Provider Network Governance: Why Accreditation Fails at the Boundary

This is the second article in a series examining boundary governance in private healthcare. The first article established that the structural governance gap exposed by the Paterson Inquiry — governing nodes while leaving the crossings between them unaudited — extends across every organisational boundary in private healthcare. This article examines the insurer's provider network in detail: how the market's most sophisticated routing mechanisms govern financial flows at every crossing while leaving clinical flows ungoverned at all of them.

When an insurer sells a private medical insurance policy, the product is not simply financial protection against healthcare costs. The product is a network. An approved specialist list, a hospital directory, a set of referral pathways, a pre-authorisation process that routes the patient through the insurer's curated constellation of providers. The patient buys access to the network. The employer buys access to the network. The broker sells access to the network.

But a network implies connection. It implies that the organisations within it are linked — that information flows between them, that responsibility transfers cleanly from one to the next, that the patient moves through a governed pathway rather than a sequence of disconnected encounters. A clinical network has shared records, multidisciplinary teams, agreed protocols, defined handover standards. A payer network has billing codes, fee schedules, and accreditation. We have built commercial highways between these providers. We have forgotten the clinical roads.

The reality is that an insurer's Approved Specialist List is a list of stars, not a grid. It is a constellation — points of light with no lines between them. The insurer curates the list of providers. Nobody curates the crossings between them.

The CMA Private Healthcare Market Investigation (2014) examined how competition operates in private healthcare — between hospital groups, between consultants, between insurers. The resulting Order addressed pricing transparency and information provision. What it did not address was the clinical governance of the networks that insurers construct from these competitive providers. The CMA shaped the market structure. The governance of the crossings within that structure remains unregulated.

The routing models: four approaches, one structural gap

The major UK insurers have each developed distinct models for routing patients from GP referral to specialist consultation. Each model represents genuine investment in improving access, reducing fee shortfalls, and matching patients to appropriate consultants. Each model also creates boundary crossings that are commercially governed and clinically ungoverned.

Bupa's Open Referral Network is the largest in the UK market, with over 18,000 consultants. The GP writes an open referral — naming the specialty, not the consultant. The patient calls Bupa. Bupa offers a choice of two or three consultants, filtered by fee-assured status, clinical practice criteria, patient experience data, and location. The Platinum tier adds outcome-based ranking: consultants rated "good" or "excellent" by 97% of Bupa patients, with claims data showing 28% shorter hospital stays and 14% fewer procedures.

AXA Health's Fast Track Appointments service operates a similar open referral model, offering up to three specialists and aiming to confirm appointment details by the end of the next working day. Members using Fast Track are reportedly seen twice as quickly as those whose GPs refer to a named specialist. Speed of access is the primary value proposition.

Vitality's Consultant Select is the most algorithmically sophisticated. An "intelligent consultant ranking tool" assesses consultants across 500+ data points spanning treatment outcomes, clinical practice measures, and treatment efficiency. The highest-performing consultants are invited to become Premier Consultants. The Vitality Patient Charter gives members the right to switch to an alternate panel consultant if dissatisfied, with a commitment that the chosen consultant has been "quality assured through a consultant peer review process."

Aviva's Expert Select takes a broader approach, offering a choice of four to five hospitals and their specialists, with a guarantee that all eligible bills will be settled in full.

These are not trivial investments. Vitality's 500+ data point ranking system, Bupa's Platinum tier with outcome-based metrics, AXA's next-working-day appointment confirmation — each represents a genuine attempt to improve the quality and speed of specialist access. The market has invested heavily, and the results are measurable: reduced fee shortfalls, faster access, outcome-informed selection.

But every one of these models is doing the same thing: assessing and selecting individual consultants. Node assurance. The question none of them answers is what happens at the crossing between the selected consultant and the next provider in the pathway.

There is a further question. When an insurer routes a patient to a fee-assured consultant rather than a non-fee-assured consultant with stronger outcome data, the routing decision has been made on commercial criteria. Fee-assured status means the patient will not face a shortfall. It does not mean the patient will receive the best available care for their condition. Under the FCA Consumer Duty's "fair value" requirement, is it fair value to route a patient to a cheaper consultant if the insurer cannot demonstrate that the handover governance — the clinical crossing between that consultant and the next provider — is safe? The fee-assured trap is this: commercial routing creates clinical liability the moment the routing criterion is financial rather than clinical.

Anatomy of an insured pathway: seven crossings, seven gaps

The first article sketched five boundary crossings in a routine insured pathway. Here is the full governance reality of each one, mapped against the seven questions that arise at every organisational boundary.

Crossing 1: GP to insurer. The GP writes an open referral. The clinical information in that referral — the GP's reasoning, their clinical suspicion, what has been tried, why this specialty — enters the insurer's triage function. The referral crosses from a clinical governance domain (the GP practice, regulated by CQC, governed by the GMS contract) to a commercial governance domain (the insurer, regulated by the FCA). Clinical intent — the GP's reasoning about what the patient needs — is reduced to a specialty label. The insurer's triage function extracts what it needs for pre-authorisation. What reaches the specialist is whatever survives this crossing.

Crossing 2: Insurer to specialist. The insurer selects two or three consultants from its network using its routing algorithm and presents them to the patient. The patient chooses. This is a service routing decision with clinical consequences, made by a commercial entity using proprietary criteria. The GP has delegated specialist selection to the insurer. The insurer disclaims clinical responsibility for the routing decision. The specialist has not yet seen the patient. Between the referring GP and the receiving consultant, there is a responsibility gap — a period during which no clinician has accepted explicit responsibility for the clinical consequence of the routing decision.

Crossing 3: Specialist to diagnostic provider. The specialist orders an MRI at an approved diagnostic facility. The referral crosses from the specialist's clinical governance to the diagnostic provider's clinical governance. Both are CQC-regulated. Neither is required to have a structured data sharing agreement with the other. The clinical context accompanying the referral — why this scan, what the specialist suspects, what the findings should be compared against — depends on whatever the specialist includes in what is typically a free-text request form.

Crossing 4: Diagnostic provider to specialist. The MRI results return to the specialist. But to whom, exactly? Does the diagnostic facility send the report to the specialist, to the insurer, or to both? Does it include the images or only a written report? Does the report reach the specialist before the patient's follow-up appointment, or after? There is no equivalent of the NHS National Pathology Exchange or structured FHIR-based results messaging governing this crossing.

Crossing 5: Specialist to specialist. The first specialist refers the patient to a surgeon for a procedure. This is a provider-to-provider crossing within the insurer's network — two CQC-regulated organisations, each with independent clinical governance, connected only by the fact that both appear on the same insurer's approved list. The referral carries whatever clinical information the first specialist chooses to include. There is no mandated referral content standard. No structured handover. No bilateral confirmation that responsibility has transferred.

Crossing 6: Surgeon to insurer. The surgeon reports the outcome of the procedure to the insurer for claims purposes. The insurer receives clinical information sufficient to process the claim. Whether that information is sufficient for clinical governance — whether it includes complication data, whether it feeds back to the referring specialist, whether it reaches the quality metrics that inform the insurer's consultant ranking — depends on the insurer's data collection processes, not on any clinical governance requirement.

Crossing 7: Private provider to NHS GP. The patient is discharged. The surgeon sends a discharge summary to the patient's GP. This crossing — from the private sector to the NHS — is where the governance gap is most structurally visible, and it merits its own section.

The pattern across all seven crossings is consistent. The financial flow is governed at every boundary: pre-authorisation, claims submission, fee schedules, benefit limits. The clinical flow — identity confirmation, consent, provenance, clinical intent, responsibility transfer, outcome communication — is governed at none of them. See how to map these risks using the Seven Flows — a 7×5 maturity matrix that makes the governance gap at each crossing measurable and auditable.

The GP boundaries: broken in both directions

The crossing between NHS general practice and private healthcare is the most common boundary a privately insured patient encounters, and the most poorly governed in both directions.

GP to private: the entry crossing. When a GP writes a named referral in the NHS, the referral letter carries clinical reasoning. It explains what the GP suspects, what has been investigated, what has been tried, why this specialist. The letter is addressed to a specific clinician, creating a defined sender-receiver relationship. The NHS e-Referral Service provides a structured electronic pathway.

The open referral model strips most of this away. The GP specifies a specialty. The patient calls the insurer. The insurer routes the patient. The GP's clinical reasoning — the provenance that should accompany the referral — may or may not survive the crossing. The insurer's triage function is not designed to preserve clinical context; it is designed to check policy eligibility, confirm pre-authorisation criteria, and match the patient to network consultants.

Some insurers have introduced digital front doors — virtual GP services that can assess patients and refer directly into the insurer's specialist network. These services can be fast, convenient, and clinically competent. They also introduce a structural constraint: where a virtual GP service can refer only into private pathways and is unable to refer to the NHS, the patient entering through the digital front door is channelled into the insured pathway regardless of what might be clinically appropriate. If the patient's condition turns out to require NHS-only services, or their benefit limits are exhausted, the handback to NHS requires the patient to re-present to their NHS GP and effectively start the referral process from scratch. That is not a governed crossing. It is a pathway collapse.

Private to GP: the exit crossing. The NHS has invested in standardised discharge communication. The Professional Record Standards Body (PRSB) eDischarge Summary Standard defines eighteen sections — ten mandatory — for communicating clinical information from hospital to GP. From January 2026, the standard is owned by NHS England. The Transfer of Care FHIR specifications define how discharge information should be transmitted electronically. The MESH messaging service provides the transport layer.

Private hospitals have no equivalent obligation. They are CQC-regulated, which means they need discharge processes. But there is no mandated standard for what a private discharge summary must contain, no required electronic format, no FHIR-based transmission mechanism to the GP, no structured way for the GP to confirm receipt or signal that the information was insufficient. This is the infrastructure gap that governance-preserving interoperability is designed to close.

The evidence on NHS discharge communication quality is already concerning. Research published in BMC Health Services Research found that GPs assessed discharge summaries as frequently lacking content they considered important for safe continuity of care — diagnosis, medication changes with reasons, appropriate follow-up plans, and clear allocation of responsibility for outstanding actions. A BJGP Open study found that hospital staff described "assuming" what information a GP needed because they had never been told. A Health Services Safety Investigations Body (HSSIB) investigation reported a case where a patient died after a discharge summary was drafted before a procedure took place and never updated — the GP was unaware the procedure had happened.

If this is the state of NHS-to-NHS discharge communication — within a system that has mandated standards, shared infrastructure, and contractual obligations — the private-to-NHS crossing is structurally worse. No mandated standard. No shared infrastructure. No contractual requirement. The discharge summary arrives, if it arrives at all, as a PDF letter weeks after discharge.

And then there is the prescribing boundary. Multiple NHS GP practices have published explicit policies stating that they will not accept shared care agreements with private providers. They will not prescribe medications initiated by private consultants. They will not perform monitoring blood tests ordered by private specialists. They will not do drug monitoring for privately prescribed treatments. The Acorn Surgery policy is characteristically direct: "If your private provider tells you not to worry, your GP will do the monitoring and/or prescribe your medication, they are providing you with false assurance."

The patient leaving the private pathway may therefore hit a wall at the GP boundary: no discharge information received, prescriptions the GP will not continue, monitoring the GP will not perform, and no structured mechanism for the private provider or the patient to resolve any of it. The exit crossing is not governed. In many cases, it is actively refused.

Pre-authorisation as primitive choreography

Pre-authorisation deserves closer examination because it is the insurer's most visible governance mechanism — and because it illustrates exactly how commercial governance creates the illusion of clinical governance.

Structurally, pre-authorisation is a crossing choreography: a set of pre-conditions that must be satisfied before the boundary crossing proceeds. The neighbourhood health Process pillar identifies three categories of pre-condition at any organisational boundary: sender pre-conditions (what must be true on the sending side), receiver pre-conditions (what must be true on the receiving side), and bilateral pre-conditions (what must be confirmed by both sides).

Pre-authorisation partially addresses sender pre-conditions: the GP must provide a clinical indication, the treatment must fall within the policy's scope, the provider must be on the approved list. It does not address receiver pre-conditions at all: does the specialist have the clinical information needed for safe decision-making? Has the specialist confirmed acceptance of clinical responsibility? Does the specialist have capacity to see the patient within a clinically appropriate timeframe? And it does not address bilateral pre-conditions: shared understanding of urgency, agreed escalation pathway if the patient's condition changes during the wait, defined feedback loop so the referring GP knows the outcome.

Pre-authorisation is a one-sided, commercially defined checkpoint. It governs the payer's risk. It does not govern the patient's risk. And because it is the most visible and most systematically enforced governance mechanism in the insured pathway, it creates a dangerous assumption: that the crossing has been governed, when only the financial dimension of it has been checked.

The information black hole

What happens to clinical information as it moves through a provider network? This is the question that exposes the governance gap most starkly, because no insurer — however sophisticated its consultant ranking or however fast its appointment booking — can currently answer it for any given patient pathway.

The GP's referral letter: does it reach the specialist intact, or does the insurer's triage function extract what it needs for pre-authorisation and pass on a subset? The specialist's clinical notes: do they flow to the next specialist in the pathway, or does each provider start from scratch with whatever the patient can remember and whatever summary the previous provider chose to write? The surgical discharge summary: does it reach the GP in structured form via an electronic messaging service, or as a scanned PDF arriving by post three weeks later?

In the NHS, the Transfer of Care FHIR specifications at least define what a discharge summary should contain and how it should be transmitted. The PRSB standards define the content. MESH provides the transport. The infrastructure exists, even if implementation remains variable. In private healthcare, there is no equivalent specification. Each provider-to-provider crossing reinvents the information transfer. Clinical context — provenance — degrades at every boundary. By the time the patient has crossed four or five boundaries, the receiving provider may be making clinical decisions based on a fraction of the clinical information that was available at the start of the pathway.

The Consumer Duty question

The FCA Consumer Duty requires good outcomes across the product lifecycle. For health insurance, the product lifecycle is the patient pathway. If clinical information loss at provider-to-provider boundaries leads to duplicated investigations, delayed diagnosis, or missed clinical context, those are poor outcomes. If the insurer's network design creates crossings that are clinically ungoverned, and a patient is harmed at one of those crossings, the insurer's Consumer Duty obligations are engaged — because the insurer designed the network, directed the patient through it, and profited from the premium.

The FCA is consulting in H1 2026 on how the Consumer Duty applies across distribution chains. In health insurance, the distribution chain does not end at the point of sale. It extends through every organisational boundary the patient crosses in the network the insurer curated and the product the insurer sold. An insurer that cannot demonstrate, for any given patient pathway, that clinical information was preserved at every crossing, that responsibility was explicitly transferred at every handover, and that the outcome was communicated back to close the clinical loop, is an insurer that cannot demonstrate Consumer Duty compliance across its product lifecycle.

The insurer may not have clinical governance authority over its providers. The FCA holds it accountable for the outcomes the product delivers.

The audit question

Can your organisation answer the following questions for any patient pathway that crosses organisational boundaries within your network?

At the GP-to-specialist crossing: was the GP's clinical reasoning preserved, or was it reduced to a specialty label by the triage function? Who held clinical responsibility during the period between referral and first consultation?

At the specialist-to-diagnostic crossing: was the clinical context of the referral sufficient for the diagnostic provider to prioritise and interpret appropriately? Did the results return to the right clinician before the follow-up consultation?

At the specialist-to-specialist crossing: was there a structured handover of clinical responsibility? Did the receiving specialist confirm acceptance? Was the clinical history complete, or did the receiving specialist start from a partial record?

At the private-to-GP crossing: did a discharge summary reach the GP, and did it contain sufficient information for safe continuity of care? Can the GP continue the prescribed medication, or is the patient facing a prescribing gap?

If the answer to any of these is "we don't know" — and for most provider networks, it will be — then the network is a commercial product with governed financial boundaries and ungoverned clinical boundaries. The nodes are accredited. The edges are unaudited. The patient experiences the pathway. Nobody governs it.

The minimum requirement for moving from a constellation to a grid is what Inference Clinical defines as MVRT — Minimum Viable Responsibility Transfer. At every crossing, five conditions must be met: a declared sender, a declared receiver, a defined scope of what is being transferred, verified acceptance by the receiving party, and a recorded state that creates an auditable trail. An insurer that requires MVRT at every provider-to-provider crossing in its network — not just accreditation of the individual providers — transforms a constellation into a governed network. Without it, two "Good" consultants connected by a bad handover produce an unsafe patient pathway.

Julian Bradder

CEO, Inference Clinical

Julian leads Inference Clinical's work on governance infrastructure for clinical handover. His background spans NHS digital transformation, clinical safety, and healthcare data architecture. Connect on LinkedIn