The OIG exclusion list databases in the healthcare compliance industry need to be cross-checked and cross-referenced in order to remain compliant. This can be overwhelming at times, especially when it comes to understanding the difference between the lists. However, there are big differences between the OIG-LEIE and the GSA exclusion list, and most of the differences have to do with enforcement and the ease of use of various data. 

HHS OIG Enforces Healthcare Fraud Fines and Penalties

The HHS Office of Inspector General (OIG) is the ultimate enforcer:

  • OIG can fine an organization civil fines and monetary penalties
  • OIG can force an organization into a Corporate Integrity Agreement
  • OIG can recommend the revocation of CMS billing privileges

In the last six years, OIG has issued civil fines and monetary penalties in excess of $27 million to more than 250 healthcare organizations for hiring or claiming federal healthcare dollar reimbursements on behalf of excluded person or entities.

The OIG has published a list of excluded individuals and entities since the early 1990’s. The OIG List of Excluded Individuals/Entities contains just the exclusion actions taken by the OIG.

Today, the OIG List of Excluded Individuals/Entities has approximately 60,000 currently excluded individuals and entities. Further, according to Performance Standard 8, all state Medicaid Fraud Control Units, MCFU, are required to report any action it takes involving terminations and/or exclusions within thirty (30) days of its action to the OIG.

To search the list, you only require the last name and first name. If a possible name match is found, then you will be asked to click the verify button and enter the SSN to determine a match. This is pretty simple to navigate. You can even download the database and build your own search engine to conduct searches in bulk.

In addition, many cases include an NPI as an additional identifier to match against. If the individual held a professional license, that information and the DOB can also be found in many cases.

General Services Administration’s (GSA):
Compilation of Federal Procurement Debarred Individuals

Which Exclusion Lists Does the GSA Administer?

GSA administers EPLS and SAM, both of which contain debarment actions taken by various federal agencies, including exclusion actions taken by the OIG. This database also contains the old GSA EPLS list as well as the OIG exclusions.

According to the website, it “combines federal procurement systems and the Catalog of Federal Domestic Assistance into one new system…” The first phase of SAM includes the functionality of the following systems:

  • Central Contractor Registry (CCR)
  • Federal Agency Registration (Fedreg)
  • Online Representations and Certifications Application (ORCA)
  • Excluded Persons List System (EPLS)

What to Do if a Record is Found on the Exclusion List?

If a possible record is found on, you are instructed to go to the government agency directly to verify. You will need to know the Dun & Bradstreet number if the excluded party is an entity. If the exclusion is for an individual, there are about four additional steps that must be taken to verify with identifiers, such as SSN. The database does not have license information or NPI records like the OIG LEIE does.

How Can Healthcare Organizations Remain Compliant?

Interestingly, it does not appear that has any authority to fine an organization like the OIG does. Instead, is a procurement repository. Further, if an organization is debarred, it might not mean that you cannot do business with a debarred entity. If your organization does not require your vendor to be GSA approved nor is it being reimbursed through federal program dollars, the debarment may not affect your contract (this must be reviewed by your legal counsel).

But do the GSA exclusion lists, SAM, and the OIG LEIE contain all exclusions and debarments? The short answer is no. According to an audit performed of the OIG List of Excluded Individuals/Entities list, it was determined that over 60% of state Medicaid exclusions were not routinely reported to the list.

Search the and the OIG LEIE websites in addition to all available state Medicaid lists. This practice will ensure that you are not employing or contracting with an excluded person or entity.

Written by Michael Rosen, ESQ

ProviderTrust Co-Founder,

Michael brings over 20 years of experience founding and leading risk mitigation businesses, receiving numerous accolades such as Inc. Magazine’s Inc 500 Award and Nashville Chamber of Commerce Small Business of the Year.

 Connect with Michael on Linkedin