Understanding the National Practitioner Data Bank (NPDB)

Understanding the National Practitioner Data Bank (NPDB)

Aug 25, 2021
  • Author:
    Noelle Abarelli

The world of credentialing, enrollment, privileging, and evaluating is a complex one that is ever-changing, and it’s one that merits attention to detail and utmost security. The need to ensure patient safety has always been a top priority, in fact, it’s the main reason the National Practitioner Data Bank (NPDB) was created in the first place. So, why is the NPDB of such importance to credentialing professionals? Let’s find out!

What is the NPDB and why does it exist?

The NPDB was created by congress in 1986 to improve healthcare quality and to reduce occurrences of medical malpractice payments. Specifically, Congress wanted to eliminate incompetent physicians moving from state to state without disclosing their previous issues to the new entities from which they were requesting privileges. Does Dr. Death ring any bells here? Congress believed that the issue could be addressed with effective peer review but that the risk of civil lawsuits might prevent physicians from engaging in it.

Congress wanted to create incentives and protections for physicians who engage in peer review. Why? Because back then it was often thought that a physician would sue a hospital for denying or removing privileges. In fact, this fear of litigation is why Congress believed many physicians were able to slip through the cracks without a blemish on their records. Simply put, restricted privileges could be considered a restraint of trade; it was considered monopolistic behavior to prohibit a provider from exercising their clinical privileges. At the same time, hospitals also wanted to avoid litigation while protecting their patients. That is why the NPDB came to be.

What does the NPDB do?

The NPDB collects and releases (to authorized parties) physician information regarding:

  • Medical malpractice payment information
  • Licensure actions by boards of medical examiners
  • Licensing and certification actions taken by states
  • Federal licensing and certification actions
  • Adverse actions taken by health care entities against clinical privileges, including professional review actions taken by professional societies
  • Negative actions or findings by peer review organizations or private accreditation entities
  • Healthcare-related criminal convictions
  • Healthcare-related civil judgments
  • Exclusions from participating in federal or state healthcare programs
  • Other healthcare-related adjudicated actions or decisions

How is NPDB used?

Not everybody has access to the information the NPDB gathers, and there are appropriate-use rules. Under Title IV requirements and sections 1921 and 1128E of the Social Security Act, certain entities are required to report, query, both, or neither.


Below are eligible entities that report to the NPDB under Title IV requirements or under sections 1921 and 1128E of the Social Security Act:

NPDB Report Authorization 

If an entity is required to report to the NPDB, it is essential they do so, as the financial penalties associated with lack of reporting are steep. If an organization fails to report a malpractice claim, the cost (in 2021) is $23,331 per violation. Failure to report a final adverse action against a healthcare provider, supplier, or practitioner is $39,811 per violation.

Entities that fail to report have their names published in the federal registrar, and one month after the publishing date they enter a 3-year period in which that entity is not entitled to immunity from civil litigation. Therefore, it is of the utmost importance to remain compliant to avoid both fines and the risk of litigation.


In terms of querying the NPDB, only hospitals are required to do so under Title IV requirements. All other organizations under Title IV and sections 1921 and 1128E of the Social Security Act are either not authorized to query, or it’s optional.

Title IV

  • Medical malpractice payers
  • DEA
  • OIG


  • Health care entities that provide care services that follow a formal peer-review process
  • Professional societies that follow a formal peer-review process
  • Boards of medical examiners
  • Other state licensing boards

Section 1921 and 1128E Requirements

  • Peer-review organizations
  • Private accreditation organizations
  • Hospitals
  • Health care entities that provide care services that follow a formal peer-review process
  • Professional societies that follow a formal peer-review process
  • Health Plans
  • Quality Improvement Organizations
  • State Licensing and certification authorities
  • State Licensing and certification authorities
  • State law enforcement agencies, including prosecutors
  • State Medicaid fraud control units
  • State agencies administering or supervising health care programs
  • Agencies administering federal healthcare programs
  • Federal licensing and certification agencies
  • Federal law enforcement agencies

One thing to note is that providers are allowed to do a self-query and to get access to a report on themselves. They are then authorized to use that report however they like.

Appropriate and Inappropriate use:

Information reported and kept by the data bank must be kept confidential, if not, there are monetary penalties. Only those who are part of the official peer review process can gain access to the NPDB report, and they must be part of the investigation. Such as:

  • Hospital officials who review the details for medical staff appointments and/or clinical privileges
  • Outside peer-review organizations
  • Health plan officials, like Aetna, who are responsible for reviewing a practitioner’s application for affiliation

All parties who disclose information improperly will be fined $23,331 per violation. So long as the information provided is used for the purpose for which it was requested, by those authorized to view it, it’s considered appropriate use. It is important to note that private accreditation organizations or delegated entities are not authorized to view the report as they are not considered part of the credentialing process.

As you can see, there are a lot of factors to consider when interacting with the NPDB. The good news is, VerityStream solutions can query NPDB and pull the report directly into CredentialStream. This is just one of the many ways CredentialStream can be used to improve your processes so you can improve patient health and safety. To learn about all the functionality our cloud-based solutions have to offer, set up a demo with us today.