HCCA Compliance Institute 2021: Session with the OIG and Donna Thiel, Chief Compliance Officer at ProviderTrust


On Thursday, April 22, Donna Thiel, Chief Compliance Officer at ProviderTrust, and two OIG officials, Nicole Caucci, Deputy Branch Chief, and Joanna Francis, Reviewing Official, led a session on Understanding Exclusions at the virtual 2021 HCCA Annual Compliance Institute. To an attentive virtual audience, the experts provided insight on Understanding the OIG Exclusions Program, Exclusions by the Numbers, What and How to Screen, Reinstatement, a Case Study, and the Human Side of Exclusions. Read on for a recap of this informative session.

Understanding the OIG Exclusions Program

The first step of understanding the Office of Inspector General (OIG) Exclusions Program involves taking a closer look at the OIG, the authority of the OIG, and the List of Excluded Individuals and Entities (LEIE) that it maintains. First and foremost, the OIG protects the integrity of the HHS program dollars and beneficiaries and is now the leading healthcare law enforcer. The OIG has 1,600 employees focused on fraud, waste and abuse, and nearly 80% of the OIG’s budget is focused on Medicare and/or Medicaid. 

The OIG has the authority to exclude individuals and entities from participation in any Federal healthcare program under the Social Security Act Section 1128, with the sole purpose of protecting Federal healthcare programs and its beneficiaries from untrustworthy providers. In order to ensure patient protection, the OIG maintains the LEIE and applies exclusions to direct providers (e.g., doctors and hospitals), as well as indirect providers (e.g., drug and device manufacturers). It’s important to note that the OIG LEIE is distinct from State Medicaid program exclusions, and not all State Medicaid program exclusions end up as OIG exclusions. The two types of OIG exclusions are:

  1. Mandatory Exclusions: Individuals and entities convicted of certain types of criminal offenses as mandated by law with a minimum statutory exclusion period of five years, which can be longer based on aggravating factors. 
  2. Permissive Exclusions: The OIG has the discretion to exclude individuals based on certain convictions, license revocations, misdemeanors, fraud, etc. as laid out by law. For exclusions based on convictions, the baseline exclusion period is three years, but it may be shorter or longer based on aggravating/mitigating factors. 


No payment may be made for any items or services furnished, ordered, or prescribed by an excluded individual,  not just direct patient care. Individuals and entities that violate exclusions may:

  • Be subject to liability under the Civil Monetary Penalties Law (CMPL) and be denied reinstatement.
  • Face criminal liability and civil False Claims Act liability.

Exclusions by the Numbers

The OIG Exclusion Branch is constantly working diligently to protect patients. In 2020 alone, a total of 2,378 individuals and entities were excluded by the OIG. A total of $3.19 million was levied in penalties by the OIG, which amounts to an average of $96,550 per excluded individual. And a total of 546 individuals and entities were reinstated by the OIG over the same time period. The majority of OIG exclusion actions in 2020 involved physicians (M.D.s and D.O.s) and other licensed individuals (e.g., nurses, CNAs, dentists, pharmacists) and were based on: 

  • Crimes related to Medicare and Medicaid 
  • Crimes related to other healthcare programs
  • Patient abuse or neglect
  • Licensing issues

Check out our interactive exclusion map to see updated exclusion numbers by state. 

What and How to Screen

Currently, there is a myriad of lists that needs to be monitored for exclusions, including the OIG LEIE,, and State Medicaid lists, as well as the Medicare opt-out list, the Preclusion list, the Office of Foreign Assets Control (OFAC) list, and the Social Security Administration Death Master File (SSA DMF).

Although monitoring the lists seems fairly straightforward, it’s actually pretty complex. For example, many state lists are not published on a routine/scheduled basis; have extremely limited data; offer varied list types (e.g., website, excel spreadsheet, PDF); and don’t have unique identifiers (SSN, NPI, TIN), which makes it difficult to confirm the identities of excluded parties. Additionally, the average time for a state exclusion to appear on the OIG LEIE is 173 days, and 50% of all state exclusions do not result in an OIG exclusion. 

Some tips for LEIE screening include: 

  • Search by any former names used by the individual as well as the individual’s current name.
  • Enter only the first few letters of the first and last names.
  • Search under each of the last names of individuals with hyphenated last names.
  • Maintain documentation of the initial name search, as well as any subsequent searches to verify results of potential name matches.
  • Use the Online Searchable Database to search up to five names at once.
  • Always take the final step of identity verification using the SSN (individual) or EIN (entity).

For more information on healthcare exclusion authorities, you can download our Guide to Healthcare Exclusion Authorities.

The primary list to be monitored is the OIG LEIE, which includes information about all currently excluded individuals and entities with their name and address, provider type, exclusion authority, NPI number (if known), DOB, and SSN/EIN verification. The entity that submits the healthcare claim is ultimately responsible for exclusion screening and they should: 

  • Review each job category or contractual relationship – is the item or service directly or indirectly paid for by a Federal healthcare program? 
  • Screen all employees and contractors.
  • Offer point-of-service screening for ordering/prescribing physicians.
  • Complete pre-hire screening as well as ongoing screening on a monthly basis.

If an excluded individual is identified, the entity may have potential CMPL liability so they must submit a disclosure via the OIG’s Self-Disclosure Protocol, which has specific disclosure guidelines. The amount of a self-disclosure settlement is typically the single damages multiplied by 1.5, with a minimum settlement of $10,000. Single damages may be based on reimbursement for items/services furnished by the excluded individual or if the items/services were not separately billed, the Federal payer mix percentage of the person’s salary and benefits.  


It’s vital to know that the reinstatement of an excluded individual or entity is not automatic once the specified exclusion period ends. The individual or entity must apply for reinstatement (which can be done 90 days before the end of the period specified in the exclusion notice letter), and then receive written notice from the OIG that reinstatement has been granted. Additionally, the OIG has the authority to waive an individual’s or entity’s exclusion from participation in Federal healthcare programs however, the waiver isn’t available if the exclusion was because of patient neglect or abuse.

A Case Study

The following is a real example that illustrates the need for smarter, predictive monitoring to help protect your organization and your patients. 

  • In June 2016, the individual faced an allegation of theft of money from a patient.
  • 12 months later in June 2017 after an investigation, the Licensing Board issued an Administrative Action against the individual.
  • One month later, the Board revoked the individual’s license because they didn’t provide a defense. 
  • Then, six months later in January 2018, the OIG excluded the individual for License Revocation and listed them on based on the OIG exclusion. 
  • However, in May 2018, the individual changed their name, moved, and was issued a new license. 
If this individual started working at your company with a new name, in a new state, and with a new license, would you catch it? 

Learn why low-quality OIG exclusion monitoring may be costing you more than you think.

The Human Side of Exclusions

Although exclusion monitoring may seem complex and be difficult at times, it’s essential that it’s done well. If excluded individuals end up providing care to patients, the impact becomes more than just fines and penalties. The truth is that bad actors continue to infiltrate and negatively impact patient care. And the patients who suffer the most are those who are the most vulnerable and the least protected in our healthcare system. A trustworthy and accurate monthly exclusion monitoring system is absolutely vital to protect your organization and patients.

Smarter Exclusion Monitoring Makes a Safer Healthcare System

Not only is ProviderTrust a thought leader when it comes to compliance monitoring, but our smarter monitoring, built on data enrichment, seamless integrations, and unmatched monitoring science, ensures that we find every single exclusion for our clients.  We are so confident in our approach that we even guarantee our results with an Errors & Omissions Policy.

Want to learn more about how ProviderTrust can simplify your exclusion monitoring process while keeping your organization and patients protected?

Stay Up-to-Date

Subscribe and get the latest news and advice from industry experts delivered straight to your inbox.

Related Resources

Never miss an update

Get the latest healthcare news, advice from industry experts, and all things related to monitoring solutions delivered straight to your inbox.