Vendor credentialing: What the dog saw

In his current best-seller, What the Dog Saw and Other Adventures, author Malcolm Gladwell (The Tipping Point, Blink, and Outliers) uses his copious talents to explore a variety of scenarios from multiple points of view. One scenario involves an interaction between dog trainer Cesar Milan (of the TV show Dog Whisperer), a distraught pair of dog owners, and a recalcitrant Korean Jindo named JonBee. But Gladwell chooses not to view it through Cesar’s eyes, nor through the owners’ eyes, but rather, through JonBee’s eyes.

Gladwell’s approach brings to mind an old adage first related to me by my friend Donn Sarbaum: There are three sides to every story – your side, my side and the side nobody knows. So it is with vendor credentialing. There are at least three sides:

  • The healthcare organization’s side.
  • The vendor’s side.
  • The side of the purveyor of credentialing services.

As a person who has labored on two sides of this issue (that of the healthcare organization and the vendor), I feel qualified to comment on them.

Raison d’etre
Vendor credentialing is a concept that – not unlike HIPAA and HITECH compliance requirements – came about as a result of the poor job healthcare organizations were doing maintaining the security of their patients’ medical information. Not so long ago, in the 1970s and 1980s, anyone – including vendors – could walk freely through the halls of almost any hospital in the United States and see patient records in plain view, with little or no security in place.

Back then, vendor credentialing generally consisted of a clothbound journal on top of the administrative assistant’s desk in Purchasing. Often up to 80 percent of vendors completely bypassed the book and the process altogether.

The reasons given for vendor credentialing include:

  • Risk mitigation.
  • Assurance that people allowed in clinical areas have proper training.
  • Health and healthy workspace concerns.
  • Equal opportunity for vendors.
  • Weeding out of fakes and frauds via documentation.
  • Contradictive Yeoman Activities (CYA).

The impact of vendor credentialing
All of the reasons mentioned above sound good and even laudable. But what is the real impact of credentialing?

First, by outsourcing the credentialing of vendors to third parties, a cost is incurred. It can be argued that the vendors foot the bill, but is that really the case?

For the large vendors, perhaps. But for smaller vendors, the tool that was ostensibly designed to help ensure fair competition could actually make it fiscally impossible to do business. Assume that there are 5,000 healthcare organizations in the United States, and that each charges each vendor $50 to participate in their credentialing program. For every national vendor, that would mean an additional $250,000 in direct operating expense. Certainly not a problem for the giants, but what about the local, regional and smaller national firms whose pockets are not as deep as those of the big firms? They would have to pick and choose where they could compete for business.

Meanwhile, what happens to the salesperson representing physician preference items, whom the healthcare organization tried to keep away from a key physician by implementing a sophisticated, outsourced, computer-based vendor credentialing program? Chances are, that rep is building the same personal relationship that he or she would have been doing under the old model simply by changing the call point to the physician’s office. And the vendor of furniture, fixtures and equipment can put the same complimentary furniture or fixtures in the same homes as before simply by going around the system.

Unlike organizations that provide consulting services, database and benchmarking services (offerings that deliver a measurable value beyond acquisition cost), fancy credentialing packages only add costs, which inexorably find their way to the people who pay the bills – the patients.

A simple solution
As difficult as this may be for contracting executives to hear, the only way to do a good job of monitoring the actions of vendors is to commit to doing a good job – and then doing it. The Strategic Marketplace Initiative – a consortium of executives representing healthcare providers, suppliers, pharmaceutical companies, distributors and service organizations – has published two noteworthy documents: “Management Guidelines for Vendor Access” and “The Need for Management Guidelines for Vendor Access.” (You can access both at no charge at Both provide the necessary information and rationale for the development of a good vendor credentialing and access program.

According to noted military strategist Edward Luttwak in his 1976 work, The Grand Strategy of the Roman Empire, a large contributor to Rome’s downfall was the fact that it outsourced its army to its enemies.

Last week, two colleagues and I visited a large, well-known integrated delivery network. Before we could meet our appointment, we were required to enter our information into a large computer (with help from the receptionist). Sticky badges were printed, which we dutifully attached to our attire. Our meeting ended after 5 p.m. and when we checked out, the security guard told us to toss our badges in the trash.

This morning, one of my colleagues received an e-mail notification that she had violated vendor access policies. The other two of us – who did exactly the same thing – have heard nothing.

So, to hospitals, I would say this: If you do engage the services of a vendor credentialing firm, keep one thing in mind: Caveat Emptor! (Let the buyer beware!)

Fred Crans is area vice president, North and West, for ECRI Institute, Plymouth Meeting, Pa. He has had a long and diverse career in the healthcare supply chain, including stints as supply chain leader for Genesis Health System, Davenport, Iowa; Broadlane; and several consulting companies. Prior to joining ECRI he was principal consultant for University HealthSystem Consortium. He may be reached at

safe online pharmacy for viagra cheap kamagra oral jelly online