justin/new-site
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
new-site/docs/state-healthcare-compliance-opportunities.md
justin 0b06043437 healthcare: verify wet-signature requirements across all services 
Source-grounded check of which services need an ORIGINAL ink signature (plotter
target) vs e-sign/typed. Verified firsthand against the official forms:

- Confirmed wet-ink: the 5 CMS Medicare/NPI paper filings only (855I/B/O +
  10114), which are exactly the no-login Standard-path filings the plotter serves.
- CLIA CMS-116 does NOT require original ink — the form explicitly permits 'SIGN
  IN INK OR USE A SECURE ELECTRONIC SIGNATURE', so our digital stamp suffices;
  plotter optional for CLIA.
- DEA registration/renewal is online-only (Form 224 unavailable in PDF),
  e-certified, no wet ink.
- State CSR / state Medicaid are the only open items: paper in many states but
  original-ink-vs-e-sign is state-specific; verify per state.
- All FCC/telecom/DOT/BOC-3/CRTC/PUC filings are electronic (e-sign fine).

Added the verified matrix to state-healthcare-compliance-opportunities.md, saved
docs/CMS-116 Form.pdf, and the plotter plan.
2026-06-07 02:40:47 -05:00

155 lines
11 KiB
Markdown
Raw Permalink Blame History

# State & adjacent healthcare compliance — new service opportunities
We already sell the federal/Medicare side: PECOS revalidation, Medicare
enrollment, NPI/NPPES updates, NPI reactivation, OIG/SAM screening. Below are
the **state-level and adjacent** provider obligations we can add. Ranked by
revenue potential (recurring + high-volume + painful + legitimately
outsourceable).
## TIER 1 — add these first
### 1. State Medicaid enrollment & revalidation ⭐ flagship
- **What:** Separate from Medicare. Every state Medicaid program requires its own
provider enrollment, and the **ACA requires Medicaid revalidation at least
every 5 years** (CMS-confirmed: "The State Medicaid agency must revalidate the
enrollment of all providers regardless of provider type at least every 5
years"). The federal government is pushing *more frequent* scrutiny.
- **Why it's huge:** It's a distinct, recurring, state-by-state deadline that
providers routinely miss — and missing it deactivates Medicaid billing, same
pain as Medicare. A provider enrolled in multiple states has multiple clocks.
- **Outsourceable?** Yes — we prepare + submit the state Medicaid enrollment/
revalidation packet (provider signs). Same model as our PECOS service.
- **Offer:** "State Medicaid Revalidation" (per state) + "Medicaid Enrollment
(per state)". Price similar to PECOS ($599-ish revalidation, $699 enrollment).
- **Data hook:** like the CMS revalidation list, several states publish Medicaid
revalidation due dates -> same overdue-first cold-outreach play.
### 2. CAQH ProView re-attestation management ⭐ recurring SaaS-like
- **What:** Commercial-payer credentialing runs on CAQH ProView. Providers must
**re-attest their CAQH profile every ~120 days (4x/year)** or payers drop them
from directories and stop paying claims.
- **Why:** Highest-frequency obligation in healthcare. Almost universally
neglected by small practices. Pure recurring revenue.
- **Outsourceable?** Yes (with provider authorization) — we maintain the profile
and re-attest on schedule.
- **Offer:** "CAQH Attestation Management" — annual subscription (e.g. $299-499/yr
covering all 4 attestations + profile upkeep). Strong bundle add-on.
### 3. Commercial payer credentialing & re-credentialing
- **What:** Enroll/re-credential providers with each insurance network
(~every 3 years per payer). Big, well-established outsourced market.
- **Why:** Revenue-critical (no credentialing = no in-network payment), tedious,
per-payer. Practices pay credentialing firms $100-300 per provider per payer.
- **Outsourceable?** Yes — this is a mature service line; we'd compete on fixed
pricing + our filing tech.
- **Offer:** "Payer Credentialing" (per provider/per payer) + re-credentialing.
## TIER 2 — solid add-ons / renewals (mostly reminder + prep + file)
### 4. DEA registration renewal + state Controlled Substance Registration (CSR)
- **DEA:** federal, renew **every 3 years**. **State CSR:** ~half the states
require a *separate* state controlled-substance license with its own renewal.
- **Outsourceable?** We prep/file the renewal; the registration itself is the
provider's. Good reminder+filing service, bundles with PDMP below.
### 5. PDMP (Prescription Drug Monitoring Program) registration
- **What:** Nearly every state requires prescribers/dispensers of controlled
substances to register with the state PDMP (and some mandate periodic checks).
- **Outsourceable?** Registration assistance + setup. Lower price, high volume
among prescribers; natural bundle with DEA/CSR.
### 6. CLIA certificate (in-office lab testing)
- **What:** Practices doing any in-house testing need a CLIA certificate,
**renewed every 2 years** (CMS-administered via states).
- **Outsourceable?** Yes — application + biennial renewal filing. Niche but sticky.
### 7. State medical license renewal support (license + CME tracking)
- **What:** State MD/DO/NP/PA licenses renew on a state cycle (often every 1-2
yrs) with CME requirements. The license is personal (can't file for them) but
**renewal reminders + paperwork prep + CME tracking** is a legitimate assist
service.
- **Offer:** "License Renewal & CME Tracking" subscription. Position as assist,
not "we renew your license."
## TIER 3 — already in our wheelhouse (cross-sell to providers)
- **Practice entity compliance:** PLLC/PC formation, annual reports, registered
agent — we already do corporate; just market it to the healthcare segment.
## Recommended rollout
1. **State Medicaid revalidation/enrollment** (mirrors our PECOS product + has a
data-driven overdue cold-outreach angle).
2. **CAQH attestation management** (recurring subscription revenue).
3. **Payer credentialing** (large existing market, fixed-price differentiation).
Then bundle DEA/CSR/PDMP + CLIA + license-renewal as a "Provider License &
Credential Upkeep" annual subscription.
## Honesty guardrails (same as Medicare)
- We PREPARE + FILE where the provider signs; we ASSIST (reminders/prep) for
anything that legally must be done by the provider personally (e.g. license
attestations, DEA personal certifications). Never claim we hold/sign the
provider's personal license.
## No-login fulfillment classification (per service)
Same two-tier model as Medicare (see `healthcare-filing-tiers-verified.md`):
**Standard** = we file it, client signs once, no login; **Expedited** = optional
electronic delegation that speeds us up (never required, never credential
sharing). Categories:
- **A** full no-login paper+sign (joins the daily batched-mail flow, grouped by
the destination state agency, same as CMS-855 → MAC).
- **B** public-data, zero client action.
- **C** needs a one-time signed authorization (an LOA / delegated-official form)
but NO client login.
- **D** genuinely portal/login-bound — flag so marketing never says "no logins".
| Service | Category | Standard (no-login) path | Expedited / delegation | Batched mail? |
|---|---|---|---|---|
| State Medicaid enroll/reval | A or D (state-by-state) | Paper enrollment packet → state Medicaid agency where the state still accepts paper; client signs | Where portal-only: client adds us as a **delegated/authorized user** (one signed form, no password) | Yes (per state agency) when paper |
| CAQH ProView re-attestation | C | n/a (CAQH is online) | Client authorizes our org as **CAQH-authorized administrator** once; we then attest each cycle | No |
| Commercial payer credentialing | C | n/a (payer portals/CAQH) | One-time **LOA / authorized-rep** per payer; runs off the CAQH grant | No |
| DEA registration renewal | C/D | DEA renewal is online; the registrant must personally certify | We PREPARE; client e-signs the personal certification (DEA personal cert may not be delegated) | No |
| State Controlled Substance Reg (CSR) | A (most states) | Paper CSR application/renewal → state agency; client signs | Some states portal-only (D) | Yes (per state agency) when paper |
| PDMP registration | A/D | Some states paper; many portal | Registration assist | Sometimes |
| CLIA certificate (CMS-116) | A | **CMS-116 paper → state CLIA agency**; client signs. Biennial renewal. | n/a | Yes (per state CLIA office) |
| State license renewal + CME | C/D | License renewals are mostly board-portal + personal attestation | We ASSIST (prep + reminders + CME tracking); client does the personal attestation | No |
> Sequencing note: lead the cold-outreach pitch with the **A/B/C** services
> (genuinely "no logins for you"); for **D**-leaning services, market the relief
> ("we handle the paperwork") without the "no logins" claim. CLIA (CMS-116 paper
> to the state) and state CSR are the cleanest A-category additions and slot
> straight into the existing daily batched-mail flow grouped by state agency —
> the same machinery built for CMS-855 → MAC.
## Wet-signature (original ink) requirement — verified check
Determines which services need the pen-plotter ink-signature pipeline (an
ORIGINAL ink signature on a mailed form) vs an e-signature / typed attestation.
Source = the official form's signature/submission language, checked firsthand.
| Service | Channel | Signature requirement | Wet ink needed? | Source (verbatim) |
|---|---|---|---|---|
| NPPES update | mail | original, in ink | **YES** | CMS-10114: *"All signatures must be original and signed in ink... Stamped, faxed or copied signatures will not be accepted."* |
| NPI reactivation | mail | original signatures | **YES** | CMS-855I: *"Send this completed application with original signatures..."* |
| Medicare revalidation | mail | original signatures | **YES** | CMS-855I/B (same) |
| Medicare enrollment | mail | original signatures | **YES** | CMS-855I/B/O (same) |
| Provider compliance bundle | mail | inherits 855/10114 | **YES** (its filing pieces) | spawns the above |
| **CLIA certificate (CMS-116)** | mail → State Agency | **ink OR secure e-signature** | **NO** | CMS-116: *"SIGNATURE OF OWNER/DIRECTOR OF LABORATORY (SIGN IN INK OR USE A SECURE ELECTRONIC SIGNATURE)."* So a stamped/secure e-sig is acceptable; plotter optional, not required. |
| DEA registration / renewal | online | electronic certification | **NO** | DEA online webforms (Form 224 "unavailable in PDF" — new individual reg is online-only); registrant e-certifies. |
| State CSR | varies by state | state-specific | **MAYBE (per state)** | Most states: paper application the client signs; a minority are portal-only. Original-ink vs e-sig is state-by-state — verify per state before plotting. |
| State Medicaid enroll/reval | varies by state | state-specific | **MAYBE (per state)** | Where paper, the state packet's signature rule governs; verify per state. |
| MCS-150 / DOT, BOC-3, all FCC/telecom, CRTC, PUC, PDMP(portal), license renewals | online/portal/fax | e-sign or typed | **NO** | electronic submission; our e-sign + digital stamp flow suffices. |
### Conclusions
- **Confirmed wet-ink (plotter target):** the five CMS Medicare/NPI paper filings
only. These are exactly the no-login Standard-path filings the plotter serves.
- **CLIA does NOT require original ink** — the CMS-116 explicitly permits a secure
electronic signature, so our existing digital-stamp e-sign is sufficient; the
plotter is optional for CLIA, not mandatory.
- **DEA = electronic**, no wet ink.
- **State CSR / state Medicaid are the only open items**: they are paper in many
states but the original-ink-vs-e-sign rule is state-specific. Verify each
target state's packet before relying on the plotter (or just plot to be safe,
since an ink signature satisfies a state that accepts either).
- **Gap for plotting org filings:** `cms855_pdf_filler` currently maps the 855I
signature anchor only; add 855B/O/A anchors (plotter-plan §3.4) before plotting
organization enrollment/revalidation.
Reference in a new issue View git blame Copy permalink