After finding a confirmed exclusion among your employees, vendors, contractors, or volunteers there are several options you can take. Each case with a confirmed exclusion is fact-specific, there is no “rubber-stamp” approach to this problem. This article discusses and outlines possible paths that can be taken by entities after finding a confirmed exclusion.
I. Review of Exclusions
“Exclusions” are final administrative actions by State or Federal agencies that bar participation in a sponsored benefit program. An agency has the power to exclude parties within the area they control. The OIG excludes parties from Medicare, while states can exclude parties from their State Medicaid Program. Exclusions occur when the party poses an unacceptable risk to the integrity of the program and to the beneficiaries the program serves. They often happen after patient abuse, fraud, drug convictions, or licensure issues, among other offenses. Confirmed exclusions not only pose a risk to program integrity but to your organization as well. Working with an excluded party, either directly and indirectly, risks overpayments, civil money penalties, and false claim act violations. These parties are also a direct risk to your organization. They have done some wrong in the past, who is to say they will not happen while in your organization.
Screening for exclusions is not just for ‘checking the box’. You do not do it simply because you have to, but rather it is important to do to protect your organization. It is often difficult for providers to understand what exclusion screening requirements are. Different terminologies cause a lot of confusion. Both on the federal level and the state level, exclusions go by many names. Common ones are debarments, sanctions, suspensions, preclusions, or terminations. While a criminal action may cause a party to be added to the GSA/SAM, a debarment list, it may not cause the party to be added to the OIG/LEIE, an exclusion list. Additionally, while some actions may add a party to a state exclusion list, it may not fulfill the requirements of an exclusion ‘for cause’ and will not end up on the OIG/LEIE.
State Medicaid requirements add another layer of complexity to screening requirements. Currently, 42 states have their own exclusion lists. Some states that do not have a list submit their exclusions to the OIG/LEIE (however they often fail to do so). State authorities also require different screening minimums. Louisiana, which has the most onerous requirements in the nation, requires that not only you or your employees, vendors, contractors, and volunteers are not excluded but you must certify under penalty of perjury that no one has EVER been excluded from the State of Louisiana or ANY other healthcare program. In Louisiana it is also a crime to bill to Medicare while excluded, not only an administrative sanction and fine.
II. Broad Scope of the Payment Prohibition
Federal and State programs will not pay for any goods or services that have been furnished, directly or indirectly, by excluded individuals or entities. This applies to virtually all services connected to the practice (i.e. billing, claims, accounting services; human resources and IT services: transportation services including drivers, extending to dispatchers); and virtually all payors (i.e. fee for service Medicare; Medicare Advantage and Medicare D Plans; all fee for service Medicaid programs; all Medicaid Managed Care Plans); and most private payors (more and more private plans are including exclusion screening in their contracts).
A. Civil Money Penalties Authority of the OIG for Employing or Contracting with an Excluded Parties
B. Other Enforcement Risks – Overpayments
Overpayments can occur while billing a government healthcare program while working with an excluded party. The added danger is that failure to report an overpayment can result in a False Claims Act violation. Additionally, if a provider agreement with a private insurance company includes screening for exclusions, they may also charge for overpayments. However, they have no ability to issue CMPs and False Claim Act violations.
III. Compliance Through Screening Employees, Vendors and Contractors
Bottom line, providers must take action to ensure that they are not working with an excluded party. While there are many different sets of regulations from many different programs, best practices include:
- Screening employees, vendors and contractors upon hire
- Screening monthly thereafter
- Screening direct and indirect owners; directors, agents and managers
- Screening the OIG/LEIE, all State lists, the GSA/SAM, and any other lists relevant to your specific practice
It should be noted that a lot of providers should go one step farther and ensure that no party they receive referrals or prescriptions from and no one they refer or entity that fills the prescription is also excluded (although they are not vendors or contractors they are a business relationship that should be screened).
IV. We Screened and Found a Confirmed Exclusion! What Should We Do Now?
- Is the excluded party a new employee or a long-time employee?
- How long have you been screening?
- Is this a “new” exclusion?
- Is this a contractor or a contract employee who was screened by a third party?
- Were you relying on someone else to screen (such as a staffing agency)?
- What exactly does the person do?
- Are they a direct biller to Federal or State healthcare programs?
- Do they indirectly provide services to such a program?
- Do you want to employ this person? If so can they be completely walled off from Federal and State (and if applicable, private plan) payors?
V. Issue 1: Ongoing Employment
When deciding what to do with the confirmed exclusion it is important to do a thorough investigation. Exclusions can occur for serious crimes such as patient abuse, but also less serious offenses such as failure to pay back a loan. After the investigation, ask how badly do you want to work with this party? There are options available to keep them on board, however, many of them are difficult.
Exception 1: Walled off from direct or indirect services to beneficiaries
Exception 2: Walled off but for contracted employees
If an owner employs or contracts with an excluded person to furnish items or services solely to non-Federal healthcare beneficiaries, a participating provider would not be subject to CMP liability. An example of this is utility companies, they may hire an excluded individual but that would not subject you to CMPs.
Exception 3: Seek a Waiver
The administrator of a Federal healthcare program has the authority to request an exclusion waiver from a mandatory exclusion unless the exclusion action has been based on a conviction under Federal or State law related to neglect or abuse. To request an exclusion waiver from the OIG, the Administrator of the Federal healthcare program must first determine that:
“(1) The individual or entity is the sole community physician or the sole source of essential specialized services in a community; and
(2) The exclusion would impose a hardship on beneficiaries (as defined in section 1128A(i)(5) of the Act) of that program.”
If an exclusion action has been based on one of the OIG’s permissive authorities, the OIG can only grant a waiver of the exclusion action if the agency determines that imposition of the exclusion would not be in the public’s interest. Generally, getting a waiver is difficult. This isn’t something the excluded party can submit, it is usually submitted by the provider to an agency administrator who then sends it to the OIG.
Exception 4: Seek an Advisory Opinion from the OIG
There are a small handful of Advisory Opinions involving the proposed employment of an excluded individual and it is noted that the OIG held that none of the three already existing proposed arrangements involving an excluded party would give rise to CMP sanctions; however, these are all “one-off” circumstances in which the financial and reimbursement relationship between the participating provider and the excluded individual was extremely tenuous. This is an expensive, and likely to be unproductive, way to proceed.
VI. Issue 2: Resolving Potential Overpayment and Civil Monetary Penalty Liability
A. The Self-Disclosure Protocol
Self-disclosure require responses to the following:
- The name, address, and type of healthcare provider, provider identification number(s), and tax identification number(s) of the disclosing party and government payors (including Medicare contractors) to which the disclosing party submits claims.
- Detailed ownership information and disclosures
- A concise statement of all the details relevant to the conduct disclosed, including, at a minimum, the types of claims, the conduct that occurred; and the names of entities and individuals believed to be implicated, including an explanation of their roles in the matter.
- A statement of the Federal criminal, civil, or administrative laws that are potentially violated by the disclosed conduct.
- The Federal health programs affected by the disclosed conduct.
- An estimate of the damages, or a certification that the estimate will be completed and submitted to the OIG within 90 days.
- Cost related to the employment of the excluded party.
- Payer mix
- A description of the disclosing party’s corrective action upon discovery of the conduct.
- Whether the disclosing party has knowledge that the matter is under current inquiry by a Government agency or contractor.
- The identity of the excluded individual, the jobs they performed, dates of employment, etc and any provider identification number.
- A description of any background checks that the disclosing party completed before and/or during the individual’s employment or contract.
- A description of the disclosing party’s screening process (including any policy or procedure that was in place) and any flaw or breakdown in that process that led to the hiring or contracting of the excluded individual.
- How the conduct was discovered.
- Corrective actions
B. Calculation of Damages
1. If the Confirmed Exclusion is a Direct Billers
Since every claim made by an excluded direct biller is an overpayment and subject to CMPs; providers in this situation are strongly advised to seek counsel on the best way to resolve both of these issues. There are options such as repayment to the contractor and state separately, but ultimately the provider must come to terms with the OIG.
2. If the Confirmed Exclusion Provides Services that are Indirectly Billed
The guidance provides the following format for calculating the “overpayment” in these circumstances:
- Calculate all compensation (including benefits) given to the person
- Calculate the Federal and State payer mix
- Preform a computation in which the compensation divided by the payer mix is a “proxy” for the overpayment
- For example: If the compensation was $1,000 and the payer mix was 50% Medicare, the overpayment would be $500
- The provider would have to resolve the potential CMP liability, but generally if one comes forward in good faith it can generally be reasonably resolved
If the proxy total is under $10,000 the OIG will usually not issue CMPs as it does not meet its threshold.
VII. Final Thoughts
Do NOT ignore the OIG and the State exclusion lists, they are the chosen formats the OIG and the States for the public dissemination of the information contained in them. Providers are presumed to know if any of their employees, vendors or contractors are on any of the exclusion lists and are subject to liability if it is determined they are. Failure to screen is not an excuse. Additionally, if there were to be an accident or incident resulting in harm to a patient or financial loss to the practice and if the harm was caused by, or related to an employee of the practice that was in any published list the judge or jury would have no sympathy for the organization that did not screen.
It is important to screen, at the bare minimum, the OIG-LEIE, GSA-SAM, and all available state exclusion lists (41 of them at last count) upon hire and monthly thereafter. However, many providers will find this task nearly impossible. The difficulty stems from several factors: there is no uniformity in the list formats (they could be in WORD, Excel or PDF); each list contains different fields on information; States have different reasons and standards for including people on their list; and some States may have little to identify the person or entity beyond a name and city. In short, as with many other necessary services, providers will benefit from specialized assistance in meeting this regulatory obligation.
For this reason, it is recommended that providers consider hiring a 3rd party vendor to assist in screening. BUT, providers should be aware that vendor services, and the costs they charge, often vary widely. Thus, providers are urged to consider more than one vendor and to compare the specific services they will receive and the costs of each service. As part of this process, we hope that you will give Exclusion Screening the opportunity to demonstrate what we can do and how we can help.
To be able to see the video use the following password Exclusion
A Provider’s Guide to OIG ExclusionsFederal Exclusion Regulations and Enforcement Authorities, and How Providers Can Avoid Risk with Proper Exclusion Screening–Part 1
Paul S. Weidenfeld, JD
ABOUT THE AUTHOR
“OIG” in this paper refers to “Office of Inspector General, Department of Health and Human Services” unless otherwise stated. The term “OIG Exclusion” is used as shorthand for an administrative action taken by the OIG barring an individual or entity from participating in Federal health care programs pursuant to §1128(a)(1)-(4), (b)(1)-(b)(16) or §1156 of the Social Security Act (SSA).
 This article focuses on exclusions from a regulatory and enforcement perspective, but exclusions also play a critical role in compliance and risk management programs. See, e.g., HCCA, Measuring Compliance Program Effectiveness: A Resource Guide (Jan. 2017), available at ttps://oig.hhs.gov/compliance/compliance-resource-portal/files/HCCA-OIG-Resource-Guide.pdf. (guidance reconfigures the traditional “Seven Elements of an Effective Compliance Program” and makes the “Screening and Evaluation of Employees, Physicians, Vendors and other Agents” an element unto itself – or the new “Seventh Element of Compliance”).
 The Medicare-Medicaid Anti-Fraud and Abuse Amendments of 1977, Public Law 95–142. In 1979, the Department of Health Education and Welfare was renamed the Department of Health and Human Services (HHS).
See e.g. Crackdown on Health Care Fraud, https://www.nytimes.com/1995/12/22/us/in-crackdown-on-health-care-fraud-us-focuses-on-training-hospitals-and-clinics.html.
 In addition to establishing the principle of insurance portability, HIPAA contained several provisions related to health care fraud enforcement, including containing legislation that significantly increased the ability of law enforcement agencies to obtain and share information and establishing the Health Care Fraud and Abuse Fund (HCFAC) as a permanent funding source specifically designated for health care fraud enforcement.
 The effect of an OIG Exclusion is addressed in the Special Advisory Bulletin on the Effects of Exclusion from Federal Health Care Programs,” issued September 2, 1999, and in the “Updated Special Advisory Bulletin on the Effect of Exclusions from Participation in Federal Health Care Programs,” issued May 8, 2013. Hereinafter, the initial advisory will be referred to as the “1999 Special Advisory” and the update will be referred to as the “Updated Special Advisory” or the “2013 Special Advisory.” The 1999 Special Advisory can be found at: https://oig.hhs.gov/fraud/docs/alertsandbulletins/effected.htm; the 2013 Updated Special Advisory can be found at https://oig.hhs.gov/exclusions/files/sab-05092013.pdf.
 Inspector General June Gibbs Brown, in the press release for the 1999 Special Advisory.
 See 42 C.F.R. § 1001.10. Definitional changes were made to direct and indirect claims pursuant to rulemaking authority granted to the OIG in the MMA and the ACA; See also, OIG Advisory Opinion No. 18-01 at 5 (Feb. 20, 2018) available at https://oig.hhs.gov/fraud/docs/advisoryopinions/2018/AdvOpn18-01.pdf.
 The Data in the figures in this section come from the exclusion data reportered in the List of Excluded Individuals/Entities (LEIE) by calendar year.
 The data in the charts in this section comes from exclusion data reported in the List of Excluded Individuals/Entities (LEIE).
 These calculatiosn are based on the composition of the LEIE through December 31, 2017.
 See, §§ 1128(c)(3)(G)(i) and (G)ii of the SSA. See also 82 Fed. Reg. 4100.
 See https://oig.hhs.gov
 See Criteria for implementing section 1128(b)(7) exclusion authority (April 18, 2016) available at https://oig.hhs.gov/exclusions/files/1128b7exclusion-criteria.pdf. The OIG breaks these down into “high risk factors,” “low risk factors,” and factors that have “no effect.” High risk factors include the impact on beneficiaries cooperation, and whether an adverse licensing action occurred. “Lower risk” factors include acceptance of responsibility and self-disclosure. Factors that are “expected,” and thsu have “no effect”, are coopearation in the investigation and having a compliance plan with the seven elements of compliance.
 See Guidance for the Implentation of its Permissive Exclusion Authority Under Sectino 1128(b)(15) at 1, available at https://oig.hhs.gov/fraud/exclusions/files/permissive_excl_under_1128b15_10192010.pdf. The guidance was issued because 1128(b)(15) provides for exclusion based on whether the individual in question is either an owner or an officer or a managing employee and the analysis is different for each.
 Criteria for implementing section 1128(b)(7) exlcusion authority (April 18, 2016) avialable at https://oig.hhs.gov/exclusions/files/1128b7exclusion-criteria.pdf.See also 81 Fed. Reg. 88, 334 (Dec. 7, 2016): “In 1981, Congress enacted the CMPL, section 1128A of the Act (42 U.S.C. §1320a-7a), as one of several administrative remedies to combat fraud and abuse in Medicare and medicaid”
Id. 81 Fed. Reg. at 88.
 This is a listing of the CMP authorities related to exclusion violations. A complete listing of the OIGs CMP authorities can be found on the OIG’s website, or at 42 C.F.R. § 1003.210.
 The OIG may also impose a penalty or, when applicable, an assessment, against a Medicare Advantage or Part D contracting organization with a contract under section 1857 or 1860D-12 of the SSA if any of its employees, agents, or contracting providers violate § 1003.400(a) – (d).
 The penalty amounts for CMPs and assessments are updated annually and are published at 45 C.F.R. § 102.
 A discussion of the change is found in 81 Fed. Reg. 88, 334 (Dec. 7, 2016).
 See 42 CFR § 1004.140(c); see also Criteria for implementing section 1128(b)(7) exclusion authority (April 18, 2016), available at https://oig.hhs.gov/exclusions/files/1128b7exclusion-criteria.pdf..
See § 3729(a)(1) of the Fraud Enforcement Recovery Act of 2009 and § 6401of the Affordable Care Act (2010).