kolm
get started
health-insurance · templates · provider-credentialing

Provider credentialing assistant

A kolm template that reads provider credentialing packets (board certs, DEA, malpractice cover, sanctions checks, NPDB reports) and produces a structured summary with a flag list of missing or expired items. Cuts initial-review time from ~90 minutes to under five; primary-source verification remains the credentialing team's responsibility.

template id
provider-credentialing
k-score gate
≥ 0.95
seed examples
10 anonymized
held-out eval
140 cases

Input & output spec

One packet per request. The assistant returns a status verdict (complete / incomplete / expired-items), a structured flag list with severity, and a 1-paragraph executive summary suitable for the credentialing committee minutes.

input

{
  "packet_id":    "CRED_2026_0091",
  "provider_npi": "1234567893",
  "docs": [
    { "type": "board_cert",    "file": "s3://.../abim.pdf" },
    { "type": "dea",           "file": "s3://.../dea.pdf"    },
    { "type": "malpractice",   "file": "s3://.../coi.pdf"    },
    { "type": "npdb_report",   "file": "s3://.../npdb.pdf"   },
    { "type": "oig_check",     "file": "s3://.../oig.pdf"    }
  ],
  "plan": "PPO-Gold-2026"
}

output

{
  "status":   "incomplete",    // "complete" / "incomplete" / "expired-items"
  "flags": [
    { "item": "DEA",        "reason": "expired 2026-03-31", "severity": "high"   },
    { "item": "Malpractice","reason": "coverage below $1M/$3M", "severity": "medium" }
  ],
  "summary": "Provider eligible pending DEA renewal and malpractice coverage uplift. Board certification and NPDB report current; no OIG exclusions found.",
  "requires_committee_review": true
}

4-ring receipt schema

Every credentialing summary ships a receipt your delegated-credentialing audit team can re-verify offline. The chain proves the packet contents, the policy ruleset, the verdict + flags, and the seal.

ring 01 · pre-image
packet_id + provider_npi + doc_hashes
tenant-rotated HMAC
ring 02 · derived
policy_ruleset_hash + ncqa_rules_version
rules-version bound
ring 03 · execution
status + flags[] + summary_hash
judge_id signed
ring 04 · seal
SHA-256(ring1..3) · verify endpoint
offline-verifiable

Verify command: kolm verify --hash <receipt_hash>. Runs locally against the seal, no network required.

BAA fast-track

Health plans on a BAA see kolm production-ready in two business days. The customer-hosted bridge runs in the tenant network boundary; PHI is processed there and never crosses our infrastructure; the audit log is yours to keep.

how it works

# 1. Sign the BAA (legal-team turnaround)
[ DocuSign · 48 hours typical · mutual NDA in same envelope ]

# 2. Provision the bridge in your VPC
$ kolm bridge install \
    --provider aws \
    --region us-east-1 \
    --baa <baa-id>

# 3. Compile this template against your seed packets
$ kolm compile --spec provider-credentialing.spec.json \
    --examples ./your-anonymized-packets.jsonl \
    --gate 0.95 \
    --out credentialing.kolm

what we sign

- HIPAA Business Associate Agreement
- HIPAA Security Rule §164.308 (admin safeguards)
- HIPAA Security Rule §164.310 (physical safeguards)
- HIPAA Security Rule §164.312 (technical safeguards)
- Breach Notification §164.404
- Subcontractor flow-down (none — kolm holds no PHI)
- Audit-log retention (6 years, your S3 bucket)

Get the template

Two ways to take this live. Self-serve with the sample artifact, or kick off a BAA conversation if you need PHI day one.

Start with this template Talk to a human about BAA Download spec JSON

The spec is a portable JSON file. Drop it into kolm compile --spec with your anonymized seed examples to build a private .kolm tagged LicenseRef-kolm-default-1.0 by default; pass --license to tag it differently.

Five more templates for health plans

01 · template
claims-adjudication
02 · template
prior-auth-review
03 · template
fraud-detector
04 · template
member-support-triage
05 · template
risk-adjustment-coder
index
all health-insurance