The Elephant in the Room: Provider Validation
By Miranda Rochol
I’ve seen and heard a lot of discussion about EHRs and identity proofing – the process of verifying that a provider is who he or she claims to be. Identity proofing has been a hot topic in healthcare for years, starting with the Medicare Modernization Act (MMA) of 2003, when e-prescribing was promoted as a vital part of reducing prescription errors and enhancing patient safety. Prior to that, e-prescribing was a novel concept.
Today, the majority of office-based physicians (73 percent) send e-prescriptions and nearly all community pharmacies (95 percent) receive them. This wouldn’t have been possible without EHRs or identity proofing. Equally important but less talked about is the critical step of provider validation, which happens before identity proofing.
The concept of provider validation grew in importance when the DEA issued an Interim Final Rule (IFR) and made legal the electronic prescribing of controlled substances (EPCS). Strict regulation of controlled substances now means that validation of DEA numbers is more than just protocol — it’s critical. Because some providers are only authorized to write prescriptions for certain controlled substances, EHRs must ensure that their systems are equipped to validate provider DEA (and other credentials) in real time.
The most logical time to validate a DEA number is when a provider actually writes a prescription for a controlled substance. Since DEA numbers expire or become invalid, a provider’s DEA number should be verified each time he or she writes a prescription. This is the most effective way to ensure compliance with federal regulations and verify that a prescriber is legally authorized to write prescriptions for particular substances.
Failure to validate providers for e-prescribing of controlled substances is serious. EPCS is subject to the same laws that govern written, oral, and faxed prescriptions of controlled substances. Providers who illegally distribute or dispense controlled substances could have their license suspended or revoked and are subject to imprisonment for 5-15 years and fines from $100,000-$2 million.
EHRs should care about this for a number of reasons. The EHR space has become incredibly crowded and competitive. Adoption rates have skyrocketed, but customers have more vendor choices. What’s important to healthcare providers and organizations today are cost, usability, and compliance. Provider validation is a vital part of the compliance equation.
Beyond meeting Meaningful Use requirements, EHR companies must also start thinking strategically about their customers’ long-term needs and how to elevate their position from “vendor of the day” to “services partner of tomorrow.” This is where providing value-added services like provider validation and partnerships with data providers are key.
Lastly, EHRs with provider validation and other functionalities that meet both clinical and compliance needs could attract new fans among hospitals and health systems. Having an EHR that meets both clinical and compliance needs is one way healthcare organizations are attracting physicians, whose adoption of new technologies is integral to improving patient outcomes and public health.
Miranda Rochol is VP of product and strategy for Healthcare Data Solutions (HDS) of Irvine, CA.