Are you aware of the HHS Office of Inspector General’s authority and guidance for your exclusion monitoring process? Over time, HHS OIG has released advisory bulletins explaining the exclusion program and how it is applied to the healthcare community. To effectively combat fraud, waste, and abuse (FWA) in federal healthcare programs, the Office of Inspector General (OIG) gives an account of situations that would expose excluded parties and healthcare employers to civil monetary fines and penalties. 

Additionally, many healthcare providers are curious about the criteria in which HHS OIG chooses to enact its authority to impose exclusion for individuals, entities, vendors, owners and managers, and more. In this post, we’ll help provide some details for how HHS OIG determines imposing exclusions or sanctions for healthcare providers. 

HHS OIG Special Advisory Bulletin and Other Guidance

HHS Office of Inspector General gives a breakdown of its authority for healthcare exclusions in the latest OIG Special Advisory Bulletin from 2013. In the bulletin, you can find an explanation for the legal prohibition on payment by federal healthcare programs for items or services furnished by an excluded person or at the medical direction or on the prescription of an excluded person. 

For purposes of Office of Inspector General (OIG) exclusion, payment by a federal healthcare program includes amounts based on a cost report, fee schedule, prospective payment system, capitated rate, or other payment methodology. This most recent guidance comes as a follow up from the original special bulletin – The Effect of Exclusion From Participation in Federal Healthcare Programs in September 1999.

The publication of the 1999 Special Advisory Bulletin coincided with the beginning of a significant and ongoing OIG initiative to ensure compliance with and enforcement of exclusions. This bulletin provided guidance to excluded persons as to the scope and effect of their exclusions and the activities that might result in a violation of their exclusions.

The publication also provided guidance to providers that might arrange with, contract with, or employ an excluded person regarding what the scope of the prohibition on employment or contracting is, when the provider might be subject to CMPs for violating this prohibition, and how to determine whether a potential employee or contractor is excluded. 

HHS OIG Exclusion Authorities 

HHS OIG has the authority to exclude individuals and entities from federally funded healthcare programs pursuant to section 1128 of the Social Security Act (Act) (and from Medicare and state healthcare programs under section 1156 of the Act) and maintains a list of all currently excluded individuals and entities called the List of Excluded Individuals/Entities (LEIE). Anyone who hires an individual or entity on the LEIE may be subject to civil monetary penalties (CMP).

There are two main types of exclusions – mandatory and permissive as outlined by HHS OIG below. 

Mandatory Exclusions

OIG is required by law to exclude from participation in all federal healthcare programs individuals and entities convicted of the following types of criminal offenses: Medicare or Medicaid fraud, as well as any other offenses related to the delivery of items or services under Medicare, Medicaid, CHIP, or other State healthcare programs; patient abuse or neglect; felony convictions for other healthcare-related fraud, theft, or other financial misconduct; and felony convictions relating to unlawful manufacture, distribution, prescription, or dispensing of controlled substances.

Permissive Exclusions

OIG has the discretion to exclude individuals and entities on a number of grounds, including (but not limited to) misdemeanor convictions related to healthcare fraud other than Medicare or a State health program, fraud in a program (other than a healthcare program) funded by any federal, state or local government agency; misdemeanor convictions relating to the unlawful manufacture, distribution, prescription, or dispensing of controlled substances; suspension, revocation, or surrender of a license to provide healthcare for reasons bearing on professional competence, professional performance, or financial integrity; provision of unnecessary or substandard services; submission of false or fraudulent claims to a federal healthcare program; engaging in unlawful kickback arrangements; defaulting on health education loan or scholarship obligations; and controlling a sanctioned entity as an owner, officer, or managing employee.

A mandatory exclusion is for a minimum of five years for individuals and entities and has been imposed for up to 50 years, in certain cases (it can be indefinite if the facts warrant). 

A permissive exclusion can be up to five years (typically 1-3 years) for individuals and entities.


HHS OIG Criteria for Permissive Exclusion 

OIG’s exclusions process is governed by regulations that implement sections of the Social Security Act. When an individual or entity gets a Notice of Intent to Exclude (NOI), it does not necessarily mean that they will be excluded. OIG will carefully consider all material provided by the person who received the NOI as the decision is being made.

All exclusions implemented by OIG may be appealed to an HHS Administrative Law Judge (ALJ), and any adverse decision may be appealed to the HHS Departmental Appeals Board (DAB). Judicial review in federal court is also available after a final decision by the DAB.

Over the years, HHS OIG has published documents to help explain the criteria for which exclusion from federal healthcare programs is handed out to providers, contractors, suppliers, owners, and more. Take a look at some of the documents below to learn more. 

Updated Criteria for Implementing Permissive Exclusion Authority Under Section 1128(b)(7) of the Social Security Act

In 1997, HHS OIG published a Federal Register Notice non-binding guidelines, to be used by the OIG in assessing whether to impose permissive exclusions in accordance with section 1128 (b) (7) of the Social Security Act. Since then, they have released a revised OIG permissive exclusion policy statement to supersede the previous guidance. 

According to the OIG, “The question of whether to exercise exclusion authority under Section 1128(b)(7) often arises in the context of False Claims Act matters. Healthcare fraud that subjects a person to liability under the False Claims Act, 31 U.S.C. §§ 3729 – 3733, will generally also subject that person to liability under section 1128(b)(7)”. 

OIG evaluates healthcare fraud cases on a continuum: the resolution of OIG’s exclusion authorities is based on OIG’s assessment of future risk to the federal healthcare programs. 

HHS OIG Release High Risk – Heightened Scrutiny List

The OIG released a Fraud Risk Indicator to assess the future risk posed by persons who have allegedly engaged in civil healthcare fraud as it relates to the False Claims Act (FCA).

According to the OIG, these parties “pose a significant risk to federal healthcare programs and beneficiaries. This is because, although OIG determined that these parties needed additional oversight, they refused to enter into an OIG offered Corporate Integrity Agreement (CIA) sufficient to protect federal healthcare programs”. 

The purpose of the High-Risk Heightened Scrutiny List is to ensure that any provider or entity that is interested in doing business with a healthcare vendor, is aware of the risk they are entering into, based on prior actions and significant risk factors.

HHS OIG Fraud Risk Indicator

In the document, HHS OIG refers to Corporate Integrity Agreements as “integrity obligations” interchangeably. OIG often concludes that “exclusion is not necessary to protect the federal healthcare programs if the person agrees to appropriate integrity obligations (corporate integrity agreements). In these cases, OIG will require integrity obligations in exchange for a release of OIG’s 1128(b)(7) exclusion authority.

The goals of CIAs are to strengthen a person’s compliance program and promote compliance so that future issues can be prevented or identified, reported, and corrected. Integrity obligations also enhance OIG’s oversight of the person”. 

Lower Risk Factors for Federal Healthcare Programs

OIG typically determines that relatively low risk exists in two situations.

Situation 1

In the absence of egregious conduct such as patient harm or intentional fraud, relatively low financial harm weighs in favor of not requiring integrity obligations. In making this Page 2 of 7 determination, OIG considers the financial loss to the federal healthcare programs in proportion to the size of the entity, e.g., whether the person is an individual or small entity (one with 50 or fewer employees or independent contractors) or a larger entity. 

Situation 2

There may be less risk when the person with whom the Government is resolving a fraud case is a successor owner. In determining whether to require integrity obligations with a successor, OIG will consider whether the new owner: (1) purchased the entity after the fraudulent conduct occurred; (2) has an existing compliance program; (3) does not have a prior history of wrongdoing or fraud settlements with the United States; (4) took appropriate steps to address the predecessor’s misconduct and reduce the risk of future misconduct; and (5) can demonstrate other facts and circumstances as relevant to each unique situation. 

OIG Decisions on Healthcare Fraud Cases 

Depending on the facts and circumstances presented, OIG will usually pursue one of the following approaches with respect to a person when settling a civil or administrative healthcare fraud case: 

  1. Exclusion 
  2. Heightened scrutiny (e.g., implement unilateral monitoring)
  3. Integrity obligations (corporate integrity agreements)
  4. Take no further action 
  5. In the case of a good faith and cooperative self-disclosure, release 1128(b)(7) exclusion with no integrity obligations

OIG Factors for Assessing and Evaluating the Level of Risk

  • Nature and circumstances of conduct
  • Conduct during the Government’s investigation
  • Significant ameliorative efforts
  • History of compliance

Guidance for Implementing Permissive Exclusion Authority for Owners, Officers, or Managing Employees

This OIG guidance for implementing permissive exclusions for an owner, officer, or managing employee of an entity that has been excluded or convicted of certain offenses applies nonbinding factors the Office of Inspector General (OIG) when considering whether to impose permissive exclusion in accordance with section 1128(b)(15)(A)(ii) of the Social Security Act (the Act). Exclusions under section 1128(b)(15) are permissive, that is, the Secretary has the discretion whether to exclude or not to exclude. OIG’s exercise of this discretion is not subject to administrative or judicial review. 

Section 1128(b)(15) of the Act provides two different criteria for exclusion. 

  1. Individuals who have an ownership or a controlling interest in a sanctioned entity may be excluded if they knew or should have known of the conduct that led to the sanction. 
  2. Officers and managing employees, as defined in section 1126(b) of the Act, may be excluded based solely on their position within the entity. 

Keep in mind that the statutes applied to both criteria above are important to take into consideration because the first requires a higher standard for the exclusion of an owner, which requires evidence that the owner knew or should have known of the conduct that formed the basis for the sanction. 

What is a “managing employee” according to HHS OIG? 

A “managing employee” is defined as an individual (including a general manager, a business manager, an administrator, or a director) who exercises operational or managerial control over the entity or who directly or indirectly conducts the day-to-day operations of the entity. 

Factors To Be Considered for Excluding Owners, Officers, or Managing Employees

  • Circumstances of the misconduct and seriousness of the offense 
  • Individual’s role in sanctioned entity 
  • Individual’s actions in response to the misconduct 
  • Information about the entity 

All of these factors have a variable checklist of information for each determination. You can investigate more by reading the entire document – Guidance for Implementing Permissive Exclusion Authority Under Section 1128(b)(15) of the Social Security Act

Smarter Exclusion Monitoring for Healthcare Providers

Healthcare organizations must have a comprehensive approach to screening their providers and affiliates against various excluded lists. 

It is best practice search the OIG LEIE and SAM.gov websites in addition to all available state Medicaid lists. This practice will ensure that you are not employing or contracting with an excluded person or entity.

We’ve made it easy to reference healthcare exclusion data all from one convenient location. Check out our interactive exclusions map to see how many exclusions are present from the OIG LEIE, SAM.gov, and all state Medicaid excluded, sanctioned, or terminated provider lists.

ProviderTrust Healthcare State Exclusion Map
Click here to view the interactive map.

To learn more about establishing a more effective and efficient OIG exclusion monitoring program, visit our What We Do section.


Check out our latest resources!

ProviderTrust Healthcare License Monitoring Essential Guide
ProviderTrust Mike Rosen Cofounder

Written by Michael Rosen, Esq.

ProviderTrust Co-Founder, mrosen@providertrust.com

Michael brings over 20 years of experience founding and leading risk mitigation businesses, receiving numerous accolades such as Inc. Magazine’s Inc. 500 Award and Nashville Chamber of Commerce Small Business of the Year.

 Connect with Michael on LinkedIn