Maybe the Wizard of Oz had good advice: follow the yellow brick road. It may have curves and present different paths, and you may meet some interesting people along the way, but in the end, it can take you to the big castle. In this case, the castle is the Office of Inspector General (OIG) for the Department of Health and Human Services (HHS) – the ultimate enforcer for healthcare fraud. The OIG has enforcement powers with the wave of its wand. Those powers include the statutory authority to impose civil fines and penalties (CMP) and exclusions against individuals and/or entities that stray from the yellow brick road.

An exclusion is an administrative penalty that the OIG for HHS can impose against a person and/or a third party/entity. The OIG has been granted statutory authority to impose an exclusion under Sections 1128 and 1156 of the Social Security Act. There are two types of exclusions: mandatory and permissive. The OIG mandates that healthcare organizations do not hire or do business with “excluded or sanctioned” individuals and/or entities. If a person or entity is excluded, he/she/it is prohibited from participating in reimbursements for or from federally funded healthcare programs (CMS, Medicare, Medicaid, TriCare, CHIPS, CHAMPUS).

The OIG imposes exclusions for a number of reasons. When it comes to compliance, there are a few roads that can lead to an exclusion. Let’s discuss these and help promote a roadmap to stay on the straight and narrow. Exclusions can be classified as two types:

Mandatory: The OIG is required by law to exclude from participation in all federal healthcare programs individuals and entities convicted of the following types of criminal offenses:  

  • Medicaid or Medicare fraud
  • Other offenses related to the delivery of items or services under Medicare, Medicaid, CHIPs or other state health care program
  • Convictions for patient abuse or neglect
  • Felony convictions for other healthcare related fraud, theft, or other financial misconduct
  • Felony convictions relating to the unlawful manufacture, distribution, prescription or dispensing of controlled substances

Permissive: The OIG has the discretion to exclude individuals and entities on a number of grounds such as:

  • Misdemeanor convictions related to healthcare fraud other than Medicare or Medicaid or a state health program
  • Misdemeanors for fraud
  • Those relating to the unlawful manufacture, distribution, prescription or dispensing of controlled substance
  • Suspension, revocation or surrender of a license to provide healthcare for reasons bearing on professional competence
  • Submission of false or fraudulent claims to a federal healthcare program
  • Engaging in unlawful kickback arrangements
  • Defaulting on health education loan or scholarship obligations
  • Permissive exclusions can be imposed by the OIG for controlling a sanctioned entity as an owner, officer, or managing employee

The OIG also has statutory authority to impose civil fines and monetary penalties. These fines can reach up to $10,000 per item claimed per person and up to three (treble) times total billings and/or salary and benefits of the individual during the time of the exclusion. The OIG is also vested with compiling a federal list of exclusions and making that data set public and free to search. This list is known as the List of Excluded Individuals and Entities (LEIE).

The OIG List of Excluded Individuals and Entities (LEIE) has been in existence since the early 1980’s. The Dept. of HHS began imposing exclusions in 1977. As of May 2017, there are over 67,000 individuals and entities currently excluded.

The OIG LEIE is updated monthly by the OIG (usually between the 10th and 12th of each month). If a provider gets reinstated, they are removed from the update list. So it is imperative to search all employees and entities against the OIG LEIE each month. Best practice is to set up a system to conduct ongoing exclusion monitoring, so you will not miss a match as you hire/fire and contract throughout the month. 

Since the exclusion is an administrative action, the person to whom the exclusion will apply (or the entity) is provided with due process and notice of intent to exclude. The individual or entity is then provided an opportunity to present information as to why he/she/it suspects it should not be excluded.

Exlusions from State MFCUs

An exclusion can actually start at a State Medicaid level and then be reported to the OIG for inclusion at the OIG LEIE. Each state has a Medicaid Fraud Control Unit (MFCU) and/or state Attorney General that is statutorily tasked with pursuing fraud against state Medicaid funds.  Accordingly, each MFCU has agreed to follow Performance Standards, including Performance Standard 8(f). This Performance Standard requires that all state Medicaid Fraud Control Units transmit to the OIG for HHS, “for purposes of program exclusions under section 1128 of the Social Security Act, all pertinent information on MFCU convictions within thirty (30) days (emphasis added) of sentencing, including charging documents, plea agreements and sentencing orders.”  

By referring convicted individuals and entities to the OIG for exclusion, MFCU’s help to ensure that such individuals and entities do not have the opportunity to defraud Medicaid and Medicare or other federal healthcare programs or to commit patient abuse, neglect, or other fraud. Historically, the referrals by MFCU’s have constituted a significant part of the exclusion imposed each year by the OIG.

NOTE: Not all state Medicaid exclusion records make their way to the OIG, timely or at all. A 2011 audit of the OIG list by CMS showed that up to two-thirds of those records did not make it the OIG within thirty (30) days or at all. Therefore, the OIG LEIE will not always contain all available exclusions that exist.  

Did You Know?

In 2016, Medicaid Fraud Control Units reported:

  • 1,564 convictions (a five year high) Over one-third of which involved personal care services attendants  
  • Fraud cases accounted for 74% of the 1,564 convictions
  • Drug diversion cases increased from 2015
  • 998 civil settlements and judgments from MFCU
  • Pharmaceutical manufacturers accounted for almost 50% of settlements
  • MFCU reported almost $1.9B in criminal and civil recoveries

exclusionchart.png

The graph shows the importance of MFCU reporting their actions to the OIG. The OIG list contains 1284 new MFCU referred exclusions for inclusion in the OIG LEIE.  Without timely or reporting at all to the OIG from MFCU, there are and will continue to be state Medicaid exclusions that do not make their way to the OIG list.  This creates gaps and exposes your organization to risk, if you are not including state Medicaid exclusion monitoring to your monthly exclusion monitoring program.

Summary:

There are two paths to an exclusion appearing on the OIG List of Excluded Individuals and Entities (LEIE). One is directly from the OIG and the other is from a Medicaid Fraud Control Unit referral of a conviction or plea of guilty. Either way, the presence of an exclusion at the OIG LEIE is worth knowing each month and by monitoring, you will avoid fines and penalties for employing or contracting with such an excluded person or entity. Remember, that a person or entity can be excluded in various ways:

  • State Medicaid authority
  • State Medicaid authority and the OIG
  • The OIG and/or a combination of the above

Therefore, it is best practice to search against the OIG LEIE and all available state Medicaid exclusion lists each month. Further, adding SAM.gov to your monthly monitoring program will close all gaps and loops in the data.

At ProviderTrust, we can help make the monitoring process simple and easy. All you have to do is give us the data, and we will monitor across federal and state lists. We know that a compliance professional’s time is precious, and our software solutions allow you to focus your energies on other types of responsibilities while your data is automatically updated.


Check out our latest resources!

License Monitoring eBook


Written by Michael Rosen, ESQ

ProviderTrust Co-Founder, mrosen@providertrust.com

Michael_Rosen.pngWritten by Michael Rosen, ESQ

ProviderTrust Co-Founder, mrosen@providertrust.com

Michael brings over 20 years of experience founding and leading risk mitigation businesses, receiving numerous accolades such as: Inc Magazine’s Inc 500 Award and Nashville Chamber of Commerce Small Business of the Year.

 Connect with Michael on Linkedin