Trying to find the right way for your organization to meet your querying or reporting responsibility? You may choose to designate an authorized agent, which is an organization allowed to act on your behalf, to fulfill this responsibility.
What Is an Authorized Agent?
An authorized agent is an organization that has been designated by an eligible health care organization to query or report on their behalf. In most cases, an authorized agent is an independent contractor used for centralized credentialing; e.g., a credentialing verification organization or hospital association. An authorized agent must be registered with the Data Bank and will have its own unique Data Bank Identification Number (DBID). The authorized agent must also have a written contract in place with each initiating health care organization.
Note: An authorized submitter is an individual empowered by an eligible health care organization to certify the legitimacy of information in a query or report to the Data Bank. In most cases, the authorized submitter is an employee of the organization submitting the report or query, such as a risk manager or medical staff services personnel. Authorized submitters use the Data Bank Identification Number (DBID) of the organization.
How It Works
Registering an Agent
The authorized agent must be registered with the Data Bank before the initiating organization can designate the agent. The initiating health care organization also must be registered. Health care organizations and authorized agents complete different, separate registration forms.
Designating an Agent
Before an authorized agent submits queries on behalf of an eligible health care organization, the health care organization must designate the agent by completing an online Authorized Agent Designation, through the Data Bank Web site. The initiating organization must indicate whether they wish to receive query responses or if they want their agent to receive their query responses, or if they would like the query responses sent to both (their health care organization and their agent).
A health care organization that has designated an authorized agent can still query and/or report to the Data Bank directly. Responses to queries or reports submitted by the initiating health care organization will be returned to the initiating organization, regardless of routing designation.
The initiating organization may also select how they wish to receive query and report output. For example, if an agent submits a successful query through the Querying and Reporting XML Service (QRXS), the initiating organization can elect to receive the query response through the Integrated Querying and Reporting Service (IQRS), or the QRXS.
About DBIDs
Since confidential Data Bank information may be routed to authorized agents, they are assigned a Data Bank Identification Number (DBID). An authorized agent should have only one DBID, even though more than one health care organization may designate that agent to query or report to the Data Bank. If an authorized agent has been issued more than one DBID, he or she should immediately alert the Data Bank, identify which DBID will be used, and request that any other DBIDs be deactivated.
Rules and Guidelines
It is important that health care organizations and their authorized agents be aware of and follow certain rules and guidelines:
Agent Queries
- The Data Bank response to a query or report submitted by an authorized agent on behalf of a health care organization is based upon two eligibility standards: (1) the initiating health care organization must be entitled to receive the information, and (2) the agent must be authorized to receive that information on behalf of that health care organization.
- Authorized agents cannot use a query response on behalf of more than one health care organization. The Data Bank regulations specify that information received from the Data Bank must be used solely for the purpose for which it was provided.
Note: If two different hospitals designate the same authorized agent to query the Data Bank on their behalf, and both hospitals wish to request information on the same practitioner, the authorized agent must query the Data Bank separately on behalf of each hospital. The response to a Data Bank query submitted for one hospital cannot be disclosed to another hospital.
The Written Agreement
As part of the reporting and querying requirements, health care organizations are responsible for creating a written agreement between themselves and any authorized agents. The agreement should confirm the following:
- The agent is authorized to conduct business in the State.
- The agent’s facilities are secure, ensuring the confidentiality of Data Bank reporting and query responses.
- The agent is explicitly prohibited from using information obtained from the Data Bank for any purpose other than that for which the disclosure was made.
- The agent is aware of the sanctions that can be taken against him/her if information is requested, used, or disclosed in violation of Data Bank provisions.