FAQ Directory: Managed Behavioral Healthcare Organization Accreditation

Filter Results
  • Save

    Save your favorite pages and receive notifications whenever they’re updated.

    You will be prompted to log in to your NCQA account.

  • Email

    Share this page with a friend or colleague by Email.

    We do not share your information with third parties.

  • Print

    Print this page.

5.15.2022 MBHO: UM and CR Advanced System Controls—Policies and Procedures Are organizations that provide evidence of “advanced system controls” eligible to receive Met for UM 11, Elements A and C, and for CR 1, Element C?

No. If the organization provides evidence of advanced system controls capabilities, it must submit policies and procedures for UM 11, Elements A and C and for CR 1, Element C. Policies and procedures must address all factors regarding advanced system control capabilities.

Organizations are only eligible to receive a score of Met for UM 11, Elements B and D, and for CR 1, Element D if they provide evidence of advanced system control capabilities that both automatically record dates and prevent changes that do not meet the organization’s policies and procedures.

MBHO 2022

5.15.2022 MBHO: System Controls Goal for Analysis Is a goal required for system controls monitoring analysis for UM 11, Elements B and D, factor 2 and CR 1, Element D, factor 2?

No. Although the organization may set a monitoring goal, NCQA does not require it for UM 11, Elements B and D, factor 2 and CR 1, Element D, factor 2. The intent is that the organization reviews all instances of modifications that did not meet its policies and procedures.

MBHO 2022

5.15.2022 MBHO: Clarify scope for UM 11, Elements A and C What are the differences in scope for system controls at the factor level in UM 11, Elements A and C?

For UM 11, Elements A and C:

  • Factors 1–5 apply to receipt and notification dates, covered in UM 5 and UM 8–UM 9.
  • Factor 6 applies to all UM system data for managing denials and appeals (not only the dates specified in factors 1–5), covered in UM 4–UM 7 and UM 8–UM 9.

MBHO 2022

5.15.2022 Boilerplate Language in Delegation Agreements for System Controls May organizations’ delegation agreements contain boilerplate language for system controls delegates?

Yes, if the language specifies that the delegate must meet NCQA requirements (UM 12, Elements A and B, factor 6; UM 13, Element C, factor 5; CR 1, Element C, factor 4; CR 8, Element C, factor 5), template language may be used in the delegation agreement. Language specific to each delegate is not required.

MBHO 2022

5.15.2022 MBHO: Clarify scope for new UM System Controls Oversight requirement (UM 11, Elements B and D) How are the new oversight requirements, UM 11 Elements B and D, different from the monitoring requirements in factor 7 in UM 11, Element A and C?

UM 11, Elements A and C, factor 7 require organizations to have a process for monitoring that policies and procedures are followed for all other factors (factors 1–6) in this element at least annually. Policies and procedures must describe the monitoring process for factor 7.

For UM 11, Elements B and D, the organization submits evidence that it identified, analyzed and acted only on modifications to receipt and notification dates (UM 5) that did not meet the organization’s policies and procedures.

MBHO 2022

5.15.2022 Clarify scope for new Credentialing System Controls Oversight requirement (CR 1, Element D) How is the new oversight requirement, CR 1, Element D, different from the monitoring requirement in factor 5 in CR 1, Element C?

CR 1, Element C, factor 5 requires organizations to have a process for monitoring that policies and procedures are followed for all other factors (factors 1–4) in this element at least annually. Policies and procedures must describe the monitoring process for factor 5.

For CR 1, Element D, the organization submits evidence that it identified, analyzed and acted only on modifications to credentialing/recredentialing information (CR 2 – CR 5) that did not meet the organization’s policies and procedures.

MBHO 2022

5.15.2022 System Control Requirements Review by Product Line If auditing is used to monitor an organization’s system controls or a delegate’s system controls, is sampling by product line required?

No. Sampling is not required by product line if the product lines are managed the same (a single system is used to manage all product lines).

MBHO 2022

5.15.2022 MBHO: Delegation Oversight System Controls Monitoring - Audits Are both the organization and delegate required to conduct system controls audits for factor 5 in UM 12, Element C and CR 8, Element C?

Both the organization and delegate must monitor the delegate’s system security controls as part of the delegation oversight requirements and may choose audit as the monitoring method. If auditing is the chosen method, the delegate provides an audit report of modifications that did not comply with its policies and procedures or with the delegation agreement.

The organization is not required to conduct an audit if it determines that the delegate adequately monitored and reported noncompliant modifications, but must provide documentation (a report, meeting minutes or other evidence) that it reviewed and agreed with the delegate’s findings. If the organization determines that the delegate did not adequately monitor noncompliant modifications, it must conduct its own audit of the delegate’s system controls.

The organization must submit its documentation and the delegate’s documentation as part of the survey.
 

MBHO 2022

5.15.2022 Clarify scope for CR 1, Element C What are the differences in scope for system controls at the factor level in CR 1, Element C?

For CR 1, Element C:

  • Factor 1 applies to verification source information from credentialing and recredentialing cycles, covered in CR 3, Elements A–C.
  • Factor 2 applies to modified credentialing verification information from initial credentialing and recredentialing cycles, covered in CR 3, elements A–C.
  • Factors 3–4 apply to all information associated with credentialing/recredentialing of practitioners, covered in CR 2–CR 5.

Factor 5 requires a monitoring process that covers compliance with all policies and procedures described in factors 1–4.

MBHO 2022

3.15.2022 Inaccessibility of practitioners’ licensure information from Maryland Department of Health The Maryland Department of Health (MDH) experienced a network security incident on December 4, 2021, that made its network systems and practitioners’ licensing information inaccessible for primary source verification. The MDH reports that all disrupted licensing board systems were restored as of February 4, 2022. The MDH granted a grace period (with no expiration date) on practitioners’ licenses set to expire between November 2021 and February 2022, and issued temporary licenses to affected practitioners whose licenses will expire June 2022.

How will NCQA evaluate affected practitioners’ files?

For Maryland practitioners credentialed between December 2021 and February 2022, NCQA will not penalize organizations on inability to verify licensure due to the MDH network security incident. NCQA accepts the MDH’s grace period on licensure expirations and accepts temporary licenses issued by the MDH and will consider them current and valid. Organizations should adhere to guidance provided by MDH and document the guidance in the affected practitioners’ credentialing files.

MBHO 2022

2.15.2022 Annual Monitoring of CR System Controls Monitoring for Delegates Have the allowed methods to audit delegate files in CR 8, Element C, factor 5 changed?

No. Delegate files may be audited using one of the following methods as described in the factor explanation and noted below:

  • 5 percent or 50 of its files, whichever is less, to ensure that information is verified appropriately.
    • At a minimum, the sample includes at least 10 credentialing files and 10 recredentialing files. If fewer than 10 practitioners were credentialed or recredentialed since the last annual audit, the organization audits the universe of files rather than a sample.
  • The NCQA “8/30 methodology” available at https://www.ncqa.org/programs/health-plans/policy-accreditation-and-certification/

Either methodology is allowed, for consistency with other Delegation Oversight requirements for annual file audits.

MBHO 2022

2.15.2022 Annual Monitoring of UM System Controls Monitoring for Delegates Have the allowed methods to audit delegate files in UM 13, Element C, factor 5 changed?

No. Delegate files may be audited using one of the following methods as described in the factor explanation and noted below:

  • 5 percent or 50 of its files, whichever is less, to ensure that information is verified appropriately.
  • The NCQA “8/30 methodology” available at https://www.ncqa.org/programs/health-plans/policy-accreditation-and-certification/

Either methodology is allowed, for consistency with other Delegation Oversight requirements for annual file audits.

MBHO 2022