A Provider’s Guide to OIG ExclusionsFederal Exclusion Regulations and Enforcement Authorities, and How Providers Can Avoid Risk with Proper Exclusion Screening–Part 1
Paul S. Weidenfeld, JD
ABOUT THE AUTHOR
“OIG” in this paper refers to “Office of Inspector General, Department of Health and Human Services” unless otherwise stated. The term “OIG Exclusion” is used as shorthand for an administrative action taken by the OIG barring an individual or entity from participating in Federal health care programs pursuant to §1128(a)(1)-(4), (b)(1)-(b)(16) or §1156 of the Social Security Act (SSA).
 This article focuses on exclusions from a regulatory and enforcement perspective, but exclusions also play a critical role in compliance and risk management programs. See, e.g., HCCA, Measuring Compliance Program Effectiveness: A Resource Guide (Jan. 2017), available at ttps://oig.hhs.gov/compliance/compliance-resource-portal/files/HCCA-OIG-Resource-Guide.pdf. (guidance reconfigures the traditional “Seven Elements of an Effective Compliance Program” and makes the “Screening and Evaluation of Employees, Physicians, Vendors and other Agents” an element unto itself – or the new “Seventh Element of Compliance”).
 The Medicare-Medicaid Anti-Fraud and Abuse Amendments of 1977, Public Law 95–142. In 1979, the Department of Health Education and Welfare was renamed the Department of Health and Human Services (HHS).
See e.g. Crackdown on Health Care Fraud, https://www.nytimes.com/1995/12/22/us/in-crackdown-on-health-care-fraud-us-focuses-on-training-hospitals-and-clinics.html.
 In addition to establishing the principle of insurance portability, HIPAA contained several provisions related to health care fraud enforcement, including containing legislation that significantly increased the ability of law enforcement agencies to obtain and share information and establishing the Health Care Fraud and Abuse Fund (HCFAC) as a permanent funding source specifically designated for health care fraud enforcement.
 The effect of an OIG Exclusion is addressed in the Special Advisory Bulletin on the Effects of Exclusion from Federal Health Care Programs,” issued September 2, 1999, and in the “Updated Special Advisory Bulletin on the Effect of Exclusions from Participation in Federal Health Care Programs,” issued May 8, 2013. Hereinafter, the initial advisory will be referred to as the “1999 Special Advisory” and the update will be referred to as the “Updated Special Advisory” or the “2013 Special Advisory.” The 1999 Special Advisory can be found at: https://oig.hhs.gov/fraud/docs/alertsandbulletins/effected.htm; the 2013 Updated Special Advisory can be found at https://oig.hhs.gov/exclusions/files/sab-05092013.pdf.
 Inspector General June Gibbs Brown, in the press release for the 1999 Special Advisory.
 See 42 C.F.R. § 1001.10. Definitional changes were made to direct and indirect claims pursuant to rulemaking authority granted to the OIG in the MMA and the ACA; See also, OIG Advisory Opinion No. 18-01 at 5 (Feb. 20, 2018) available at https://oig.hhs.gov/fraud/docs/advisoryopinions/2018/AdvOpn18-01.pdf.
 The Data in the figures in this section come from the exclusion data reportered in the List of Excluded Individuals/Entities (LEIE) by calendar year.
 The data in the charts in this section comes from exclusion data reported in the List of Excluded Individuals/Entities (LEIE).
 These calculatiosn are based on the composition of the LEIE through December 31, 2017.
 See, §§ 1128(c)(3)(G)(i) and (G)ii of the SSA. See also 82 Fed. Reg. 4100.
 See https://oig.hhs.gov
 See Criteria for implementing section 1128(b)(7) exclusion authority (April 18, 2016) available at https://oig.hhs.gov/exclusions/files/1128b7exclusion-criteria.pdf. The OIG breaks these down into “high risk factors,” “low risk factors,” and factors that have “no effect.” High risk factors include the impact on beneficiaries cooperation, and whether an adverse licensing action occurred. “Lower risk” factors include acceptance of responsibility and self-disclosure. Factors that are “expected,” and thsu have “no effect”, are coopearation in the investigation and having a compliance plan with the seven elements of compliance.
 See Guidance for the Implentation of its Permissive Exclusion Authority Under Sectino 1128(b)(15) at 1, available at https://oig.hhs.gov/fraud/exclusions/files/permissive_excl_under_1128b15_10192010.pdf. The guidance was issued because 1128(b)(15) provides for exclusion based on whether the individual in question is either an owner or an officer or a managing employee and the analysis is different for each.
 Criteria for implementing section 1128(b)(7) exlcusion authority (April 18, 2016) avialable at https://oig.hhs.gov/exclusions/files/1128b7exclusion-criteria.pdf.See also 81 Fed. Reg. 88, 334 (Dec. 7, 2016): “In 1981, Congress enacted the CMPL, section 1128A of the Act (42 U.S.C. §1320a-7a), as one of several administrative remedies to combat fraud and abuse in Medicare and medicaid”
Id. 81 Fed. Reg. at 88.
 This is a listing of the CMP authorities related to exclusion violations. A complete listing of the OIGs CMP authorities can be found on the OIG’s website, or at 42 C.F.R. § 1003.210.
 The OIG may also impose a penalty or, when applicable, an assessment, against a Medicare Advantage or Part D contracting organization with a contract under section 1857 or 1860D-12 of the SSA if any of its employees, agents, or contracting providers violate § 1003.400(a) – (d).
 The penalty amounts for CMPs and assessments are updated annually and are published at 45 C.F.R. § 102.
 A discussion of the change is found in 81 Fed. Reg. 88, 334 (Dec. 7, 2016).
 See 42 CFR § 1004.140(c); see also Criteria for implementing section 1128(b)(7) exclusion authority (April 18, 2016), available at https://oig.hhs.gov/exclusions/files/1128b7exclusion-criteria.pdf..
See § 3729(a)(1) of the Fraud Enforcement Recovery Act of 2009 and § 6401of the Affordable Care Act (2010).
By Catalina Jandorf
The Office of the Inspector General (OIG) has recently entered into a number of exclusion case settlements tied to skilled nursing facilities and hospitals. Additionally, there have been several recent investigations targeted towards physician practices. A rising number of these cases with sizable settlement recoveries highlight an emerging trend to be on the lookout for.
Recent Exclusion Case Settlements
There appears to be a growing number of skilled nursing facilities and hospitals being implicated in connection with employing excluded individuals. In November 2016, a New York rehabilitation center entered into a $205,089 settlement agreement with OIG. It was alleged that the facility employed an individual who was excluded from participating in any Federal health care program. OIG’s investigation revealed that the excluded individual was a licensed practical nurse, who provided items or services to the center’s patients that were billed to Federal health care programs.
Similarly in the same month, another New York rehabilitation center entered into a $110,223 settlement agreement with OIG. The investigation revealed that one excluded individual was a registered nurse supervisor and another was a licensed practical nurse, both having provided items or services to the facility’s patients that were billed to Federal health care programs.
Also in November 2016, a California hospital agreed to pay $190,087 for allegedly violating the Civil Monetary Penalties Law following a Self-Disclosure Protocol (SDP) settlement. In July 2016, a North Carolina and a California hospital agreed to pay $475,220 and $207,698 respectively for allegedly violating the Civil Monetary Penalties Law. In each of these cases, OIG alleged that the hospitals employed an individual that they knew or should have known was excluded from participation in Federal health care programs.
Another trend in exclusion liability involves targeting physician practices and individual physicians. A recent case implicated a medical group practice and a physician in Texas that agreed to pay $435,481 in Civil Monetary Penalties (CMPs) after they self-disclosed conduct to OIG. OIG alleged that the practice employed an individual that they knew or should have known was excluded from participation in Federal health care programs.
False Claims Act Liability
In addition to facing exclusion sanctions and CMPs, an individual or entity may also be found to be liable under the False Claims Act (FCA). Another physician exclusion case settlement from September 2016 involved a Puerto Rican physician who agreed to be banned from participation in all Federal health care programs for a period of five years in connection with the resolution of FCA liability. OIG alleged that the physician submitted or caused to be submitted false claims under Medicare when he furnished health care services to Medicare beneficiaries in a hospital emergency department while he was excluded from participating in Federal health care programs.
In another recent case, a Pennsylvania chiropractor agreed to be excluded from participating in Federal health care programs for a period of twenty-five years in connection with FCA liability. OIG alleged that the chiropractor knowingly submitted or caused to be submitted false or fraudulent claims to Medicare for services rendered as a de facto executive and administrator of a chiropractic center even though he was excluded from participating in Federal health care programs.
If this steady trend of skilled nursing facilities and hospitals facing exclusion liability is any indication, the OIG will continue to aggressively enforce screening requirements and impose strict sanctions. In addition to the being found liable for CMPs, False Claims Act liability may come into play if an excluded individual submits false claims under Medicare. If found to be in violation of the FCA, the individual or entity will be required to pay a mandatory penalty, which is currently in the range of $5,500 and $11,000 for each false claim submitted, and be liable for treble damages.
With the increase of OIG exclusion case settlements and larger settlement amounts, screening employees, vendors and contractors against the OIG’s List of Excluded Individuals and Entities (LEIE), the GSA’s System for Award Management (SAM), and all 38 state lists every month is critical.
To eliminate the risk of having to self-disclose a possible exclusion violation or undergo an OIG investigation, contact the Exclusion Experts at 1-800-294-0952 or fill out the form below for a free consultation.
By Paul Weidenfeld  The Office of Inspector General (OIG) has steadily increased its enforcement of OIG Exclusion Screening violations since the issuance of its Special Advisory stressing the effect of an OIG Exclusion in May, 2013. Among other things, they have created a special unit to focus specifically on Civil Money Penalties (CMPs) (its favored enforcement tool), supported numerous prosecutions by both its Office of Audit and its Office of Evaluations and Inspections, and sought greater regulatory authority from Congress. This article was originally directed (and is still intended) to give a basic tutorial on what an exclusion is, how it effects them, and what they can do to protect themselves.
I. What is an OIG Exclusion?
The Department of Health and Human Services (HHS) is responsible for administering the Medicare and Medicaid Programs and it decides who may receive benefits under these programs as well as who will be allowed to provide them. When it is determined that a person or entity will not be permitted to provide services to the program, that person or entity is said to be “excluded.” The authority to exclude individuals and entities from Federal health care programs has been delegated by the Secretary of HHS to the OIG.
There are two types of OIG exclusions, mandatory and permissive, and both have the effect of barring an individual or entity from participating in all Federal health care programs until such time, if ever, that their privilege has been reinstated. Mandatory exclusions last a minimum of 5 years and must be imposed if a person or entity is convicted of certain criminal offenses. These include, among others, offenses related to defrauding Federal or State health care programs, felony convictions for other health care related offenses, most drug related felony convictions, and patient abuse or neglect.
Permissive exclusion authority implicates a much wider range of conduct. The type of conduct for which permissive exclusions may be imposed include misdemeanor convictions related to defrauding health care fraud programs; drug related misdemeanors; suspension, revocation or surrender of a health care license based on competence, performance, or financial integrity; providing unnecessary or substandard services; submitting false claims; defaulting on health education loans or student loans, and so on.
II. What is the Impact of an OIG Exclusion?
The impact of an OIG exclusion extends to any provider who employs or contracts with the excluded person or entity. The regulation that grants OIG the exclusion authority states that payments cannot be made for items or services furnished “by an excluded individual or entity, or at the medical direction or on the prescription of a physician or other authorized individual who is excluded when the person furnishing such item or service knew or had reason to know of the exclusion.” 42 CFR § 1001.1901(b).
Though the language of the regulation appears to be directed at excluded persons who provide direct, billable services, the OIG broadly interprets the regulation to create a “payment prohibition” that includes virtually any item or service performed by an excluded person that contributes to any claim for reimbursement from any Federal or State Health Care Program. For example, the OIG considers the preparation of a surgical tray or the inputting of information into a computer by an excluded person in violation of the prohibition. Similarly, administrative and management services, IT support, and even strategic planning would also be problematic. Even an excluded volunteer’s assistance might trigger the prohibition unless his activities were “wholly unrelated to Federal health care programs.”
As indicated earlier, the favored enforcement tool is the imposition of civil penalties pursuant to 42 CFR §1003.102(a)(2). Though this regulation also appears to be restrictive in nature, the OIG interprets it to authorize CMPs for the failure of providers to screen their employees, vendors and contractors for exclusions. In its view, any time an “excluded person participates in any way in the furnishing of items or services that are payable by a Federal health care program,”  a employer/provider that fails to screen will be held to have “known” — or “should have known” — of the exclusion.
III. OIG Exclusion Screening Requirements
Federal screening requirements are contained in the May, 2013 Special Advisory Bulletin. The Advisory Bulletin states that in order for a provider to “avoid potential CMP liability,” they must check the List of Excluded Individuals and Entities (LEIE) to “determine the exclusion status” of their current employees, vendors and contractors. This can be done, according to the Bulletin’s guidance, by reviewing “each job category or contractual relationship to determine whether the item or service being provided is directly or indirectly, in whole or in part, payable by a Federal health care program,” and then “screen everyone that perform[s] under that contract or in that job category.
While the OIG concedes that it does not have the authority to require that screening be performed every 30 days, it makes it clear that providers who fail to screen their employees, contractors, or vendors monthly risk the imposition of CMPs and overpayment liability. In addition, the OIG observes that the LEIE is updated on a monthly basis, that CMS mandated monthly screening for all State Medicaid Units in 2009 and 2011, and it requires monthly screening in all of its corporate integrity agreements.
IV. Are the OIG Exclusion Screening Requirements Difficult to Meet?
The logistics of the screening process are extremely challenging for most providers despite the fact that the LEIE is a “searchable and downloadable database that can assist in identifying excluded employees.” Providers can elect to use the “search function” of the LEIE, but can only screen five employees at a time and each name must be entered manually. In addition, potential matches can only be verified individually by entering the social security number. This may work well if a provider only has to screen a handful of employees or contractors, but how would this work out if a provider has 200, 2,000, or even 20,000 employees?
The alternative, downloading the LEIE database and comparing the employee list to it, is equally problematic. Most providers simply do not have the capability to download the LEIE (which contains almost 60,000 names) and compare it with their own employee database in any reliable, or economically viable way. Another issue is the requirement that providers apply the same standard to contractors and sub-contractors as to their own employees. Contractors are unlikely to want to share their employee lists, and a provider would not want to screen the employee list of a large contractor. While the OIG does seem to recognize the issue by suggesting that providers can “choose to rely [on] screening conducted by the contractor,” it immediately follows the suggestion by reminding providers that they remain responsible for both overpayment liability and CMPs if they fail to ensure that “appropriate exclusion screening” has been conducted.
V. State OIG Exclusion Screening Requirements
It is important to remember that the OIG’s guidance addresses only federal concerns. While the OIG may be satisfied with just screening the LEIE on a “regular” basis, there are only a handful of State Medicaid Programs that would find that this satisfied their requirements. Indeed, most States require, at a minimum, that providers screen their State Exclusion List (37 States have them) in addition to the LEIE, and many also require screening of the GSA/SAM and/or other State specific exclusions lists (such as sex offender lists, elder abuse lists, etc.).
States also commonly include additional screening requirements through their provider agreements — some of which can be quite onerous. For example, in some States, applicants are required to certify that no employees or contractors are “suspended, or excluded from Medicare, Medicaid or other Health Care Program in any state”. Additionally, State exclusion lists have a wide range of formats that vary from excel spreadsheets to unsearchable PDF documents further adding to the problems with screening.
For additional information refer to OIG Exclusion and State Exclusion Lists: Which Exclusion Lists Need to Be Screened? What Is the Difference Between Them?
VI. Outsourcing of OIG Exclusion Screening is a Simple, and Affordable Solution
Exclusion Screening, LLC was created because we recognized the difficulties providers faced when seeking to comply with their exclusion screening obligations. We were determined to provide a simple, cost-effective solution to the problem and we feel strongly that we accomplished our goal.
Exclusion Screening is simple (we do all the work), cost-effective (likely to cost less than the monthly cost of the water delivered to your office), and best of all, it is a complete solution to your screening needs. Call or email me if you have any questions at: firstname.lastname@example.org or 1-800-294-0952.
Want to know more about Exclusion Screening or need help with understanding your requirements? Fill out the form below!
Paul Weidenfeld, Co-Founder and CEO of Exclusion Screening, LLC, is the author of this article. He is a longtime health care lawyer whose practice has focused on False Claims Act cases and health care fraud matters generally.
 This is an update of an article that was first published in by the National Alliance of Medical Auditing Specialists (NAMAS) and posted on this website in November, 2014. It was done with the assistance of Jonathan Culpepper.
 Sections 1128 and 1156 of the Social Security Act. Though loosely defined to include any program that provides any health benefits, the most significant of these programs are Medicare and TRICARE. Medicaid exclusions are left to the State Fraud Control Units.
 Mandatory exclusions are found at 42 USC § 1320a-7; permissive exclusions at 42 USC § 1320a-7(b).
 The Special Advisory Bulletin on the Effect of Exclusion from Participation in Federal Health Care Programs issued May, 8, 2013 replaced and superseded the 1999 Bulletin and states: “This payment prohibition applies to all methods of Federal health care program payment, whether from itemized claims, cost reports, fee schedules, capitated payments, a prospective payment system or other bundled payment, or other payment system and applies even if the payment is made to a State agency or a person that is not excluded (at page 6 of the Bulletin).
 These are examples taken from the Special Advisory Bulletin, id.
 The regulation seems to be explaining the circumstances under which CMPs are available, not extending them stating that they may be assessed where a person making a claim stating: “knew, or should have known, that the claim was false or fraudulent, including a claim for any item or service furnished by an excluded individual employed by or otherwise under contract with that person.”
 Id. at 11.
 This is the language that appears in the OIG press releases announcing settlements of exclusion violations.
 Special Advisory Bulletin, at 13-18.
 Id. at 14.
 Id. at 16.
 The System for Award Management (SAM) is the Official U.S. Government system that consolidated the capabilities of the CCR/FedReg, ORCA, and EPLS which were pre-existing debarment databases.