Federal exclusion requirements have been in place for years. However, in the last decade there have been significant legislative efforts to strengthen and extend Medicaid program integrity controls to protect beneficiaries from providers excluded from Medicaid participation. These providers were terminated for serious reasons – criminal convictions, licensure issues and provider misconduct that pose potential risks to patients – and yet a surprising number remain enrolled and/or being paid for services provided to Medicaid patients.

The attempt to strengthen protections began in earnest in 2011:

• Section 6501 of the Affordable Care Act in 2011 mandated that provider exclusion in one state required exclusion from all state. The ACA also required CMS to establish a process to make termination information available to state Medicaid programs.  
• The federal Medicaid Managed Care regulations issued in 2016 included a provision whereby all Medicaid providers (under fee for service or managed care payment arrangements) must enroll with their state Medicaid program in order to serve Medicaid beneficiaries. Prior to that, only providers billing the state directly were required to enroll and states relied on their Medicaid managed care contractors to appropriately vet and terminate providers. A significant part of Medicaid program integrity involves states’ ability to monitor all providers who serve their Medicaid population either directly or under a managed care model.
•  In 2016, the 21^st Century Cures Act (Cures Act) prohibited states from making Medicaid payments to terminated providers and required that state MCO contracts include a provision that prohibits providers terminated from Medicare, Medicaid, or CHIP from participating in Medicaid managed care networks. The Cures Act also required that CMS to develop a database to capture provider terminations as required under the ACA.  

Notwithstanding these federal legislative efforts, a remarkably high percentage of providers terminated for cause from Medicaid program participation continue to treat Medicaid patients. A 2019 OIG audit report determined that 11% of Medicaid providers who are deemed ineligible to participate in federal health care programs continue to provide services and continue to be paid. An earlier 2015 OIG audit revealed roughly the same percentage of excluded providers terminated in one state were still enrolled in other states. While CMS agreed with the OIG recommendations in both audit reports, the problems persist at the state level which materially impact the ability of federal regulatory bodies to access the exclusion and termination data needed.

State Data Limitations’ Impact on the LEIE

The federal legislative actions make it clear that CMS and the OIG must a) have access to state provider termination and exclusion data and b) make that data available to all states for their own exclusion monitoring. However, implementing the processes needed to meet this mandate has been hampered by a number of factors. State variability on how termination and exclusion data is captured, categorized and shared, as well as MCO contracting standards cannot be understated.  This directly contributes to the quality, currency and completeness of exclusion data captured in the LEIE. The value of any data repository is dependent entirely on the quality and reliability of the data included. Below are listed several major factors that can drive errors and discrepancies in the data found in the LEIE.

Submission delays and lag time

Data submitted by state fraud units are incorporated promptly upon receipt by the OIG. However, even though states are required to submit their exclusion data monthly to the OIG, submission delays are frequent. OIG audits of multiple state Medicaid Fraud Units have exposed multiple reporting failures or significant delays. This lag time, or failure to report excluded provider data at all, impacts the currency of LEIE data. There can be months of delay between state convictions and data submissions to the OIG. Therefore, if an organization relies exclusively on the LEIE for monthly monitoring of its current and prospective workforce and contractors, the organization risks making decisions based on stale or incomplete data and can suffer the consequences of hiring an excluded provider or entity. The OIG makes no distinction – healthcare organizations “who know or should have known” of excluded individuals or entities with whom they transact are equally liable.

Inconsistency of the information provided by states and lag time

A review of multiple state exclusion lists quickly reveals the differences in the data captured and terminology used. Even if a state timely submits exclusion/termination data to the OIG, the data elements provided and terminology used may differ significantly. This can create delays in OIG processing of data for inclusion in the LEIE. In a recent OIG audit, there was a recommendation made that the states develop common terminology to resolve this problem. For more information about state and federal data errors and gaps, please check out the linked article.

Completeness of state fraud data

Another area for improvement noted in a 2018 OIG audit report by the OIG was the failure of managed care organizations (MCOs) to report provider terminations to the state. MCOs play an increasingly important role in fighting fraud and abuse in Medicaid as the majority of Medicaid patients receive their care through these organizations.  While MCOs took actions against providers suspected of fraud or abuse, they did not typically inform the state, including when MCOs terminated provider contracts for reasons associated with fraud or abuse. This process gap directly impacts the ability of a state to investigate, address and report fraudulent activity. While 38 states include a provision requiring notification in the event of a provider termination, it is less clear how consistently the state audits to assess compliance. In 2018, three states – Indiana, New York and South Carolina did not include this requirement in their MCO standard contracts.

Conclusion

The 2015 and 2019 OIG provider exclusion audits clearly indicate that the states and CMS can do more to protect Medicaid beneficiaries from terminated providers and prevent millions in inappropriate payments made to these providers. The OIG consistently offers assistance to the states struggling with exclusion data capture and quality problems.  Unfortunately, the problems identified are generally embedded in state agency resource limitations that stymy efforts to fully address the underlying issues.

Currently, there is no single repository that provides timely and accurate data on all individuals and entities excluded from state Medicaid program participation.  Technically the OIG LEIE should be that resource but remains an imperfect solution for the reasons reviewed in this article.  

While the LEIE remains a foundational resource for exclusion monitoring, it is critical that health care organizations look to state exclusion lists and actions taken by state medical boards for the full and most current exclusion status of a provider or health care entity.  Streamline Verify offers a full portfolio of exclusion monitoring services that provides the full picture using state and federal lists, as well as state medical society information.  Over the last ten years, Streamline Verify has developed cutting-edge software and services offering its clients peace of mind that, despite the limitations of the LEIE, their Streamline Verify exclusion report provides the most current and accurate exclusion information from all available sources about their workforce and contractors.