirements established by the State. 

Understanding NCQA Credentialing Program Requirements: The Gold Standard for Credentialing

The National Committee for Quality Assurance (NCQA) is a nonprofit organization focused on using measurement, transparency, and accountability to highlight top performers and drive improvement in healthcare. Many government and private entities choose to achieve NCQA accreditation and/or certification because it is the industry gold standard.

Engaging a Credentials Verification Organization (CVO) with NCQA CVO Certification demonstrates a health plan’s commitment to ensuring a high-quality provider network.  

For a CVO to achieve an NCQA certification, there is an application process. The process is an extensive one and can sometimes last around a year. The process for a health plan to achieve NCQA Accreditation can be even more arduous. To learn more about the process, the NCQA offers information and survey tools.  

The list of required primary source verifications mandated by NCQA for a compliant credential is quite similar to that of CMS.  It is the processes and controls the NCQA has developed, and for which it audits participating organizations against, that help ensure efficiency and effectiveness.   

It’s important to understand that CMS compliance is not interchangeable with an NCQA credential. CMS won’t give your health plan a pass just because you have an NCQA credential, and NCQA won’t award a credential simply because you are CMS compliant.

CMS, NCQA, or Both?

For most health plans, it’s not a matter of choosing between CMS and NCQA. For any plan that is contracted to serve Medicare and Medicaid patients, CMS compliance is mandatory. Pursuing NCQA accreditation, on the other hand, is frequently a choice that may (or may not) make sense for your health plan.

NCQA health plan accreditation demonstrates organizations broad commitment to a high standard. Selecting an NCQA Certified CVO to perform credentialing furthers that dedication towards ensuring a quality provider network, but it can also confer many benefits that you just can’t get from CMS compliance alone.

What The Credentialing Process Looks Like, and How To Prepare

While CMS and NCQA are different bodies with different goals, there are similarities in the credentialing process itself. Here’s a brief overview of what you’ll need (a more comprehensive list can be found here)

  • All Licensed Independent Professionals will need to have verified credentials, but verifying credentials for all other practitioners is best practice.
  • Several primary sources must be verified: license, the highest degree of education, Drug Enforcement Agency certificate, and board certification (if applicable). This should be done using a reliable Primary Source Verification process. Health plans must recredential all providers at least once every three years to demonstrate continued compliance.
  • CMS and NCQA offer manuals describing standards for compliance and accreditation. Reference this information as you prepare for the credentialing process. The requirements are quite extensive, and many health plans find that they don’t know what they don’t know. For help in figuring all of this out, reach out to andros to learn how we can help you stay compliant.

We hope this breakdown helps you understand the requirements for both NCQA and CMS, and how to decide what path is best for your organization. If you have any questions or would like to learn more about how andros can help your team, please reach out to us at  

More To Explore

Andros Unveils New Brand Identity

Andros, a healthcare industry leader in next-generation provider network management solutions, has unveiled a fresh and original brand look. This new brand identity was developed