U.S. healthcare providers who participate in federal or state healthcare programs such as Medicare or Medicaid must be vigilant in their hiring practices. Hiring or retaining excluded individuals or entities can subject providers to significant penalties if an employee, contractor, or vendor is excluded from a federally funded healthcare program. A provider who employs an excluded individual to provide items or services paid from federal healthcare program funds will be required to pay back 100 percent of the funds improperly received and may be subject to civil monetary penalties. It is therefore critical that providers know about both the federal and state agencies that maintain exclusion databases, as well as the lists themselves.
THE OIG’S LIST OF EXCLUDED INDIVIDUALS AND ENTITIES
The U.S. Department of Health and Human Services’ Office of the Inspector General (HHS OIG) places individuals or entities convicted of committing fraud, abuse or other offenses against patients and programs on the federal Exclusion List known as the “List of Excluded Individuals & Entities” (LEIE). This is the definitive list of exclusions levied by the OIG.
The OIG Exclusion List (or the LEIE) was created to assure the integrity of federal healthcare programs such as Medicare and Medicaid. The purpose of the LEIE is two-fold: (a) to entrust the care of Medicare and Medicaid patients to high quality providers and suppliers and (b) to prevent any federal funds from flowing to individuals or entities that had breached that trust. Those individuals or entities appearing on this OIG Exclusion List may not render or be reimbursed for, directly or indirectly, any service or supply materials connected to federal healthcare programs. A provider who employs a staff member listed on the LEIE may be found liable by the OIG if such services were performed while under employment or contract with his or her business.
To fulfill the purpose of the LEIE, federal and state healthcare contractors are required to regularly review this list to avoid hiring or retaining individuals who had committed serious crimes against federal programs or against individuals who were enrolled in federal health care programs. The LEIE is updated monthly. Therefore, to stay current on excluded individuals and entities, providers need to screen their workforce members and vendors on a monthly basis. Checking the LEIE can be done by using the OIG portal or by downloading the LEIE database to perform a OIG check or OIG search.
OIG EXCLUSION LIST IS BUT ONE OF MANY
The OIG’s LEIE is not the sole list that providers, health systems and health plans need to monitor to avoid bad hiring decisions, reimbursement problems and potential monetary penalties. There are actually several.
> The SAM.gov database: This federal list, known as the System for Awards Management database must also be checked regularly to assure that new or current employees, vendors, contractors, and other workforce members are not excluded from reimbursement under a federal contract. The SAM.gov database provides a broader search than the LEIE because it compiles exclusion information from multiple federal agencies into a central repository. This includes what used to be known as the Excluded Parties List System (EPLS). SAM.gov is a bit more cumbersome to search than the LEIE but still an extremely useful resource for EPLS background checks. Providers must not seek reimbursement under federal contracts for services by employees, vendors or third parties found on such lists. Note that while the LEIE, SAM.gov and EPLS all involve exclusions, these databases are not the same. You may find more information about them here Differences Between the OIG’s LEIE and GSA’s SAM Exclusion Lists .
> Medicare Preclusion List: In addition to the LEIE and SAM.gov, CMS recently developed a provider preclusion list specific to several Medicare programs. Each month, the OIG provides LEIE data for inclusion on the updated Medicare Preclusion List. However, as outlined in an earlier article, these lists are not entirely consistent because the criteria for inclusion on the Medicare list differs from the OIG’s list. Medicare managed care and Part D plans are required to screen against this list on a monthly basis.
> State Medicaid Exclusion Lists
44 states and jurisdictions currently maintain their own Medicaid exclusion lists. As Medicaid plans identify fraudulent behavior by their contractors and vendors, they are required to notify their state Medicaid fraud agency, often know as the Medicaid Fraud Control Unit (MFCU). If the MFCU finds that fraudulent activity has occurred, the provider’s name is added to the state Medicaid exclusion list. MFCUs are then required to submit their exclusion data to the HHS OIG for inclusion on the LEIE.
UNDERSTANDING the OIG’s EXCLUSIONS
Under Section 1128 of the Social Security Act (SSA), the OIG can impose two types of exclusions – mandatory and permissive. The effect of both mandatory and permissive exclusions is the same. These exclusions share many commonalities:
> Both can place a provider or business on the OIG Exclusion List;
> Both prevent reimbursement, directly or indirectly, from federal and state healthcare programs;
> Both prevent a provider or entity from contracting to provide services or participating in federal and state healthcare programs; and There are no differentiating factors: list. Only the duration will vary based on the severity of the violation but not the exclusion.
Mandatory exclusions OIG is required by law to exclude from participation in all Federal health care programs individuals and entities convicted of the following types of criminal offenses:
> Medicare or Medicaid fraud, as well as any other offenses related to the delivery of items or services under Medicare, Medicaid, SCHIP, or other State health care programs;
> patient abuse or neglect;
> felony convictions for other health care-related fraud, theft, or other financial misconduct; and
> felony convictions relating to unlawful manufacture, distribution, prescription, or dispensing of controlled substances.
If an individual or entity is convicted of any of these crimes, the OIG is required by law to place violators on the OIG Exclusion List. The OIG has limited discretion in determining the length of exclusion for a mandatory offense. Minimum exclusion periods are set by federal law. An initial conviction requires exclusion for 5 years. Being convicted of a second mandatory offense can result in exclusion for 10 years. A third conviction will result in permanent exclusion from Medicare, Medicaid and federal healthcare programs.
Permissive exclusions OIG has discretion to exclude individuals and entities on several grounds, including (but not limited to):
> misdemeanor convictions related to health care fraud other than Medicare or a State health program, fraud in a program (other than a health care program) funded by any Federal, State, or local government agency;
> misdemeanor convictions relating to the unlawful manufacture, distribution, prescription, or dispensing of controlled substances;
> suspension, revocation, or surrender of a license to provide health care for reasons bearing on professional competence, professional performance, or financial integrity;
> provision of unnecessary or substandard services;
> submission of false or fraudulent claims to a Federal health care program;
> engaging in unlawful kickback arrangements;
> defaulting on health education loan or scholarship obligations; and
> controlling a sanctioned entity as an owner, officer, or managing employee.
In assessing permissive exclusions, the OIG has significant discretion on grounds for exclusion and the duration of exclusion. A permissive exclusion can generally result in between 1 to 3 years on the OIG Exclusion List. However, for a case that falls under a permissive exclusion, the OIG may impose a different period depending on the severity of the matter.
THE FINER POINTS of the OIG LEIE
> Exclusion does not prevent participation outside of federal and state funded healthcare programs. Note that those individuals or entities on the OIG Exclusion List are only limited from participating in federal or state health care programs such as Medicare and Medicaid programs. They are free to provide services privately if there is no involvement with government funded healthcare programs. Patients however are at potentially at risk of receiving services from ethically questionable healthcare practitioners or providers.
> Exclusion applies to more than direct care providers. Therefore, the monthly check of employees, contractors, and vendors against the current LEIE must not be limited to healthcare professionals primarily concerned with patient care. This review process should also include employees providing support services as well as administrative staff and managers. It does not matter if they do not have any interaction with the patients. If such excluded individuals are connected to your business which is participating in federal or state healthcare programs, you will be in violation of the law every time they carry out their functions in relation to your business.
> Reinstatement after an Exclusion Period Ends. Reinstatement is not automatic. Per the OIG, to participate in Medicare, Medicaid, and all other Federal health care programs once the term of exclusion ends, the individual or entity must apply for reinstatement and receive written notice from OIG that reinstatement has been granted.
RESOURCES AND SOLUTIONS
There are resources available to help plans and providers to better understand and conduct screening themselves. They can look to the Compliance Resource Portal maintained by the OIG for helpful information about federal fraud, waste and abuse laws as well as trainings and tools related to compliance program effectiveness and understanding program exclusions. Also, the OIG provides access to the LEIE databases as well as tips on how to use them. The U.S. government also offers instructions on how to navigate SAM.gov. However, the time and staff resources for a provider, hospital or health plan to regularly screen against just these two resources, not even considering the states’ exclusion databases (or the CMS Preclusion List if applicable) is considerable and not cost-effective for most organizations. Before you decide to take on this screening work with your own staff, consider the complexity and risk factors.
Things to Consider
> Screening Frequency: Federal and state exclusion lists are updated monthly. Since the OIG updates the Exclusion List monthly, the OIG expects monthly OIG checks and OIG search against the updated Exclusion List by entities who receive reimbursement, directly or indirectly, from federally funded healthcare programs.
> Ambiguous Screening Results: Even provider organizations who diligently monitor against these lists may find that the screening results are not definitive. Staff resources are then needed to rule out potential “false positives”. For example, a name on the LEIE may be similar to that of provider but differs enough to rule out a clean match. These require further work and investigation to resolve ambiguities which can be very time consuming.
> Currency of the LEIE Updates: The HHS OIG is very diligent about updating the LEIE with exclusions imposed by the OIG. Data submitted by state fraud units are incorporated promptly upon receipt. However, even though states are required to submit their exclusion data monthly to the OIG, submission delays are frequent. This lag time, often several months, impacts the currency of data in the LEIE. Therefore if provider organizations decide to forego checking against state exclusion lists and instead rely solely on the LEIE (which should include all up to date state exclusions submitted by state agencies and fraud units) they risk not monitoring against the most up to date sources available.
> The Potential Cost of Incomplete Screening: Fines for hiring or retaining excluded individuals and entities can be significant. The OIG makes no distinction – healthcare providers “who know or should have known” of excluded individuals or entities with whom they transact are equally liable. The OIG can hold providers accountable and impose fines if an excluded individual or entity is allowed to provide services or supplies after they appear on the LEIE.
Failing to perform routine OIG checks or OIG search on pre-hires, as well as current employees, contractors and vendors can easily result in fines within the $10,000 to $250,000 range. That is a conservative estimate. There have been multiple cases where it has gone well beyond the $250,000 mark. Violations have resulted in fines of millions of dollars on many occasions.
Engage an Expert to Meet this Compliance and Business Need
For the reasons states above, regularly monitoring against the LEIE as well as the other required lists can be a daunting process that can leave your organization vulnerable to reimbursement and staffing problems. From a business perspective, contracting with an organization that specializes in exclusion screening, like Streamline Verify, supports both contract compliance and avoidance of potentially significant fines. In addition, having this monthly process performed by an organization that specializes in the review process can save the time of your staff resources and eliminate the worry over potential fines lurking in updated LEIE each month. Streamline Verify clients report that on average, they are able to reduce staff workloads related to monitoring activities by 60%.
Streamline Verify is an industry leader in exclusion screening. Using its propriety exclusion software, Streamline Verify can automate the monthly monitoring functions against the LEIE, SAM.gov and state exclusion databases. Streamline Verify also offers screening capabilities against other sanction lists and licensing lists.
Streamline Verify clients enjoy access to a highly evolved suite of services and safeguards including:
> An extensive report catalog that allows clients to drill down on data over customized time periods and areas of interest in customized formats and configurations
> Hourly synchronization to primary source data so that searches are performed against the most up to date information available
> Advanced search functionalities that match name variations and NPIs against all exclusion databases, so that no potential matches are missed
> Cutting-edge systems and supports to safeguard client data transmission data and storage, including Annual SOC 2 Type II reports, and automated penetration tests and vulnerability scans
> Excellent CMS audit results. In fact, Streamline Verify has received positive feedback directly from CMS auditors regarding the clarity of its work product.
As Benjamin Franklin once stated, “An ounce of prevention is worth a pound of cure”. As you consider the best business and compliance solution to the challenges posed by the screening requirements faced by your organization, Ben’s adage is uniquely relevant.