Understanding the HHS Office of Inspector General (OIG) Exclusion Program is essential to your path towards optimal compliance and better employee monitoring for healthcare professionals. Since federal tax dollars are used to reimburse healthcare providers for services, the Department of Health and Human Services (HHS), the Center for Medicare and Medicaid Services (CMS), as well as the Department of Justice (DOJ), have oversight on how those dollars are spent.
What is an OIG Exclusion and Why Should You Care?
An OIG exclusion is an administrative action taken against an individual or entity (such as a provider or vendor) by the Dept. of Health and Human Services (HHS), Office of Inspector General (OIG). The HHS OIG is in charge of enforcing exclusions against individuals or entities.
The OIG mandates that healthcare organizations do not hire or do business with “excluded or sanctioned” individuals or entities. If an individual or entity is excluded, he/she/it is prohibited from participating in reimbursements for or from federally funded healthcare programs (CMS.gov – Centers for Medicare & Medicaid Services).
Once an individual or entity is excluded, he/she/it is considered excluded in all states, not just the one excluded in. In other words, under the Affordable Care Act, an individual or entity excluded in one state is not permitted to participate in federal healthcare funds in all other states. A person or entity can be excluded by a federal agency (OIG) or by a state Medicaid agency.
Penalties and Fines Associated with Excluded Individuals or Entities
Civil fines and monetary penalties can be assessed by HHS OIG. Fines and penalties include the following:
- $20,000 per each item claimed or services provided.
- Treble damages (3 times the amounts claimed to CMS for reimbursement).
- Possible program exclusion of the company.
- Possible loss of the right to bill CMS for services rendered.
- Possible additional fines for filing false claims under the False Claims Act (Penalties up to $11,000 per claim, and possible placement in a Corporate Integrity Agreement with the OIG).
- Possible criminal fines and/or jail time.
Where did Healthcare Exclusions Come From?
Since the early 1970’s, the Department of Health and Human Services (HHS), Office of the Inspector General (OIG) has the authority and responsibility “to protect the integrity of Department of Health & Human Services (HHS) programs as well as the health and welfare of program beneficiaries”. The OIG is acting in the people’s best interest to regulate and enforce violations of healthcare fraud, waste, and abuse.
The HHS Office of Inspector General (OIG) was created in 1976 and oversees more than 300 other HHS programs. The most common and well known are Medicare, Medicaid, TriCare, and CHIPs. Others include the Centers for Disease Control and Prevention, National Institutes of Health, and the Food and Drug Administration. HHS OIG is the largest Inspector General’s office in the federal government, with approximately 1,600 employees.
What Does the HHS OIG Govern?
There are 11 departments in the HHS OIG organization: They revolve around auditing, investigating, enforcement, evaluating, and policy-making. For the purpose of this blog, we’ll be addressing the enforcement function of the OIG.
There are three departments that focus on the enforcement of healthcare fraud, waste, and abuse.
- Office of Investigations (OI) conducts criminal, civil and administrative investigations of fraud and misconduct related to HHS programs, operations, and beneficiaries.
- Office of Audit Services (OAS) conducts independent audits of HHS programs, grantees, and contractors to examine the performance of HHS programs and responsibilities, as well as provide assessments.
- Office of Evaluation and Inspections (OEI) conducts national evaluations of HHS programs and issue recommendations focused on preventing fraud, waste, and abuse.
What is the HHS OIG Exclusion List?
A person or entity becomes excluded or sanctioned and placed on an exclusion list maintained by the OIG called the List of Excluded Individuals or Entities (LEIE). According to OIG, there are two types of exclusions – mandatory and permissive.
- Felony conviction for substance abuse or alcohol
- Felony conviction for patient abuse
- Felony conviction for fraud and abuse
- Felony conviction for sexual assault
- License revocation due to any of the above
- Misdemeanor convictions for substance abuse or alcohol
- Misdemeanor convictions for patient abuse
- Misdemeanor convictions fraud and abuse
- Misdemeanor convictions sexual assault
- License revocation due to any of the above
- Default on a federal student loan
Federal reimbursement, whether direct or indirect, for goods provided or services rendered by an excluded individual or entity, is prohibited. This includes reimbursement for salaries, benefits or items claimed/billed by licensed healthcare providers or administrative personnel. Also, a healthcare organization cannot purchase goods or services from an entity or vendor that is excluded.
A mandatory exclusion is for a minimum of 5 years and has been imposed for up to 50 years, in certain cases (it can be indefinite if the facts warrant). Once the exclusion period ends, the individual or entity MUST apply for reinstatement at the federal and state level. It is not automatic.
A permissive exclusion can be up to 5 years (typically 1-3 years). At the conclusion of the exclusion period, the individual or entity MUST apply for reinstatement at the federal and state level. It is not automatic.
HHS OIG List of Excluded Individuals and Entities (LEIE)
Understanding the differences between the exclusion datasets in the healthcare compliance industry can be overwhelming at times. Currently, there are two main federal exclusion lists and 43 available state exclusion lists. Federal lists consist of the HHS OIG LEIE and the SAM.gov database. State Medicaid exclusion or terminated provider lists vary dramatically by name and type of delivery.
The most familiar safeguard for our industry is the HHS OIG’s List of Excluded Individuals and Entities (LEIE). The LEIE, along with the other federal datasets, exists to inform the healthcare industry of currently excluded individuals, likely due to an offense related to fraud or abuse. A person or entity becomes excluded, or sanctioned, and is placed on the LEIE, maintained by the OIG.
Manually screening every Medicaid exclusion or terminated provider list can be quite complicated because not every list shares the same data with the OIG on a timely basis, let alone with each other. Also, each Medicaid exclusion or terminated list of providers does not update on the same schedule or have a standard format across the country. For instance, some forms of delivery include an online searchable database, a downloadable .pdf file, or email delivery by request. All of these exclusion lists need to be individually cross-checked and monitored on a monthly basis in order to remain compliant.
General Services Administration (GSA – EPLS)
In addition to being excluded on the OIG LEIE, an individual or entity can also be debarred or sanctioned at the GSA -Excluded Parties List System. The GSA or General Services Administration is the federal entity that excludes companies and individuals from receiving federal contracts. The GSA administers all procurement databases through the System for Award Management (SAM.gov).
System for Award Management (SAM)
SAM.gov now houses the old Excluded Parties List System (EPLS) which contains debarment actions taken by various federal agencies, including exclusion actions taken by the OIG. Not all OIG records are contained at SAM.gov, and the OIG recommends searching the OIG-LEIE database as the primary source for OIG-LEIE records.
The System for Award Management‘s purpose is to prevent companies from doing business with an individual or entity that has been debarred, sanctioned, or excluded by a federal agency.
State Medicaid Exclusions and Terminated Providers Lists
Most states maintain a Medicaid exclusion list and are required to report exclusions or terminated Medicaid providers to HHS OIG within 30 days in accordance with Performance Standard 8.
However, the actual average time for a state exclusion to make it to the OIG LEIE is 173 days. Employers need to reference each state list in addition to the OIG LEIE and SAM.gov. Today, there are 43 states that have a state Medicaid exclusion list.
Each year, more state Medicaid exclusion lists are added and made publicly available. Efficiency and accuracy from Medicaid Fraud Control Units reporting excluded individuals or entities to the OIG have been a serious issue, and many times can leave HR professionals and compliance programs open to risky situations if they are solely checking federal databases.
How Often are Exclusion Lists Updated?
Federal Exclusion Databases
The OIG LEIE list is updated once a month, typically between the 10th and 15th. Each week, the SAM.gov database is updated from multiple sources. There is no designated time in which exclusion data is uploaded into SAM.gov. ProviderTrust updates its database from SAM.gov at least twice a month.
State Medicaid Exclusion or Terminated Provider Lists
Each state updates at different intervals. Some update once a month, others once a quarter, and others update periodically with no formal schedule. ProviderTrust monitors for state updates each month.
OIG Exclusion Monitoring
Visit our OIG exclusion monitoring page to learn about keeping your organization and patients safe from excluded providers. To see a full breakdown of exclusions / sanctioned / or terminated provider data in each state, visit our interactive healthcare exclusions map below.
How Often Should an Employer Monitor for Exclusions?
Monthly Monitoring is Best Practice
HHS OIG Inspector General Daniel Levinson once said: “We [OIG] update our list monthly and we recommend that employers search it monthly.”
The Affordable Care Act expanded the types of actions that can result in an exclusion and the U.S. Congress tasked the Centers for Medicare and Medicaid Services (CMS) to issue guidance to employers.
The CMS Guidance, issued io February 2011, “recommended with guidance” that employers search the OIG and GSA monthly. CMS issued letters to each State Medicaid Director in 2009 reminding them to advise employers to check monthly.
Many states have issued state Medicaid bulletins that require monthly monitoring of the OIG LEIE, SAM.gov, and their own state Medicaid lists.
Exclusion Monitoring for Healthcare HR + Compliance
The message is clear these days – healthcare organizations who bill federally or state-funded programs must monitor their providers, employees, vendors (and owners/managers) for exclusions each month.
The OIG is serious about enforcing fines and penalties and eliminating fraud, waste, and abuse from federal healthcare programs. If you are only conducting federal OIG LEIE screening, you should enhance your compliance program to include SAM.gov and the available state Medicaid exclusion lists.
Effective compliance programs require a monitoring and auditing function. Ensuring that exclusion monitoring is an integral part of your monthly monitoring helps mitigate your risk and keep you audit-ready. ProviderTrust helps give you the freedom from tedious processes to focus on people with smarter automated exclusions monitoring solutions.
If you have any questions regarding whether your compliance program is executing best practices in this area, our team is always available to discuss and advise!
Check out our latest resources!
Written by Michael Rosen, Esq.
Michael brings over 20 years of experience founding and leading risk mitigation businesses, receiving numerous accolades such as Inc. Magazine’s Inc. 500 Award and Nashville Chamber of Commerce Small Business of the Year.