The ABC’s of Data Governance: Principles and a Softrams Case Study

Data governance, in simple terms, is the set of rules and guidelines that help a business manage its data effectively. Imagine you have a library full of books (which represent the data). Data governance in the context of library, is the system that ensures:

1. The right people can access the books (or data) when they need them.
2. The books are in good condition, so the information in them is accurate and up to date.
3. Everyone follows the same rules for how to organize, store, and handle the books, so things don't get lost or mixed up.

‍

In a business setting, data governance ensures that all data is reliable, secure, and used properly. Absence of data governance can lead to several issues including compromised quality of data, risk of non-compliance with regulations and lack of ownership. Which is why bringing effective governance to Medicare provider vetting API, Softrams’s key data asset, and ensuring its highest compliance with provider enrollment policy specific to Medicare program and models is crucial for maintaining program integrity, reducing provider burden, and improving operational efficiency.

‍

In this blog we will dive deeper into how to apply this policy, process, and technology in the context of Medicare provider data.

‍

Here is how we apply a framework to managing Medicare provider data:

Policy    

Access Controls: Establish policies around access controls for different teams (e.g., Data Ops, Prod Ops and Dev Ops).

‍

Provider Enrollment Compliance: Define a policy requiring the validation of provider credentials during the initial provider on-boarding and periodic revalidation in alignment with the provider enrollment policies of the Centers for Medicare and Medicaid Services (CMS).

‍

Provider Data Integrity Policies: Implement policies around maintaining data integrity, including regular audits to verify provider credentials and status.

‍

Data Stewardship and Accountability: Assign data stewards for Medicare provider data, such as specific individuals or teams responsible for data accuracy, completeness, and security across its lifecycle.

Process

Provider Enrollment Lifecycle Management: Define and implement processes for the entire provider enrollment lifecycle, including new provider applications, revalidations, updates, and terminations. This involves:

• Initial credentialing and verification of provider identity and qualifications.
• Ongoing monitoring for changes in licensure, sanctions, and exclusions.
• Revalidation of provider information on a periodic basis, as required by CMS.

‍

Data Quality Assurance: Establish workflows for continuous data quality management, including:

• Routine data cleansing to remove outdated or duplicate records.
• Cross-referencing provider data against authoritative external sources (e.g., PECOS, and NPPES).
• Regular audits to ensure compliance with CMS enrollment standards and to mitigate risks such as the enrollment of ineligible or sanctioned providers.

‍

Exception Handling and Remediation: Create processes to handle discrepancies or exceptions in provider data (e.g., incomplete applications, credential mismatches). These should include escalation procedures for resolving issues and ensuring that provider data is corrected promptly.

‍

Change Management and Version Control: Define processes for managing changes to provider data, including version control for provider records and clear tracking of historical changes (e.g., address updates, NPI changes).

‍

Technology 

Data Quality and Validation: Use automation for data profiling, cleansing, and validation.

‍

Metadata Management and Data Lineage: Implement tools that capture metadata about each provider, including enrollment status, NPI, specialty, licensing status, and credentialing history. Having this metadata readily available ensures that providers’ history and status are transparent and traceable.

‍

For Softrams, implementing robust governance in its Medicare provider vetting API is crucial for maintaining program integrity and operational efficiency. The post outlines a comprehensive framework that includes establishing policies for access control and data integrity, defining processes for the provider enrollment lifecycle, and leveraging technology for data validation and metadata management. This structured approach is vital for ensuring reliable and secure provider data use in the healthcare sector. We hope this real world journey will help you to assess and leverage this framework and approaches for your data products to make them effective and successful.