Mitigating risk across the healthcare supply chain

Follow @SamJermy and @SupplyChainD on Twitter.

The modern healthcare supply chain is a key driver for stripping out unnecessary costs in order to free resources to help ensure quality patient care. More than ever before, provider and supplier organisations are working in lockstep to automate and streamline previously manual and error-prone processes. But as the healthcare supply chain has broadened so, too, has the increase in complexity and potential risks for provider organisations.

Because the task for onboarding, contracting, managing, and paying trading partners most often falls to the supply chain department, savvy leaders know the supply chain function can no longer operate in a silo that fails to include compliance. Forward-looking provider companies have recognised that by closely linking supply chain and compliance functions, they can more efficiently and effectively comply with increasing regulatory demands, while enhancing patient safety, safeguarding patient privacy and protecting revenues.   

What You Don’t Know Can Hurt You

Healthcare firms and employees interact with thousands of vendors on a daily basis through both face-to-face interactions on-site at their facilities and remotely via telephone, email, fax, text and other electronic means of communication. Not knowing the personnel with whom staff is interacting and who is coming in contact with patients, or patient information, presents significant risks.

For an organisation to maintain its accreditation with regulatory agencies, it must have policies and procedures in place to track who is in its facilities and where they are at all times. Furthermore, it is a provider organization’s responsibility to ensure those vendors classified as “business associates” have safeguards in place to protect patient healthcare data. Vendors that are not credentialed pose risk to an company; risk for noncompliance with regulatory requirements and, ultimately, risk to patient safety.

Non-credentialed vendors also present risks to the financial health of provider organisations. For example, if a group transacts business with a vendor that has been subject to a government sanction, such as those published monthly by OIG, and applies for government reimbursement for that vendor’s products, they will be denied payment. Other risks include Medicare fraud, vendor rep conflicts of interest, violation of the CMS Stark Law, and non-compliance with gift laws.

The Role of Supply Chain and Credentialing

Because a supply chain team is responsible for onboarding new vendors and managing existing business relationships, the task of vendor credentialing is a natural fit.  What supply chain leaders need is the ability to access in-depth and timely information on vendors and their individual representatives. They need visibility into the entire pool of trading partners, with information on who is credentialed and who is not.

By combining supply chain and compliance functions, an organisation can more efficiently and effectively comply with increasing regulatory demands, while helping enhance patient safety, safeguarding patient privacy and protecting revenues.  Specific benefits include:

Maintain Accreditation with Regulatory Agencies that Drive Reimbursements

Knowing who its business partners are and which ones operate within its facilities increases a firm’s ability to meet accreditation and regulatory requirements. By centralising all vendor data in one place, an organisation can quickly and easily access the information it needs in the event of an audit, including the percentage of vendors in compliance with its policies.

Protect Patient and Staff Safety

Through the credentialing process, a business can require vendor reps to have the same level of infectious disease vaccinations as onsite staff. It can also ensure that reps are following facility procedures, such as proper attire and other requirements, before entering patient care areas.

Protect Patient Data

Healthcare is the most targeted industry for cyber-attacks and patient data security is a growing concern. A credentialed supply chain helps a healthcare organisation comply with HIPAA Final Omnibus Rule and HITECH Act regulations by allowing it to identify vendors defined as “business associates”. It ensures its compliance policies are followed not only by vendor reps that come on-site but also those processes internal to vendor companies that have access to electronic protected health information (ePHI).

Safeguard Your Business

Credentialing the supply chain protects an organisation’s operations with monthly OIG and state sanction checks to ensure its vendors are clear of any government sanctions. It also provides a streamlined solution for vendor policy acknowledgment, including Stark Law disclosures, gift policies and conflicts of interest. 

Vendors and their representatives play a critical role in healthcare, supplying products and services without which providers could not care for patients. But when healthcare groups do not have in place policies and procedures to effectively manage vendor relationships, they place its patients, staff and operations at considerable risk.

By aligning vendor credentialing with supply chain processes, an organisation can streamline the way it identifies which of its vendors are credentialed, which are not, and quickly and easily bring non-credentialed vendors into compliance with internal and regulatory policies. Effective vendor management significantly minimises risk, protecting healthcare organisations, its staff and its patients.