NCQA Credentialing Certification (CVO) — Frequently Asked Questions

What is NCQA Credentialing Certification (CVO Certification)?

NCQA Credentialing Certification — commonly called CVO Certification — is a quality designation for organizations that verify practitioner credentials through primary source verification without performing credentialing committee review or making credentialing decisions. It certifies that the organization consistently verifies practitioner credentials accurately, completely, and in compliance with NCQA's standards for primary source verification. The credential decision remains with the client health plan or contracting organization.

What is the difference between NCQA Credentialing Certification and NCQA Credentialing Accreditation?

Credentialing Certification (CVO) covers primary source verification only — the organization verifies practitioner credentials but does not perform committee review or make credentialing decisions. Credentialing Accreditation covers full-scope credentialing including committee review and credentialing/recredentialing decision-making authority. The right credential depends on whether your organization includes committee functions in its scope of services.

Who is eligible for NCQA Credentialing Certification?

Eligible organizations include credentials verification organizations (CVOs) providing primary source verification services, health plans with narrower credentialing scope that retain only the verification function, medical groups and IPAs that verify credentials for their own network, and hospital credentialing departments where the medical executive committee retains the credentialing decision. The defining eligibility factor is that the organization verifies credentials but does not make credentialing decisions.

What credential elements must be verified under NCQA CVO Certification standards?

Required verification elements vary by practitioner type but typically include:

• Current licensure — verified with the issuing state licensing board
• Board certification — verified with the certifying specialty board
• Medical education and training — verified with the institution
• Malpractice history — verified through the National Practitioner Data Bank (NPDB) and malpractice carriers
• DEA registration where applicable
• Sanctions and exclusions — verified through NPDB, OIG, SAM, and applicable state lists
• Hospital privileges where applicable

For each element, NCQA requires documentation of the source contacted, the verification date, and the information obtained.

What does 'primary source verification' mean under NCQA standards?

Primary source verification means confirming credentials directly with the original issuing body — the licensing board, the medical school, the certifying organization. NCQA also permits verification through recognized sources (NPDB, official online lookup tools maintained by licensing boards and certifying organizations) and contracted agents of primary sources for specific elements where NCQA has approved these alternatives. The organization must document which verification method was used for each element.

What are NCQA's timeliness requirements for credential verification?

NCQA specifies timeliness requirements for how current verification must be at the time of credentialing. Verification must be completed within the required timeframe prior to the credentialing decision — specific timeframes vary by element and are specified in NCQA's standards and guidelines. Organizations must document verification dates for each element and ensure no element exceeds the permitted staleness threshold. Expired verifications are a common source of deficiency findings.

What QI program requirements apply to CVO Certification?

NCQA requires a QI program specifically focused on verification functions — not a general organizational quality framework. Required elements include a defined scope of verification activities, measurable quality goals (accuracy rates, timeliness, completeness), a measurement methodology, and a documented improvement cycle. The QI program must demonstrate that performance data drives improvement initiatives — measurement alone is not sufficient.

How does NCQA CVO Certification satisfy health plan delegation requirements?

NCQA-accredited health plans are required to oversee delegated credentialing functions, including verification services delegated to CVOs. NCQA CVO Certification is the primary mechanism for a verification organization to demonstrate to its health plan clients that its processes meet national quality standards. A CVO holding NCQA Certification can reduce its health plan clients' audit burden and strengthen the delegation relationship by providing independent quality validation.

What happens if a credential cannot be verified through a primary or recognized source?

NCQA requires that verification exceptions be documented and escalated through a defined process. The organization must have a policy addressing how unverifiable elements are handled, including notification to the client health plan and the process for making a credentialing decision when an element remains unverified. Exception handling is frequently underdocumented — the process exists operationally but the policy and escalation documentation are missing.

Is NCQA CVO Certification required by health plan contracts?

Health plans that delegate verification functions to CVOs frequently require NCQA Credentialing Certification as a contract condition, particularly when the health plan holds NCQA Health Plan Accreditation and must demonstrate that its verification delegates meet quality standards. Organizations providing verification services under health plan delegation agreements should verify accreditation requirements in their specific contracts and anticipate that this requirement will expand as health plans face increasing scrutiny of their credentialing oversight.

What are the most common deficiency areas in NCQA CVO Certification surveys?

Based on IHS experience, common deficiency areas include:

• Incomplete verification — missing elements, expired verifications, or unresolved exceptions in file samples
• QI program structure — monitoring exists but is not framed as a verification-specific QI program with defined goals and improvement cycles
• Source documentation — verification occurred but the source, date, and information obtained are not consistently documented at the element level
• Exception handling — the organization handles unverifiable elements appropriately but lacks a written policy and documented escalation pathway

How does IHS support NCQA Credentialing Certification preparation?

IHS provides gap analysis against current NCQA Credentialing Certification standards, certification roadmap development, QI program documentation specific to verification functions, policy and procedure review and revision, client agreement review, mock survey, survey-day preparation, and post-survey response planning. All work is principal-led by Thomas G. Goddard, JD, PhD, former Chief Operating Officer and General Counsel of URAC.