If a reviewer is external to the organization, the title/role must reflect it (e.g., “External Reviewer,” “External Independent Reviewer”).
HP 2025
Save your favorite pages and receive notifications whenever they’re updated.
You will be prompted to log in to your NCQA account.
Save your favorite pages and receive notifications whenever they’re updated.
You will be prompted to log in to your NCQA account.
Share this page with a friend or colleague by Email.
We do not share your information with third parties.
Share this page with a friend or colleague by Email.
We do not share your information with third parties.
Print this page.
Print this page.
The organization must provide documentation from the agency confirming that it does not provide sanction/exclusion information. If the state agency declines to supply written confirmation, the organization documents its effort to obtain the information.
The organization must verify Medicaid sanctions and exclusions from one of the additional sources specified in the standards and guidelines. The credentialing file must include evidence of both the unavailability of the information from the state agency and verification from an approved additional source.
Applicable Standards:
HPA: CR 3, Element B; CR 5, Element A
CRPN: CRA 4, Element B; CRA 5, Element A; CRC 9, Element A; CRC 12, Elements B and C
MBHO: CR 3, Element B; CR 5, Element A
HP 2025
In this example, the organization may demonstrate compliance with QI 3, Element A by providing evidence that it reported 50% of required measures it is capable of reporting. The organization would be required to report a valid, numeric rate for at least 50% of the required nonbehavioral health measures (i.e., 2 of the 4).
HP 2025
Yes. Organizations that choose to conduct their audit and analysis for Information Integrity more frequently than annually (i.e., quarterly), may also conduct the follow-up audit of effectiveness more frequently. The audit must be within the 3–6 month time frame prescribed by NCQA.
Applicable Standards:
HP: CR 8, Element C; CR 8, Element D, factor 2. UM 12, Element D, UM 12, Element E, factor 2; UM 12, Element F, UM 12, Element G, factor 2.
CRPN: CR 2, Element C, CR 2, Element D, factor 2.
MBHO: CR 8, Element C; CR 8, Element D, factor 2. UM 11, Element D, UM 11, Element E, factor 2; UM 11, Element F, UM 11, Element G, factor 2.
HP 2025
Yes. NCQA has worked with CAQH to add a notice to its practitioner- and customer-facing provider credentialing applications, recognizing that discriminatory uses of race, ethnicity and language data are prohibited. CAQH is going live with the application update on 7/1/25.
The use of the CAQH application will be acceptable to meet CR 3, Element C, factor 6: Race, ethnicity and language in the 2025 Health Plan Accreditation standards and guidelines (and applicable products).
This applies to:
HPA: CR 3, Element A, factor 6
CRPN: CRA 3, Element A, factor 6, CRC 10, Elements A, factor 6
MBHO: CR 3, Element A, factor 6
HP 2025
The requirement is for the application to have separate fields to enter responses for each of these three data points (race, ethnicity, and language). However, it would be acceptable to group these into one question if the application prompts the user to provide separate responses for race, ethnicity and language.
Responses provided through the CAQH online portal for credentialing data application are acceptable. Although the online portal supporting the credentialing application groups the responses for race and ethnicity into one field, the practitioner is prompted to provide separate responses within the system. When a practitioner chooses his/her race, the practitioner is then prompted to provide his/her ethnicity information. Language is captured via a separate field.
This applies to:
HPA: CR 3, Element A, factor 6
CRPN: CRA 3, Element A, factor 6, CRC 10, Elements A, factor 6
MBHO: CR 3, Element A, factor 6
Note: A related question was posted on 3/17/2025: “Credentialing Application: Race, Ethnicity and Language (REL).” This FAQ is an update to that post.
HP 2025
Yes, if the software uses the organization’s clinical criteria, policies and procedures and benefit package information, and the organization maintains control over the software implementation. Organizations may not use the software to make any denial decisions; those must be made by an appropriate clinical professional. Appeal decisions require same-or-similar specialist review, as specified in the NCQA standards.
NCQA considers the use of external software to make approval decisions to be a vendor relationship for applicable requirements (e.g., UM 4, Element F). Refer to Appendix 3: Delegation and Automatic Credit Guidelines for additional information.
HP 2025
If an organization does not have evidence that, during the look-back period, it assisted members transition to care when their benefits were exhausted (QI 3, Element E), NCQA reviews the organization’s policies and procedures in place throughout the look-back period.
In addition to the policies and procedures, the organization must provide documentation (e.g., attestation) indicating that there were no such instances during the look-back period.
HP 2025
Yes. The training requirement is new and was not included in the systems controls requirement. The organization must update its delegation agreement to include delegation of UM and CR information integrity training.
The organization may add an addendum to include delegation of the new training requirement. The addendum must be mutually agreed on by the organization and the delegate.
HP 2025
No. For standards year 2025 only, NCQA will allow all organizations, regardless of their audit schedule, to submit a detailed implementation plan in lieu of conducting the delegation oversight information integrity audit.
The implementation plan for each applicable delegate must include:
Organizations must submit either an information integrity audit report or an audit implementation plan (for selected delegates) at the time of survey submission for the following products:
Organization-level information integrity audits must be conducted, and an implementation plan is not acceptable for the following requirements:
Note: A related question was posted on 1/15/2025: “Do organizations need to conduct a delegation audit(s) on the 2025 Information Integrity standards within 12 months prior to survey submission date?” This FAQ replaces that post.
HP 2025