This conversation originally appeared on Becker’s Healthcare Payer Issues Podcast "Navigating Network Compliance in Healthcare: Trends, Challenges, and Digital Transformation Insights", it's been edited and condensed for clarity.
Navigating network compliance presents a host of challenges for healthcare leaders. Accommodating evolving regulatory standards while selecting technology that satisfies both immediate needs and long-term goals requires a delicate balancing act — with each decision carrying far-reaching implications on care, revenue, and operational areas. With so many minefields to navigate, how can leaders make sure they get it right?
Gianni Aiello, VP of Product at Verifiable, sat down with Becker’s Healthcare Podcast host Jakob Emerson to discuss all things network compliance. Read the conversation below (or listen here) as they dive deep on what makes a successful network compliance program, the main barriers between payers and providers, and how healthcare leaders can track ROI more effectively.
Q: Can you tell us about your work at Verifiable and the role the company plays in the healthcare system?
Gianni Aiello (Verifiable): Yeah, sure. So for the audience: my name is Gianni Aiello and I'm VP of Product at Verifiable, and I've been at the company just over 18 months. But over the past 15 years, I've been a product leader at various different technology companies, including identity security and AI-based voice-to-tech solutions, both of which have served healthcare customers, so I have a pretty extensive background in serving healthcare organizations.
At Verifiable, my role centers around advancing our mission to become the autonomous system of record for verified provider credentials. We really want to streamline the often – as I think most people can understand — complex and sometimes resource-intensive process in healthcare around credentialing, and we really want to divert that resource back to patient care. So, that's sort of our primary mission.
We believe that practitioner and facility credentialing and monitoring shouldn't take weeks or months; it can be done in hours or even minutes. And I think achieving that is going to be about embracing technology, but also rethinking the way in which we go about doing some work. So yeah, that's a little bit about me and our mission at Verifiable.
Q: Can you explain the core components of a successful network compliance program and the trends that you're seeing today across the landscape?
Gianni Aiello (Verifiable): There's sort of a varied perspective in the market around what is needed for compliance. There's a lot of different elements to it. I obviously — given our focus is very credentialing-centric — lean that way, but there are things that are very adjacent to compliance — things like network adequacy, as an example, and the timely delivery of claims reimbursement — that are part of a compliance solution as well. But I'm going to talk about sort of the high-level fundamentals that I think make a good compliance program, irrespective of the core mission or the use case that you might be solving within the scope of compliance.
I would say that the first step is really about data sharing and onboarding. There's always a step around how data is being shared between a provider organization and a payer organization, and that's often an area of friction. Rosters are a good example of a data point or a format of data that's exchanged between organizations, and having that exchange be as frictionless as possible is going to be critical.
The second step is unsurprising: process automation. There is a lot of still manual activity that goes on in the process to exchange information, to validate and verify information, and then ultimately make decisions on that information. And so we believe that there are some really compelling ways to better manage that process. The first step is an efficient and streamlined credentialing process. We really do think that's sort of a starting point in the journey around compliance, around practitioners and facilities; without having a credentialed facility or practitioner, you can't really get onto the other sections of compliance. And so having good packet creation and a focus committee review that focuses on risky cases versus everything that's coming through the organization is very important.
The [next] step would be just providing facility risk management. Like, you've done credentialing, but that isn't where it ends, right? A compliance program is an ongoing program. It needs ongoing monitoring, it needs ongoing management. So, how do we make it so that as things change — practitioners change, facilities change — how are those risks being surfaced in a way that makes the distribution much more straightforward and ultimately reduces any potential liability concerns that might come from an issue that arises?
And then last and certainly not least is: there is a network effect. Once this data is there, once it's available, how can it be distributed into other parts of the process? And sometimes it's not even compliance-related processes, honestly. It could be something like: when do you unlock a specific provider from being available for claims reimbursement as part of an insurance plan? The compliance program should be the arbiter of that decision, and making sure that the system is interchangeable and quick to allow that system to consume that context is really critical. So, those are sort of the steps that we see that are really important to a successful compliance program.
Q: What's keeping payer organizations from effective network compliance? What are some of the barriers that they're facing?
Gianni Aiello (Verifiable): I think there's an organizational reality — like a business relationship barrier — and then there's a technology barrier. I'll talk about them both a little differently.
So, when it comes to the sort of the organizational barrier, we are finding that there is a lack of efficient data sharing and collaboration between providers and payers in the industry. The relationship between these stakeholders often feels siloed, with significant walls that need to be broken down. It's a real problem, and without that partnership and streamlined process, compliance becomes really burdensome for everyone involved.
A major issue is the absence of an agreed-upon standard for data exchange; providers are often required to navigate unique payer specific requirements for sharing information. Those requirements vary not because of any meaningful difference in policy, but due to each payer’s interpretation of those tasks and rules. So, these differences aren't helping anyone from an insurance perspective drive differentiation…and so we really do need to break down that barrier, because we fortunately serve both sides. And providers are having to deal with 15+ different roster templates for different insurance companies and having to provide different information, which means that data can sometimes get out of sync. And then on the insurance side, that means they also have to understand that the provider might be presenting information in incomplete formats. So that's one area. It's not really about technology: it's about agreeing upon a set of principles.
And I know that this has been talked about for years, but until this gets resolved, this is going to continue to be a real big challenge for a lot of organizations. We need some collective decision-making to really break down that wall.
I did want to call out that we also see that there is a real need on the technology side to just embrace more digitization…but obviously the more you can leverage digital assets and electronic communications, that’s going to drive much more efficiency. And that's not just a statement for insurance and provider organizations; that's also the government and others that are the arbiters of this information, and so we have to modernize the technology stack so we can become more efficient.
Q: How can payers adapt their compliance programs to evolving data privacy regulations, and what role does digital transformation play in this process?
Gianni Aiello (Verifiable): Evolving data privacy laws and regulations, it's always an everchanging benchmark, right? But I think when it comes to digital transformation and compliance programs, a digital footprint allows organizations to easily track where data resides and how it's stored and who has access to it.
This level of visibility is almost impossible to achieve in a lot of the manual physical data management processes that sometimes still exist today, in particular where there's exchange between different services organizations around credentialing and managing these processes. So, with the right technologies, payers can control access, enforce robust security measures, and, most importantly, maintain sort of a detailed audit trail to track who is accessing or modifying this sensitive, private data, which is ultimately where the regulations are all moving. This transparency not only helps in mitigating risk, but also ensures compliance and evolving regulatory framework. So, if you have this benchmark and this foundation, it becomes much more straightforward for you to adjust as the benchmarks change.
At Verifiable, we take this step further by providing a deep audit trail across our platform. These trails track every instance of data manipulation or access: who has made the change, what was altered, and when it occurred. And that is the information that you need to be able to present in reports to anybody that is going to be reviewing your privacy regulations or policies internally to make sure that you're keeping in line with those things and you don't expose yourself to additional risk.
We also align with various accreditation bodies like NCQA around their expectations around handling, as well as The Joint Commission and others to make sure that we're meeting their minimum bar, as well around the tracking of information as well.
Q: What short-term and long-term KPIs are critical for a successful network compliance program, and how can leaders measure ROI in digital transformation projects?
Gianni Aiello (Verifiable): Obviously, we deal with a lot of different customers and organizations with varying needs. But there are some consistent perspectives here that we do see irrespective of use case.
In the short-term, I think the most immediate ROI does tend to come from efficiency gains internally. For example, our platform is incredibly efficient at performing primary source verifications and completes them in seconds. That translates to significant time and cost savings for internal teams that frees them from a lot of the repetitive tasks they have to do.
It also improves the organization's risk posture, because many customers weren't even conducting certain verifications. Honestly, they just didn't have the capacity to do it. How they measure risk is always a more challenging ROI to measure. It tends to be, “what is the potential liability risk?” Based on some of the cases that are out there, we're talking millions and millions of dollars of potential liability risk, but there is real, tangible efficiency gains that you can build an ROI model around just internally around your team, and how much more efficient you can be with certain digital transformation and automation being put in place.
In the long-term, I think ROI is often seen in sort of the speed and fluidity of data availability across the organization. So, one of the inherent challenges is when you have a bunch of disparate silos of data, you become much more inefficient in being able to flow through different scenarios and use cases across the organization, and that creates sort of a ripple effect. If you solve the fluidity of data and how it can also be exchanged, and if you have a centralized data store where data is being shared across the organization and it's accurate, it leads to better member sentiment and stronger network adequacy, which you can measure. So you can actually tie member sentiment around things like your provider directory, or the outcomes that you're driving from network adequacy to the improved efficiency of the collection of provider and facility information in a centralized store.
And so we think that's another interesting ROI model that's a little bit more centered around the member, that is more of a longer term play: once you get to a solid base, you can start to showcase the tangible impact you're having there. So, I think those are the primary areas: efficiency gains and risk posture are the two short-term, while term speed and fluidity data and driving towards member sentiment and network adequacy would be the more long-term plays.
Q: Looking ahead, what should healthcare leaders be prepared for in network compliance, and what best practices have you observed across the industry?
Gianni Aiello (Verifiable): Yeah, I'm going to talk about two things versus one. One is leadership and an organizational approach, and some of the things that we observe with partners and organizations that we're working with and seeing success with. And then there's the technology lens that I'm sure is what people would expect me to answer on. I'll start with the leadership and then land on the technology.
I think leaders who are achieving meaningful wins are those who sort of embrace the reality of digital transformation as an iterative journey, rather than a one-and-done overhaul. We find that the most successful companies are focusing on incremental improvements in specific areas and coming back to sort of my steps, right? We have a number of customers that are, for example, very focused on either the credentialing package creation, or the risk posture management on the compliance side, so the monitoring portion of it. And they're very focused on that and getting that into a better place as step one, and showing results. And so I think that's a really critical thing. And we've seen that there are customers that are, in contrast to that, embark on a more monolithic project approach, where they're attempting to completely reimagine the process in one go, and often face significant challenges, or they tend to fail, honestly, to meet their goals.
We've seen the approach work firsthand with one customer that I unfortunately can't name, but they're a very well-known insurance company, and they sort of become a beacon for this iterative methodology — and the results speak for themselves. They've seen massive improvements in team morale across their compliance credentialing teams. They've seen measurable improvements in their key performance indicators and their focus areas, and they've ultimately seen operational success as well. They've been able to achieve quicker time-to-value and they were able to realize their ROI model that presented the budget to go and do what they did so — and they did it through not trying to do everything.
And I think that's a really important thing that, surprisingly, still isn't always embraced, which is why I bring it up! The amount of times we deal with customers that are trying to just reinvent the entire process from scratch and fail is sort of surprising that it still occurs.
On the technology side: I'm not the type of product leader that gets excited about technology for its own sake. I do think it's impossible to ignore the impact of automation and AI and what it will have in how you go about doing network compliance — in particular around credentialing — it will change how work is done. And I think leaders who embrace these tools are better positioned to drive meaningful results. Network compliance involves many manual and time-consuming tasks that…don't require a lot of critical understanding of things. For example, AI can perform these tasks not only more cost effectively, but often with higher accuracy than traditional approaches. And we're seeing that, at Verifiable, we’re particularly excited about our potential to address two critical areas.
One is in the data onboarding process, where I can help highlight required data based on provider types. So whether it's an MD that's being credentialed, an MP, an RN — we can do a much better job leveraging AI and calling out gaps or areas that we think need to be adjusted based on our understanding of the datasets that are out there and be more proactive. And that's something that's just not meaningfully valuable in comparison to a credentialing specialist that needs to evaluate the entirety of the information and make critical decisions around how information is presented to the committee. Another example would be: AI holds promise in the reviewing of adverse actions that are associated to a credentialing process. So, when there is a disciplinary action or something that occurs during normal business working hours, how does AI generate summaries and highlight key points so that the committee can be more efficient and the decision makers are more effective in that decision making? Versus having to go through a lot of additional details around things that sometimes are not necessary to the decision being made. I think they're the two sort of big areas that I'm really excited about, and areas that I hope leaders embrace, because I think that's going to lead to the best results for them over the next couple of years.
Listen to the full discussion between Gianni Aiello, VP of Product at Verifiable, and Becker’s Healthcare Podcast host Jakob Emerson on Becker's Payer Issues Healthcare Podcast.
