Open in app

Sign in

Write

Sign in

URAC Core 4.0 — Consumer Protection and Empowerment (C-CPE)

Thomas G. Goddard, JD PhD
Healthcare Accreditation and Compliance
Published in
8 min readOct 10, 2017

In this post, I’ll cover the next focus area in URAC’s new Core v. 4.0 standards, the Consumer Protection and Empowerment (C-CPE) area. All of our previous posts on the history of Core and the other focus areas can be found here at our Healthcare Accreditation and Compliance publication.

Guiding Principles

This focus area is framed by two guiding principles, “Stakeholder Involvement” and “Consumer Protection.” Both principles are longtime staples in URAC’s focus, but there is something about having them both clearly stated as the framing ideas for the standards in this section. URAC has long advocated that organizations solicit feedback from stakeholders in order to improve performance. Further, URAC has placed consumer protection at the heart of its mission since its founding in 1989/90.

Rationale

URAC’s rationale for this focus area is sparse and to the point — consumers are integral to positive health outcomes. We have seen this woven into a number of standards throughout URAC’s history, but never quite so clearly stated as here.

Scope

URAC makes it clear that the obligations of these standards apply to organizations that provide direct or indirect services that have an impact on consumers. URAC includes a variety of components in its notion of consumer rights, including access, efficiency, dignity, participation in decision-making, and much else.

We’ll have to wait until URAC releases its full accreditation guide before we see precisely which standards will be required of various URAC applicants, but this initial statement would suggest that most applicants will be held to these standards. I’m guessing that there will be some organizations whose work is so remote from consumers that they will not be held to all of the standards in this focus area. Stay tuned!

The Consumer Protection and Empowerment Standards and Elements of Performance

As usual in the new URAC format, the “Standard” outlines a general principle and the real action happens at the “Elements of Performance” (“EP”) level.

Protection of Information

The EP for this standard, C-CPE 1–1, is a combination of the explicit requirements of the current Core 16 and the implicit requirements of Core 4. Let me explain in some detail.

C-CPE 1–1(a) requires that the organization execute Business Associate Agreements (“BAAs”) with its business associates. While there is no current standard that explicitly requires this, it has been required by URAC for about five or six years under Core 4. (Students of URAC will remember that it was called “quasi-delegation” for a brief period and housed under Core 8(a) until it found its home in Core 4.) The new version seems to omit the current requirement for vendor agreements that describe such details as how IIHI is transferred from the organization to the vendor. I for one will be curious to see if this is addressed in the upcoming accreditation guide.

C-CPE 1–1(b) looks more like the current Core 16, which I have long called “URAC’s mini-HIPAA”. Instead of Core 16’s six elements, though, it is a straightforward, single requirement that the processes and procedures address the responsibility of employees, committee members, and officers to preserve the confidentiality of PHI and IIHI. However, one difference is that URAC is, for the first time, limiting this requirement to those who have access to PHI/IIHI. This is a break from the past, in which URAC has said explicitly that it doesn’t matter whether the person (esp. a board member) has access to PHI/IIHI.

Finally, C-CPE 1–1(c) adds a new bit of clarity around the confidentiality requirements, by requiring that the organization address situations in which persons or organizations are, by virtue of what they do (electricians or janitors) are put in the proximity of PHI/IIHI. This, too, is the first time we’ve seen this explicitly addressed, although reviewers have asked about these relationships during their onsite review interviews.

Ethics

In requiring that organizations “assure ethical practices that protect consumers,” URAC means a variety of things, as reflected in the diversity of requirements in the three elements of performance for this standard.

The first EP, C-CPE 2–1, establishes for all organizations a requirement that we’ve seen in the substantive modules of a few programs such as Case Management and Health Plan: that the program notify consumers of their rights and responsibilities. the EP outlines 6 minimum requirements for those rights and responsibilities, including confidentiality, access to services, and consideration for consumer preferences.

The second EP, C-CPE 2–2, expands on what URAC means by ethical healthcare practices. The language of this EP is very general, which suggests that URAC will be granting a good bit of leeway to organization in the implementation of policies under this EP. While some are clear because the definitions are well-understood (e.g., conflict of interest), others are less well-understood (e.g., “prudent stewardship of healthcare resources” or “professionalism in the use of digital media”). This is another area in which we can expect the Accreditation Guide to provide some helpful guidance.

The final EP under the Ethics standard, C-CPE 2–3, requires that the organization monitor for unethical healthcare practices. Again, URAC allows a great deal of flexibility in the implementation of this requirement, as is appropriate for a set of standards that will apply to huge health plans and small pharmacies alike. What all will be require to do, however, is:

  • Collect and review relevant information;
  • Take action when finding ethics issues;
  • Clearly identify responsibility for remediation; and
  • Review issues with an eye toward preventing future problems.

Consumer Protection

The third standard in this section calls for consumer protection in a wide variety of forms, including clinical oversight, marketing safeguards, and provider collaboration.

The first EP under this broad standard, C-CPE 3–1, focuses on clinical staff credentialing. This is identical to the current Core 30, requiring primary source verification of licensure or certification, notification by staff of adverse changes in licensure/certification status, and implementation of corrective action in response to adverse changes. What is notable is that URAC has let go of the leading indicator it has experimented with that would allow organizations to substitute a clause requiring reverification of credentials “upon expiration” for the “every three years thereafter” requirement in this EP.

The next EP, C-CPE 3–2, requires appropriate clinical oversight of the program. The requirements for the senior clinician conducting such oversight (e.g., current licensure, documented qualifications) and the required activities of such clinician (e.g., providing guidance for clinical aspects of the program) are derived from the current Core 31 and 32. The only notable changes from these earlier versions are the elimination of:

  • Core 31(c)’s requirement of post-graduate experience in patient care;
  • Core 31(d)’s requirement of board certification (if an MD or DO); and
  • Core 32(c)’s requirement of periodic consultation with practitioners in the field.

The next EP under this standard, C-CPE 3–3, focuses on a mechanism for consumer safety. This requirement of a means of responding on an urgent basis to immediate threats to consumer health and safety, is the same as the current Core 38. We can safely presume that it will have a similar breadth, apply to the broadest conceivable array of such threats, including threats of suicide or harm to others, drug recalls, and dangerous practitioners.

C-CPE 3–4, which is applicable only to pharmacy programs, is a retread of PHARM Core 41, requiring a criminal background check for employees who handle patient data and drug testing for those who handle pharmaceuticals. The primary difference from the current version is that the applicability of each of these requirements is clearly stated in the standard rather than explained in the interpretive information.

C-CPE 3–5 is evidence of the evolution of URAC’s thinking about financial incentives beyond what is currently expressed in Core 33. Rather than merely requiring that an organization with financial incentives based directly on consumer use of healthcare services ensure that consumer care is not thereby compromised, this new standard:

  • Explicitly prohibits incentives compromising medical decisions; and
  • Requires the monitoring of any such incentives to ensure that care is not compromised.

The current Core 10 is simplified in the new C-CPE 3–6, addressing marketing safeguards. The new form simply requires that the organization implement safeguards against misrepresentations about services for new and existing marketing materials. The organization also must have

Consumer Empowerment

This final standard in the CPE focus group addresses complaints, health literacy, and cultural/linguistic appropriateness.

C-CPE 4–1 is nearly identical to the current Core 35, Consumer Complaint Process. Like its predecessor, it requires that the organization implement a process for timely response to consumer complaints, an oral or written response to the complainant which informs consumers of avenues for further redress (if available), documentation of meeting timeliness requirements, and reporting of trend analyses to the QMC.

C-CPE 4–2 is an expansion on the current version of Core 40, promoting health literacy. In addition to the current requirements that consumer materials be in plain language and that staff receive guidance on how to provide information in plain language, the new standard adds a requirement that the organization address specific communication barriers:

  • Language spoken and read
  • Hearing impairments
  • Sight impairments
  • Cognitive impairments

This attention to language and impairments will be familiar to applicants in the pharmacy world, as we see an earlier version of this in Specialty Pharmacy and Mail Service Pharmacy CSCD 12. It also should be noted that the last of these barriers is a leading indicator, meaning that failure to address it will not impact accreditation.

Finally, C-CPE 4–3 addresses cultural and linguistic appropriateness, also an evolution of portions of CSCD 12. Specifically, this EP invites accredited programs to modify services to account for linguistic and cultural diversity, and to incorporate such diversity into quality improvement activities of the program. I say “invite” because one of the three elements is valued at 2 points and the other two are Leading Indicators.

Next up, Operations and Infrastructure!

Healthcare
Urac
Urac Core
Accreditation
Consumer Protection

--

--

Thomas G. Goddard, JD PhD
Healthcare Accreditation and Compliance

Written by Thomas G. Goddard, JD PhD

16 Followers
Editor for

I’m the founder and CEO of Integral Healthcare Solutions, a consulting firm focusing on healthcare accreditation.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams