The Healthcare Hub

Healthcare Vendor Credentialing Compliance Practices for Providers

Tuesday, August 1, 2023

Healthcare leaders need a comprehensive view of vendor credentialing compliance, vulnerabilities and opportunities to help forge a more compliant path forward. Discover helpful steps for hospital vendor credentialing compliance with the GHX 5-Part Framework. 



Today, helping to ensure protection, security and care for those in a healthcare facility is critical. This includes, in part, credentialing vendors and representatives and badging visitors who enter your healthcare organization. 

Because healthcare organizations conduct business with a wide range of suppliers and representatives in-person and off-site, complying with the many regulations around these interactions can present a significant administrative burden for staff. 


Among American consumers surveyed, 70% say hospitals need to improve physical security. 

GHX Hospital Safety Survey (2023)


The GHX 5-Part Framework for Vendor Credentialing Compliance offers guidance and practices based on the seven foundational industry compliance elements derived from the HCCA-OIG Compliance Effectiveness Roundtable resource guide.  Each part comes with a checklist to help credentialing leaders achieve success across their healthcare system.  



Table of contents

  1. Health systems
  2. Vendor and representative
  3. Document and policy
  4. Access and badging



Part 1: Health system vendor credentialing compliance 

Standardizing vendor credentialing across a health system using a single solution can help streamline credentialing processes, while supporting greater alignment and adherence to credentialing compliance goals. 

Many health systems have expensive, inefficient and parallel vendor credentialing processes that make meeting credentialing compliance requirements challenging. Standardizing credentialing practices inside and outside of the hospital can be especially important as health systems acquire or establish non-acute facilities to broaden their reach and deliver care in a more cost-effective manner. 

Learn how to build a stronger foundation for system-wide credentialing compliance to help improve safety, reduce business risks and navigate vendor relationships here


Steps for system-wide vendor credentialing compliance 

  1. Proactively and consistently communicate the value of credentialing compliance from the top down to help build a culture of credentialing compliance throughout the healthcare organization. 

  1. Communicate the importance of the vendor credentialing program during management meetings and through internal communication channels such as newsletters. 

  1. Provide your vendor credentialing organization with a list of all facilities that can be standardized on their platform, including outpatient facilities, surgical centers, and physician practices. 

  1. Establish a primary point of contact for your vendor credentialing organization program. 

  1. Partner with your vendor credentialing organization to provide training for staff members. 



Parts 2 and 3: Vendor and representative credentialing compliance 

Many health systems and hospitals have extended and diversified supplier networks as well as expanded supply portfolios over the past three years in response to lingering supply chain disruptions. But this can also increase vulnerability to unscrupulous business partners and practices. Find out more about recommended best practices for vetting new and non-traditional vendors here. 


Vendor credentialing 

Working with non-credentialed vendors can present potential risks to a healthcare organization’s financial health.  

For example, if a provider transacts business with an excluded vendor or vendor representative (e.g., OIG exclusion) the product or service is not reimbursable and to the extent the provider submits for  reimbursement may be denied.


Representative credentialing 

As technology evolves, so do the ways health systems and supplier representatives meet, communicate and interact. With these changes, come new vendor credentialing questions. For example: when a representative virtually remotes into an operating room (OR), do they need to be credentialed? 

Best practice vendor credentialing means not only vetting vendors, but also their individual representatives. A healthcare organization should credential all vendor representatives at the individual level, whether they conduct business at a physical location, interact with physicians in-person or remotely, inside or outside of clinical areas. 


Steps for vendor and representative credentialing 

  1. We suggest including vendor and representative credentialing compliance contract language in your contracts with vendors. 

  1. Enforce registration for all vendors and reps, including off-site only vendors, contractors, and consultants 

  1. Send your vendor credentialing organization an internal vendor file so they can perform a vendor analysis review (e.g., cross-check the vendors and reps the organization is doing business with against registered vendors and reps). 

  1. Verify registration status before onboarding vendors. 

  1. Set firm registration deadlines and communicate those to vendors and reps that have not registered or have incomplete registrations. 

  1. Provide your vendor credentialing organization with an internal email address so they can help manage email communications from vendors and their reps on your behalf. 


Part 4: Document and policy level vendor credentialing compliance 

At the document and policy level, health systems should require full credentialing compliance with these and other requirements, including local, state and federal regulations, as well as the healthcare organization’s own rules, policies and procedures. 

“You don’t need to reinvent the wheel. When it comes to vendor and credentialing and management, GHX can tell you best practices. Every time, they’ve been there to support me.” 

Palmetto Health Case Study 

Complying with government and health system-specific credentialing requirements may require the collection and verification of the following vendor information, including, for example:  

  • Sanction checks 

  • Criminal background checks 

  • Federal tax identification numbers 

  • Immunization/vaccination records 

  • Educational training documents 

Compliance professionals should strive to stay current on credentialing regulations applicable to their healthcare organization. By integrating new laws, regulations and standards into its vendor credentialing compliance program, a health system can craft more detailed policies and guidance and develop targeted training to help institutionalize knowledge across the organization. 


Steps for external and internal regulation credentialing compliance 

  1. Review document requirements and determine their applicability to the health system. An organization’s vendor credentialing organization may be able to provide documents concerning recommendations for specific departments. 

  1. Work with a vendor credentialing organization to tailor document requirements to different types of reps (e.g., contractors, off-site vendors, etc.). 

  1. Require representatives to review and electronically acknowledge policies through a vendor credentialing organization’s platform. 

  1. Deliver current policy information and maintain updates for new policies with the help of a vendor credentialing organization. 

  1. Provide an up-to-date list of individuals in the health system who require sanction notifications. Research reps or vendors who are flagged for sanctions and reach out to the vendor credentialing organization for recommendations. 



Part 5: Access & badging level vendor credentialing compliance 

Badging is an important safety component for vendor representatives. Badges help show facility staff members that the representatives who wear them have checked in at the appropriate location. Vendor credentialing helps to ensure that representatives are being checked against the hospital’s policy requirements.  

All vendor representatives should obtain a badge to enter a facility; those who do not meet the healthcare organization’s credentialing requirements should be denied a badge. A practice for facility access management would be, for example, to require representatives to check in at a badging station upon entering a facility and wear visible badges at all locations. 

Kiosks, such as the Vendormate kiosk, can help facilitate this by allowing self-service check-ins, including wellness checks and temperature scans. Technology like this can also help reduce the administrative burden on staff. 


Steps for supplier rep access and badging 

  1. Empower facility staff to identify areas of credentialing non-compliance (such as individuals in a facility without proper badging) and bring issues to the attention of management. 

  1. Train all departments and locations to require representatives to sign in and print a badge each visit. 

  1. Make sure badging stations are functioning properly and that a vendor credentialing organization has the most updated list of locations for your stations. 

  1. Place badging stations in a highly visible area where the greatest amount of foot traffic happens. 

  1. Consider upgrading your badging stations to self-serve kiosks. 



Credentialing solutions like GHX Vendormate help create a culture of vendor credentialing compliance with our people, data, processes and technology that help improve safety and reduce business risk. 

Image Description

David Sayers

Vendormate Solution Specialist, GHX

Schedule a Compliance Review