Mini image of an American Flag An official website of the United States government.

Icon of a government buiding.

Official websites use .gov

A .gov website belongs to an official government organization in the United States.

Icon of a lock box for secure website.

Secure .gov websites use HTTPS

A lock (  ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

NPDB Insights - February 2024

Is It Reportable image

Is It Reportable?

When does the review of an application for reappointment become an investigation if the physician resigns before final action is taken on the reappointment application? For example, if a physician discloses on an application for reappointment that she has been a defendant in three malpractice cases during the last 2 years, and the credentials committee requests additional information about the cases, has an ongoing "routine review" become an "investigation?"

It depends. A routine or general review is not considered an investigation. So, for example, if all practitioners are automatically or routinely asked for additional information when they are defendants in a certain number of malpractice cases, this type of request probably would not be considered an investigation. Therefore, the resignation would not be reportable. However, if officials at the reappointing hospital had specific concerns about this practitioner's competence based on the number or severity of the medical malpractice cases, then the inquiry appears to deviate from routine review, is focused on a particular practitioner, and concerns competence and conduct issues. In this situation, the activity may be seen as an investigation, and, if so, the resignation would be reportable.

Identity Verification Form.

Identity Verification Is Coming to the NPDB

To meet current cybersecurity standards, the NPDB will require identity verification for all user accounts. Identity verification means you must provide a valid government-issued ID and prove your identity. Beginning April 25th, 2024, users must enable MFA in order to access the NPDB. Additionally, organization users may complete identity verification beginning that same day. Identity verification will be required later this year. We will notify you before it becomes mandatory.

Identity verification helps to ensure that only authorized users are able to access their NPDB accounts, making it more difficult for hackers and bad actors to access user accounts and information.

How to Verify Your Identity

In order to verify your identity, you must first enable multi-factor authentication, or MFA, if you have not done so.

If you access MFA through, you will verify your identity through If you use a PIV card or CAC to sign into your account, the MFA credential you linked already includes your verified identity, and no additional action is required. offers several options for identity verification. For most users, the fastest option takes only a few minutes to complete. To finish the identity verification, you will need three items:

  1. A mobile phone that belongs to you and has a camera, or a computer with a webcam
  2. A government-issued photo ID (U.S. driver's license, state ID, U.S. passport, or U.S. passport card)
  3. Your Social Security Number

To complete identity verification, you will take a photo of your ID and then take a photo of yourself. will validate your ID and compare it to the photo. Next, you will enter your Social Security Number. will verify that it matches your validated ID. A success message is displayed once everything is complete.

Letter Q.

Sharing Query Responses

The NPDB has strict confidentiality provisions in place to ensure report content is protected. These allow entities to share information they receive from the NPDB only with those involved in the investigation or peer review process for which the query result was provided.

One Query Per Decisionmaking Body

Centralized health systems operate with one unified medical staff and decision-making body. If a health system has one credentialing office, but separate decision-making bodies, it is not a centralized health system.

When there is one decisionmaking body, a single query can be run for a practitioner for the entire health system. To be considered a centralized health system, your organization must have all of the following:

  • Centralized credentialing
  • A centralized peer review process
  • One decision-making body
  • One unified medical staff

When a health system operates with independent medical staff and decision-making bodies, each medical staff is a distinct entity and must query separately on a single practitioner. Each facility is prohibited from sharing query responses or any related reports with anyone not involved in the process for which the query response was requested.

Shared Query Responses with the Query Subject

An organization may share the results of a query response with the subject after redacting all of the organization's information from the response.

Other Sharing Examples

A health plan delegates its credentialing to a hospital. The hospital may not provide a query response to the health plan because the health plan is neither responsible for the credentialing nor part of the hospital's decision-making process.

Looking for more examples? Check out these NPDB Guidebook Q&As:

Continuous Query Benefits.


How Does Continuous Query Help Patient Safety?

The NPDB developed Continuous Query to help promote patient safety. Continuous Query supports organizations' ability to meet accreditation standards that require querying practitioners.

Continuous Query provides your organization with an initial query response AND alerts your organization to new reports regarding your enrolled practitioners for an entire year. The NPDB typically notifies you of a new report within minutes of receiving it. Users receive report notifications an average of 10 months sooner using Continuous Query!

A one-year Continuous Query enrollment is $2.50 per practitioner, the same cost as a single One-Time Query. If your organization is not using Continuous Query, consider activating it today.

Dcotors Speaking.

Designating Successors

There are many reasons why an entity may want to deactivate a DBID; for example, the entity may have merged with another organization.

If your entity is sold to another organization, you may need to update your registration profile. This may include designating a successor, registering a new DBID, or updating other information in your profile.

To deactivate your DBID and designate a successor, you must send a letter to the NPDB via email or mail on your company letterhead with the following information:

  1. Specify the DBID that needs to be deactivated and state the reason
  2. Provide the successor account's name and DBID
  3. Include the signature and contact information for your certifying official

Note: The successor entity must already be registered with the NPDB before beginning the deactivation and succession process.

Contact the Customer Service Center for questions about deactivating a DBID and designating a successor.

Have a Question or Suggestion for NPDB Insights?   

The latest updates and resources are available at

Previous editions of NPDB Insights are available in our archive.