ksKearny StreetManagement
Back to Insights
Strategy7 min read

When your IPA isn't ready for the risk it's taking on.

IPAs that accept financial risk before their infrastructure can support it are the most common failure mode we see. Here's what infrastructure readiness actually looks like — and how to assess it before signing the capitation agreement.

Kearny Street Management

IPAs that take on capitated risk contracts or global risk arrangements face a structural paradox: the organizations that most need risk to survive economically are often the least operationally prepared to manage it. The financial pressure to sign the capitation agreement is real. The infrastructure to support it is often not.

We have worked with IPAs that signed capitation agreements before they had a functioning credentialing committee, before they had standard contract templates, before they had a system of record for their own provider data. Those engagements are recoverable — but recovering them costs more and takes longer than starting right would have. We have also worked with health plans that inherited the downstream consequences: adequacy gaps they didn't discover until the IPA's network was already in their filing, or compliance exposures that surfaced during audit preparation.

The question of IPA readiness is not abstract. It has specific answers that can be assessed before a capitation agreement is signed.

The infrastructure checklist

Readiness for financial risk requires operational infrastructure that exists independently of the health plan's systems. Here is what needs to be in place:

  • Credentialing committee and NCQA-compliant workflows. Is there a functioning credentialing committee with a physician chair, meeting minutes, and documented decision criteria? If providers are joining the IPA through informal vetting — the medical director knows them, they come recommended by another provider in the group — that is not credentialing. It is a compliance exposure that will surface during the health plan's oversight audit.
  • Standard contract templates. Does the IPA have templates for provider participation agreements that have been reviewed for compliance with the health plan's requirements? Without templates, every provider who joins the IPA is a negotiation. Negotiations take time the IPA doesn't have when it's also trying to build a network and stand up a risk arrangement simultaneously.
  • A system of record for provider data. NPI, specialty, practice address, panel status, contract effective dates — this data needs to live somewhere reliable, with a defined owner, that the IPA can report from when the health plan asks for it. If provider data lives in spreadsheets, it will be wrong at the worst possible time: when the health plan is running its adequacy analysis, or when a member calls with an access problem.
  • An operating cadence with named owners. Is there a weekly operating rhythm? Someone whose job is network management — reviewing adequacy, tracking the credentialing queue, escalating access issues? Without a cadence, problems surface late. In a risk arrangement, late-surfacing problems are financial problems.
  • Utilization management workflows. For global risk arrangements, UM workflows need to be in place before the first member is attributed. This is consistently the last thing IPAs build and one of the first things that matters. Authorization protocols, specialist referral pathways, high-cost procedure management — these are not back-office functions in a risk arrangement. They are the primary tool for managing the financial exposure the IPA has just accepted.

The signs that an IPA is not ready

Some of these are visible before the conversation gets to contract terms. Others surface in diligence. We have learned to look for them early:

  • Provider roster lives in a Google Sheet or Excel file and hasn't been validated against CAQH or a credentialing system in 18 months or more.
  • No credentialing committee — providers are “vetted” informally through professional relationships or reputation within the medical community.
  • The health plan contract was executed before the IPA's own provider participation agreements were drafted or templated.
  • There is no one in the IPA whose specific job is network management. The task belongs to whoever isn't too busy.
  • The IPA is relying on the health plan to flag adequacy problems — rather than monitoring its own network against applicable standards proactively.
  • Leadership can describe the capitation rate in detail but cannot describe the UM authorization thresholds or referral protocols the arrangement requires.

What to fix first

If an IPA is not yet ready for risk but is under pressure to sign, the remediation has a sequence. Not everything can be fixed at once, and prioritizing the wrong things first compounds the problem.

  • Priority 1: Credentialing committee and workflows. This is the compliance foundation. Everything else depends on knowing who is actually in the network and that their credentials have been verified. Without this, the IPA cannot make a valid adequacy representation to the health plan or to regulators.
  • Priority 2: Provider data cleanup. Validate every NPI against NPPES. Confirm every CAQH record is current. Verify panel status for each provider. This is unglamorous work, but it is the prerequisite for everything else — contracting, adequacy analysis, directory accuracy, UM attribution.
  • Priority 3: Standard contract template. Get one provider participation agreement template drafted, reviewed by counsel, and approved by the IPA leadership. It doesn't need to be perfect. It needs to exist and to be compliant with the health plan's downstream requirements.
  • Priority 4: Operating cadence. Establish a weekly leadership review with named owners, standing agenda items, and decision accountability. The cadence creates visibility into problems before they become crises.
  • Priority 5: Utilization management. UM workflows must be in place before the risk arrangement goes live. Build the authorization protocols and referral pathways in parallel with the credentialing and data work, not after.
Signing a capitation agreement without infrastructure doesn't transfer risk. It amplifies it.

Risk arrangements work when the infrastructure can support them. The diagnostic exists to answer the readiness question before the IPA is committed — not after the first quarter's financial results make the gap visible. Do the inventory first. Fix what's fixable before you sign. Know what you're accepting when you do.


Ready to start?

Two weeks. A build plan worth running.

Fixed fee, no commitment past the diagnostic. You walk out with a plan — whether you run it with us or not.

Schedule the diagnostic