Do Clinical Supervisors, Peer Reviewers, and Administrators Need to Be Credentialed and Privileged?

We hear a common question from health centers: "Our Chief Medical Officer doesn't see patients anymore. Does she really need a credentialing and privileging file?"

The same logic applies to a Director of Nursing who only supervises clinical staff, or to a physician who chairs the peer review committee but no longer sees patients. The answer matters more than it first appears. Federally Qualified Health Centers (FQHCs) that get this wrong can end up with documentation gaps that show up during an Operational Site Visit (OSV) and, more consequentially, weaken quality and risk management practices required for reducing the risk of medical malpractice claims.

Chapter 3 of the Health Resources and Services Administration (HRSA) Site Visit Protocol (SVP) and Chapter 5 of the Health Center Program Compliance Manual together set out who needs credentialing and privileging (C&P), and what assurances are required when clinicians provide services through an outside contracted organization.

Chapter 3 defines clinical staff broadly. The category covers any staff who provide clinical services — medical, dental, or behavioral health — and groups them into Licensed Independent Practitioners (LIPs), Other Licensed or Certified Practitioners (OLCPs), and Other Clinical Staff (OCS). It applies whether the individual is a health center employee, an individual contractor, or a volunteer.

When Supervisors, Peer Reviewers, and Administrators Need C&P

A health center is required to credential any individual who supervises or trains clinical staff but does not provide direct patient care. That captures roles such as Medical Director, Chief Medical Officer (CMO), Director of Nursing, Director of Pharmacy, Dental Director, Director of Behavioral Health, collaborating physicians supervising Advanced Practice Nurses (APNs) and Physician Assistants (PAs), and academic program directors overseeing residents or other student clinicians — anyone whose work shapes clinical practice through oversight rather than direct care.

A practical test helps when a role sits in a gray area: if the person holds themselves out as a clinician anywhere a patient, colleague, or community member can see it (credentials behind their name on the badge, the email signature, the staff directory, a community presentation, the website biography), the health center should be able to back up what is being displayed.

A physician who serves as Chief Medical Officer (CMO) is a clinician on the badge and in the email signature, even when her daily calendar is wall-to-wall management meetings. A Director of Nursing who never staffs a clinic schedule is still a Registered Nurse.

A reviewer (or, in a malpractice setting, a plaintiff's attorney) will treat the displayed credential as the operative one. The health center needs a current, verified credentialing and privileging file behind every clinical credential it lets walk around the organization.

Why This Matters for FTCA Coverage

Beyond Chapter 3, C&P is a foundational element of FTCA deeming. The Health Center FTCA Program treats C&P as evidence that the health center is operating a defensible quality and risk management program. Credentialing and privileging verification upon hire and at least every two years is the cadence required by HRSA. This process is to be followed at all times and only deviated from in declared emergencies, where HRSA grants health centers permission to issue “temporary privileges” according to HRSA Program Assistance Letter (PAL) 2024-01.

Element f — Organizational Contractors

Site Visit Protocol, Chapter 3, Element f, addresses clinical staff who reach the health center through a contract with an outside organization (“organizational contractors”) rather than as employees, individual contractors, or volunteers. Common examples include a group practice that provides specialty coverage, a locum tenens staffing agency, an academic affiliation that supplies residents and faculty, or a contracted pharmacy services organization.

For these contracted provider organizations, the health center has two acceptable paths. The first is to credential and privilege the individuals directly, the same way it would for any clinical staff member who is an employee, individual contractor, or volunteer. The second is to maintain documented assurances that the contracting organization performs credentialing and privileging through a standardized verification process. Either path is acceptable, and either path must be fully documented.

A few practical points belong with Element f. The assurance is the health center's responsibility to obtain and to keep current. To learn more, read our blog post about this topic.

When every clinical credential displayed at your health center is backed by a current, verified C&P file, Chapter 3 compliance and FTCA coverage rest on the same solid foundation.

RegLantern's compliance tools can surface upcoming credentialing and privileging renewal dates, flag contracted provider assurance gaps, and produce the documentation packages that Chapter 3 reviewers ask for during an Operational Site Visit. If a recent self-assessment has left you uncertain about which supervisors or peer reviewers belong in your C&P system, that is the right place to start.