With more than 20 years of experience at a major health insurance company, I’ve seen firsthand how challenging provider data management can be. I’ve worked with teams reconciling files from delegated groups, fielded calls from frustrated providers, and navigated compliance pitfalls that can quickly become operational headaches. But the stakes have never been higher than they are now under the No Surprises Act (NSA).
For years, maintaining an accurate provider directory was considered a best practice or a company metric that was a “nice to have.” Today, it’s a legal requirement. The NSA, effective January 2022, aims to protect patients from unexpected bills when they unknowingly receive care from out-of-network providers. It introduced strict rules around billing transparency and requires payors to maintain up-to-date, accessible provider directories.
The reality is that inaccurate provider data now carries significant financial, legal, and reputational risks. Health plans must verify and update provider information at least every 90 days, promptly remove unverified providers, and reflect updates within two business days.
In short, the NSA has transformed provider directory accuracy from a quality differentiator into a regulatory necessity. For payors, strong provider data management is no longer optional-it’s essential for compliance and for protecting both patients and the organization.
The Burden Has Shifted — And It’s Heavy
The NSA places the burden of accuracy squarely on the shoulders of payors. If a patient receives incorrect information about a provider’s network status—whether it’s outdated location details, a terminated affiliation, or inaccurate insurance participation—they must still be charged in-network rates. The liability is no longer shared. It’s owned.
And it’s costly.
A study published in JAMA Network Open found that 81% of directories across five major insurers contained inaccuracies. And these errors aren’t minor. They’re often the root cause of surprise bills. Meanwhile, the Independent Dispute Resolution (IDR) process established by the NSA has been overwhelmed. In just the first year, over 650,000 cases were filed—an overwhelming volume that demonstrates how frequently directory errors translate into reimbursement conflict.
This is not a glitch in the system. It is the system—manual, siloed, and outdated.
Why Payors Struggle to Keep Up
It’s easy to say, “just update the directories.” But the operational demands tell a different story.
To remain compliant, payors must verify provider information every 90 days. That means thousands—sometimes hundreds of thousands—of outreach attempts, follow-ups, attestations, and manual updates. All tracked, documented, and auditable.
Add to that the NSA’s requirement to respond to patient inquiries about a provider’s network status within one business day, and suddenly, even large payors are scrambling to meet the mark.
In practice, this often looks like:
- Internal or external outsourced phone calls to provide offices that never get returned
- Spreadsheets managed across siloed departments
- Delays between internal systems syncing
- Missed expirations and communication black holes
The result? Errors persist, compliance suffers, and most importantly, trust—between members, providers, and payors—erodes.
Why This Is More Than a Compliance Problem
What’s often missed in the NSA conversation is this: provider data is not just a compliance function. It’s a foundational layer that touches:
- Network adequacy
- Value Based Care programs
- Access to care
- Member satisfaction
- Claims payment integrity
When provider data is broken, everything downstream feels it.
Too often, we treat data governance like a back-office problem. But in today’s environment, it’s a front-line differentiator. Payors that get it right will move faster, reduce disputes, and protect their members. Those that don’t will continue to rack up penalties, drain resources, and fall behind.
What’s the Solution?
To fix this, payors must stop retrofitting compliance into legacy workflows. Instead, they need to rethink provider data management from the ground up—as a strategic, real-time system that’s:
- Automated: Outreach, verifications, and updates must happen without manual triggers
- Self-service enabled: Providers should be able to update their own data digitally and securely
- Interoperable: Data entered once should update across all systems
- Auditable: Every update must be time-stamped, traceable, and reportable
- Responsive: Member inquiries must be answered accurately—and fast
I’ve worked with dozens of payor teams trying to meet these requirements manually. It’s unsustainable. But I’ve also seen what’s possible when they adopt provider data management platforms and workflows designed for this moment: compliance gets easier, operations become smoother, and the patient experience improves.
Final Thought: Get Ahead or Get Left Behind
I know the No Surprises Act didn’t create the provider data problem-it exposed it. Now, payors must urgently address data accuracy, not as a checkbox, but as a critical component of their operations with providers, regulators, and members.
This moment demands operational reinvention, better systems, technology solutions, and strategic focus. Those who respond effectively will build trust, reduce disputes, and scale confidently. Those who don’t risk regulatory penalties and member dissatisfaction. In today’s landscape, accurate provider data is essential. The choice is simple: get ahead or get left behind.
About David Van Houtte
David Van Houtte, Chief Growth Officer at Santech, has more than 25 years of experience in provider data management technologies, payor operations, and digital transformation. Previously, he served as Vice President of Network at a top five payer, where he led provider network and value-based strategies. He has led national sales, provider networks, and provider data implementation efforts across the healthcare ecosystem and is a recognized expert in provider data strategy, compliance workflows, and network optimization.
