Certification of Organizational Management 1.0

C-CPE 2-1: Consumer Rights and Responsibilities

Submited by: Tom Goddard

The Basics

This standard requires your organization to:

  • define consumer rights and responsibilities,
  • notify consumers of those rights and responsibilities, and 
  • use those rights and responsibilities to help shape the organization’s policies and procedures.
At a minimum, those consumer rights and responsibilities include:
  • Confidentiality;
  • Disclosure of information;
  • How to submit complaints and appeals;
  • How to access services; and
  • The right to have consumer preferences considered by the organization.
Note that some of the listed rights may not be applicable to organizations operating within a workers compensation system. The onus is on you, though, to cite the laws and regulations that nullify the right granted by this standard.

Management Tips

These requirements may be met by program specific or enterprise-wide policies. 
The scope of the element on "access to services" is defined by the organization's documented description of the services it provides to consumers. Such documentation may include benefit descriptions, formularies, descriptions of provider coverage for a certain area, and other such documents.

Accreditation Tips

Desktop Review
The minimum documents required for this standard include:
A written description, policy, or workflow of the process for advising consumers of their rights and responsibilities; andA copy of the statement of rights and responsibilities that the organization provides to consumers, either through communications or website. Validation Review
The URAC reviewer will discuss the organization's process for notifying consumers of their rights and responsibilities with senior management and those members of the staff who are responsible for that notification.

  • Core 4.0 Pre-release / 12.31.2018

    C-RM 3-1: Information Systems Risk Assessment and Reduction

    URAC assumes that your organization has a comprehensive risk management program, and in this standard, requires that your information systems are a component of that system. Specifically, the IT component must address explicitly data storage, gathering, and transfer.Your organization must conduct risk assessment in these three areas, and that assessment must periodically include "an entity with th...

  • Core 4.0 Pre-release / 12.26.2018

    C-RM 2-3: Business Continuity Plan Testing

    Your organization must test its business continuity plan ("BCP") no less frequently than every two years. Notably, the BCP test can be a tabletop exercise, which URAC defines as:test of a Business Continuity Plan (BCP) that includes documentation of the following aspects of the test:A tabletop exercise simulates an incident in an informal, stress-free environment.The participants who are usually t...

  • Core 4.0 Pre-release / 12.26.2018

    C-RM 2-2: Pharmacy Emergency Management Plan

    Applicable only to organizations seeking accreditation in one of URAC's pharmacy modules, this standard requires that your business continuity plan describe an emergency management system that addresses how the organization will distribute medications in the event of an emergency. The description must address the organization's facilities, its services, and its products in some detail. As was the...