Running an Effective Credentialing Committee: Structure, Cadence, and Compliance Requirements

What a Credentialing Committee Is and Why NCQA and URAC Require It

A credentialing committee is the governance body within a health plan or credentialing organization that reviews provider credential files and makes final determinations about network participation eligibility. The committee is the mechanism through which the organization exercises clinical judgment about which providers meet the standards required to participate in its network. It is not simply an administrative rubber stamp — it is a clinical governance function with significant liability and regulatory implications.

Both NCQA and URAC, the two primary accrediting bodies for health plan credentialing programs, require a credentialing committee (or equivalent governance structure) as a condition of accreditation. NCQA's CR standards require that a credentialing committee or designated physician leader review and approve credentialing decisions, with physician leadership of that body specifically required. URAC's credentialing standards similarly require a physician-led review of credentialing decisions. CMS's Medicare Advantage requirements incorporate NCQA or URAC accreditation standards by reference for credentialing, making committee compliance a federal compliance requirement for MA plans.

The underlying rationale for requiring a committee with physician leadership is that credentialing decisions — particularly adverse decisions to deny or restrict a provider's participation — require clinical judgment about the significance of license history, malpractice history, clinical competence indicators, and other factors that a purely administrative process cannot adequately assess. A physician chair who can interpret the clinical significance of a malpractice settlement, a peer review action, or a pattern of clinical complaints is essential to defensible credentialing decision-making.

Committee Composition Requirements

NCQA and URAC both require that the credentialing committee be chaired or led by a physician. The chair is typically the plan's medical director or a designated physician leader with credentialing expertise. The chair's clinical judgment is the anchor of the committee's decision-making, particularly for adverse decisions. Plans should designate a physician chair who has time to meaningfully review files — not simply to attend the meeting and sign minutes — and who has access to legal counsel when credentialing decisions carry due process implications.

Beyond physician leadership, committee composition varies by plan size and structure. Larger plans typically include additional physician members from key specialties, a nurse or clinical quality officer, the credentialing manager, the compliance officer, and legal counsel on an as-needed basis. Smaller plans may operate with a smaller committee — sometimes as few as three members including the physician chair — but should ensure that the physician chair has access to specialty peer review for cases involving clinical questions outside the chair's own specialty.

Quorum requirements are established by the committee's written policies and procedures and must be met for a decision to be valid. A common quorum threshold is a majority of voting members, with the physician chair required for quorum. Plans should document quorum in the meeting minutes for every session, because committee decisions made without quorum are procedurally deficient and can be challenged in due process proceedings. If a committee cannot achieve quorum for a scheduled meeting, the meeting should be rescheduled rather than proceeding with inadequate representation.

Meeting Frequency: Monthly vs. Ad Hoc

NCQA requires that credentialing decisions be made within 180 days of receipt of a complete application. This standard is the primary driver of meeting frequency — a committee that meets too infrequently will create backlogs that push processing times past the 180-day threshold. Most plans with active contracting programs meet monthly at a minimum, with some meeting twice monthly during peak contracting periods. A purely ad hoc meeting schedule is only viable for very small plans with low provider volume.

Monthly meetings work well when the plan has a consistent but manageable volume of complete applications — typically in the range of 20 to 60 files per meeting for mid-sized plans. Plans with higher volume or shorter contracting cycles should consider biweekly meetings or a hybrid structure in which routine, clean files are processed through an expedited credentialing pathway (discussed below) while complex files requiring committee deliberation are reserved for the full committee meeting.

The meeting calendar should be set annually and communicated to all stakeholders — provider relations, contracting, network operations — who depend on credentialing decisions to activate providers and update the directory. The calendar should include buffer time between the document submission deadline (the last date by which a complete file must be submitted to be considered at a meeting) and the meeting date to allow credentialing staff to prepare the file summary and flag issues for committee review. Unstructured, ad hoc scheduling of committee meetings is a reliable predictor of processing time problems and compliance deficiencies.

The Standard Agenda and File Review Process

A well-structured credentialing committee meeting follows a consistent agenda that ensures all files receive adequate review without the meeting becoming unmanageably long. For a monthly meeting with 40 files, a two-to-three hour meeting is typical. The agenda generally follows this structure: call to order and quorum confirmation; approval of previous meeting minutes; review of expedited credentialing decisions since last meeting (ratification); review of complete files by category — routine approvals, files with issues requiring discussion, recredentialing decisions, and adverse credentialing decisions; and new business including policy updates and quality indicator review.

The file review process for routine approvals is typically a summary presentation by the credentialing manager or staff: the provider's specialty, the primary verification sources checked, the absence of sanctions or adverse actions, and a recommendation for approval. The physician chair reviews the summary and affirms the recommendation. This process can move efficiently — 2 to 3 minutes per file — for clean routine files, allowing the committee to spend more time on complex files that require deliberation.

Files with issues — incomplete primary source verifications, disclosed malpractice history, license history questions, gaps in practice history, or information that does not match across sources — are presented in more detail, with the credentialing staff summarizing the issue and the committee deliberating on its significance. The physician chair's clinical judgment is central here. Some issues that appear significant on paper — a single older malpractice settlement, a license renewal inquiry that was resolved — may be clinically unremarkable; others that appear routine may have clinical significance the physician chair can identify. The committee's deliberation on these files should be documented in sufficient detail to support a defensible record if the decision is later challenged.

Expedited Credentialing: When It's Appropriate and How to Use It

Expedited credentialing is a process that allows a plan to grant provisional network participation to a provider before the full committee review is complete, typically within 10 to 14 business days of receiving a complete application. NCQA permits expedited credentialing with specific requirements: a clean sanctions check (NPDB, OIG, state license board), a license verification, and a current malpractice insurance verification must be completed before provisional participation can be granted, and the full credentialing file must be reviewed by the committee at its next regular meeting.

Expedited credentialing is appropriate in specific circumstances: when a provider is needed urgently to fill an access gap, when a provider is joining a contracted group practice and the group has an established credentialing track record with the plan, when a health system is onboarding multiple providers simultaneously and timing to directory activation is operationally critical, or when a new service line launch requires rapid provider activation. It is not appropriate as a routine processing shortcut for all applications — using expedited credentialing universally undermines the safeguard function of the standard process.

Plans should document each use of expedited credentialing with a justification for why expedited processing was appropriate. The documentation should confirm that the three required pre-credentialing verifications were completed before provisional participation was granted, and that the full file was presented to and approved by the committee at the next scheduled meeting. Expedited credentialing without this documentation is operationally indistinguishable from simply skipping the committee review, which creates significant compliance exposure.

Adverse Credentialing Decisions and Due Process Requirements

When a credentialing committee determines that a provider does not meet the plan's credentialing criteria — whether because of license history, sanctions, malpractice history, clinical competence concerns, or failure to meet basic eligibility requirements — the resulting adverse decision triggers due process obligations. Health plans are required by both accreditation standards and, for hospital-based practitioners, federal law (the Health Care Quality Improvement Act) to provide providers with notice of adverse credentialing decisions and an opportunity to appeal.

The due process requirements for a fully adverse decision — denial of participation or termination of an existing provider — are more extensive than for a conditional approval or a decision to restrict a provider's scope of participation. The provider must receive written notice of the adverse decision, the basis for the decision, and the opportunity to request a hearing. The hearing must be conducted by a panel that does not include individuals who participated in the original adverse decision. The provider has the right to present information in support of their application at the hearing.

Plans should have written policies and procedures governing the due process process that are reviewed and approved by legal counsel and updated whenever relevant standards change. The committee should not attempt to run a due process hearing without legal support. Due process proceedings create a record that may be used in subsequent litigation — either by the provider challenging the adverse decision or by a third party claiming that the plan failed to take appropriate action against a provider. The documentation of the committee's deliberation, the basis for the adverse decision, and the due process proceeding itself must be complete and accurate.

Committee Documentation and Minutes as a Compliance Artifact

Credentialing committee minutes are a primary compliance artifact — they are the documentary evidence that the committee met, achieved quorum, and made defensible decisions based on appropriate review of provider files. CMS, NCQA, and URAC auditors will request committee minutes as part of any credentialing program review, and inadequate minutes are a common finding in credentialing audits. Minutes that simply record who attended and list providers approved without any indication of what was reviewed or discussed do not meet the documentation standard.

Adequate committee minutes should include: meeting date, attendees and their roles, quorum confirmation, files reviewed with disposition (approved, denied, deferred, approved with conditions), a summary of material issues discussed for any file that required committee deliberation, and the signature or electronic attestation of the committee chair. For files approved through the expedited pathway and ratified at the meeting, the minutes should document the ratification and reference the original expedited credentialing record.

Minutes should be finalized and approved at the subsequent meeting and retained in accordance with the plan's document retention policy — typically at least seven years for credentialing records. Plans that maintain committee minutes only in email chains or informal notes without a formal approval and retention process are creating a significant audit vulnerability. The credentialing committee minute is a legal record; it should be treated with the same rigor as any other formal corporate governance document.

Delegated Credentialing and Committee Oversight of Delegates

Many health plans delegate credentialing responsibilities to large medical groups, health systems, or independent practice associations (IPAs) that have their own credentialing programs. Under a delegation arrangement, the delegated entity performs the primary source verifications and makes initial credentialing decisions for its providers, and the plan accepts those decisions rather than re-credentialing each provider independently. Delegation significantly reduces the volume of files the plan's credentialing committee must review, but it does not eliminate the committee's oversight responsibilities.

NCQA and URAC require that plans with delegation arrangements conduct oversight of their delegates' credentialing programs on at least an annual basis. This oversight must include a review of the delegate's policies and procedures, a file audit of a sample of credentialing decisions made by the delegate, and a determination that the delegate's program meets the plan's credentialing standards. The results of the oversight audit must be documented and reviewed by the plan's credentialing committee.

The credentialing committee's role in delegation oversight is to receive and act on the audit findings. If the oversight audit reveals deficiencies in the delegate's credentialing program — incomplete primary source verifications, files approved without required elements, adverse actions not reported to the plan — the committee must determine whether the deficiencies require a corrective action plan, a probationary period for the delegation arrangement, or termination of delegation. The committee's oversight of delegates should be documented in the same meeting minutes that document its direct credentialing decisions, creating a unified compliance record for the plan's entire credentialing governance function.