Let’s Talk About What’s Next

Whether you’re facing resource gaps, launching a new initiative, or looking to optimize operations — we’re ready to help.

Find us

521 W SR 434,
Suite #201
Longwood, FL 32750

Email us

info@ImpresivHealth.com

Phone support

Phone: 1.888.208.6753

What Certified Health Plans Must Know Before July 1, 2025

  • By Cortney Galaster
  • June 11, 2025
  • 2 Views

NCQA has announced a critical update that goes into effect on July 1, 2025—and if your organization is NCQA-certified in Credentialing (CR) or Utilization Management (UM), this is a change you can’t afford to overlook.

What was once a narrow set of “system control” requirements is now evolving into a broader and more comprehensive standard: Information Integrity. These new expectations reflect NCQA’s increasing focus on data accuracy, security, and oversight—not just at the time of accreditation or certification, but as an ongoing operational priority.

What’s Changing?

Previously, NCQA evaluated whether health plans had basic technical controls in place—think password protection or restricted access to credentialing files. But starting July 1, 2025, the standard is rising.

Under the new Information Integrity standard, NCQA now expects:

  • Comprehensive system safeguards that protect the accuracy and confidentiality of credentialing and UM data
  • Audit trails and logging that show who accessed or modified records, and when
  • Role-based access controls and processes to prevent unauthorized changes
  • Formal policies and documentation that outline your plan’s approach to safeguarding critical data
  • Stronger oversight of delegated entities (such as CVOs, MSOs, or UM vendors), ensuring they meet the same information integrity standards

Why It Matters for Certified Health Plans

Even if your organization holds certification (rather than full accreditation), you are not exempt from these changes. In fact, the upcoming shift directly affects credentialing and UM certifications, placing increased scrutiny on how health plans and their delegates manage sensitive data.

Here’s how certified health plans are impacted:

1. Updated Policies Are Now Mandatory

You must revise your credentialing and UM documentation to align with the expanded standards. This includes your information system policies, delegation agreements, and internal workflows.

2. Delegation Agreements Need Overhaul

For delegated functions, such as primary source verification or UM determinations, your contracts must now:

  • Specify system controls
  • Require audit capabilities
  • Include corrective action plans for non-compliance

Failure to update these agreements could jeopardize your certification status.

3. Shorter Verification Timeframes

Credentialing certification now requires re-verification within 120 days, down from the previous 180. For CVOs, the window is just 90 days. Your systems must support faster, more accurate, and trackable data workflows.

4. Ongoing Monitoring & Monthly Sanction Checks

NCQA now mandates monthly monitoring of license expirations, exclusions (e.g., SAM.gov), and sanctions. Your plan must not only track this data but act on any discrepancies within 30 days.

Preparing for July 1: Action Steps for Health Plans

To maintain compliance—and avoid surprises during your next certification review—health plans should take the following steps:

  • Policy Review: Update system control policies to reflect the full Information Integrity requirements
  • Delegate Audit: Review and revise all delegation agreements to include audit trails, access control, and remediation
  • System Readiness: Ensure your credentialing and UM platforms support logging, access controls, and rapid verifications
  • Staff Training: Train compliance, credentialing, and UM staff on new documentation and data handling protocols
  • Mock Audit: Conduct a dry run to identify documentation gaps and remediation risks

Impresiv Health Can Help

At Impresiv Health, we work with health plans to ensure full alignment with evolving NCQA standards—whether you’re pursuing certification, preparing for re-review, or strengthening your delegated oversight.

We offer:

  • Gap assessments against new NCQA Information Integrity standards
  • Delegation oversight toolkits and sample agreement language
  • Policy templates for system access, audit logging, and data security
  • Technical support to evaluate and optimize credentialing and UM platforms

Final Thoughts

As data becomes the backbone of healthcare operations, NCQA’s shift from “system controls” to Information Integrity is more than a policy change—it’s a call to elevate your infrastructure, governance, and accountability. Health plans that respond proactively will not only meet compliance requirements but build a stronger foundation for member trust and operational excellence.

Need help preparing for the July 1, 2025, deadline? Reach out to the team at Impresiv Health for a consultation.

Related Posts

Did You Know? Impresiv Health Can Guide Your Business Transformation with Expert Advisory Services Uncategorized
Did You Know? Impresiv Health Can Guide Your Business Transformation with Expert Advisory Services
Did You Know? Impresiv Health Can Elevate Your Care Management & Population Health Strategy Uncategorized
Did You Know? Impresiv Health Can Elevate Your Care Management & Population Health Strategy
Did You Know? Impresiv Health’s Workforce Management Solutions Deliver Measurable Results Uncategorized
Did You Know? Impresiv Health’s Workforce Management Solutions Deliver Measurable Results

Leave a Reply

Your email address will not be published. Required fields are marked *