LEIE Screening: How to Run OIG Exclusion Checks and Stay Compliant

Understanding the OIG Exclusion List

LEIE screening is a core compliance control for any organization that bills federal health care programs. The OIG Exclusion List—formally the List of Excluded Individuals/Entities (LEIE)—identifies people and organizations barred from participation in Medicare, Medicaid, and other federal programs.

When an excluded person or entity participates in any way in furnishing items or services payable by a federal program, those claims are not payable. Employing or contracting with such parties can create overpayments and trigger Civil Monetary Penalties, making proactive screening and prompt remediation essential.

Exclusions may be mandatory or permissive and commonly stem from program-related fraud, patient abuse or neglect, license revocation or suspension, or certain felony convictions. Because the LEIE is updated monthly, your Screening Frequency should at least align to that cadence and be supported by reliable Compliance Documentation.

Implementing Screening Requirements

Define scope and policy

Adopt a written policy that requires LEIE screening for all W‑2 employees, licensed independent practitioners and medical staff, temporary or agency workers, students and volunteers in patient-care areas, owners and officers with operational control, and contractors or vendors whose work touches federally reimbursable items or services. Include ordering, referring, and prescribing practitioners even if they are not on payroll.

Set Screening Frequency

Set Screening Frequency to at least monthly for active populations and at onboarding/credentialing before any work begins. Increase frequency for higher-risk roles, for units with prior findings, or if a state Medicaid agency or payer contract requires more frequent checks. Apply the highest applicable standard across your enterprise.

Assign responsibilities

• Compliance drafts policy, oversees monitoring, and adjudicates matches.
• HR and the medical staff office maintain accurate rosters and identifiers.
• Supply chain ensures vendor and subcontractor screening and attestation.
• IT supports automation, secure data handling, and audit logging.

Protect PII and maintain proportionality

Use Social Security Number Verification and date of birth only to confirm potential matches and only when legally permissible. Minimize access to sensitive data, encrypt storage and transmission, and retain identifiers no longer than necessary to meet legal and operational needs.

Conducting the Screening Process

Step 1: Prepare a clean roster

Compile a de-duplicated roster with legal name and known aliases, date of birth, NPI (if any), professional license numbers and states, role and work location, start/end dates, and the last four digits of SSN (or EIN for entities) where appropriate. Standardize name formats to reduce false positives.

Step 2: Search the OIG Exclusion List

Search the LEIE using exact names and common variants, and include “doing business as” names for entities. Record the dataset version and the date/time of each search. For large populations, consider batch screening solutions or the monthly downloadable dataset to improve coverage and repeatability.

Step 3: Triage results

• Clear non-matches where identifiers and demographics plainly differ.
• Flag potential matches that share name and some demographics for verification.
• Escalate likely matches immediately and pause work that could generate federal claims.

Step 4: Verify potential matches

Confirm identity using multiple data points: Social Security Number Verification (or EIN for entities), date of birth, NPI, professional license numbers, and historical addresses or employers. Do not rely on name alone. Obtain attestations when needed and document each step of the verification.

Step 5: Adjudicate and act

For confirmed exclusions, remove the individual or entity from any activity tied to federal program reimbursement, quarantine related claims, and initiate corrective action. For cleared non-matches, record the rationale and identifiers that differentiated the records to support future audits.

Step 6: Maintain an audit trail

• Roster snapshot used for the cycle and who approved it.
• Search logs with timestamps, searcher, and data source/version.
• Match files, verification evidence, adjudication notes, and approvals.
• Issue tracking for corrective actions and completion dates.

Managing State Medicaid Exclusion Lists

Federal screening alone is not sufficient. Many states publish their own State Medicaid Exclusions that extend beyond the federal LEIE. If you bill or provide services in a state, screen that state’s list in addition to the federal list to avoid state-level overpayments, sanctions, or network actions.

Because state lists vary in data fields, update schedules, and naming conventions, build a harmonized workflow. Map each site of service to its applicable state lists, normalize data (e.g., license numbers and suffixes), and document the source and date of each state dataset used in screening.

When a state has no formal list, use risk-based substitutes such as state licensing board actions aligned with your Medicaid participation requirements, and document the rationale in your Compliance Documentation.

Documenting Compliance Efforts

Strong Compliance Documentation makes your program defensible and speeds investigations. Capture not just outcomes but also the design and execution of your process so you can demonstrate reasonable diligence.

• Approved policy and procedures describing scope, Screening Frequency, roles, and escalation paths.
• Rosters, data mappings, and control checks that ensure population completeness.
• Search logs, result exports, match workpapers, and decision memos with sign‑offs.
• Vendor and practitioner attestations (supplemental to—not a substitute for—screening).
• Training records, monitoring dashboards, internal audit reports, and corrective actions.
• A retention schedule (often 7–10 years, or longer if required by contract or law) and secure storage.

Addressing Non-Compliance Consequences

Employing or contracting with an excluded person or entity can lead to repayment of associated claims, Civil Monetary Penalties, assessments, and potential False Claims Act exposure if overpayments are not identified and returned in a timely manner. Plans or agencies may impose contractual remedies, including termination or heightened oversight.

If you discover participation by an excluded party, act immediately: stop the activity, segregate and review impacted claims, remove system access, notify leadership, and begin quantifying exposure. Evaluate whether the matter warrants disclosure through a payer, a state program, or the OIG’s Self-Disclosure Protocol, and implement corrective actions to prevent recurrence.

Mitigating factors often include prompt self-identification, documented Screening Frequency, rapid remediation, and evidence of a robust, well‑managed program.

Enhancing Screening with Best Practices

• Adopt risk-based Screening Frequency beyond the minimum for high‑impact roles and high‑volume vendors.
• Automate recurring searches and match adjudication where possible, with human review for edge cases.
• Standardize names and identifiers, and capture aliases at onboarding to reduce false positives.
• Embed screening into HRIS, credentialing, and procure‑to‑pay workflows so no one starts work or billing without clearance.
• Require contract clauses obligating vendors and staffing agencies to conduct screening and notify you of exclusions.
• Educate managers and schedulers so they understand that assignments and billing must stop immediately upon a positive match.
• Perform periodic independent audits to test population completeness, match accuracy, and documentation quality.
• Prepare playbooks for investigations, refunds, and the Self-Disclosure Protocol to shorten response times.

In summary

Build a clear policy, screen at onboarding and monthly thereafter, include state lists where you operate, verify potential matches with strong identifiers, and keep rigorous records. These steps make LEIE screening reliable, reduce false positives, and position you to respond decisively if issues arise.

FAQs

How often should LEIE screening be conducted?

Screen at onboarding or credentialing and at least monthly thereafter for all employees, medical staff, contractors, and relevant vendors. Increase frequency for higher‑risk roles or where state Medicaid or payer contracts impose stricter requirements, and document your chosen Screening Frequency and rationale.

What are the consequences of hiring an excluded individual?

Claims tied to items or services furnished by, or under the direction of, an excluded person are not payable. Organizations typically must return associated reimbursements and may face Civil Monetary Penalties, assessments, contractual sanctions, and potential False Claims Act exposure if overpayments are not identified and repaid promptly.

How do you verify potential matches on the LEIE?

Never rely on name alone. Confirm identity using multiple data points—Social Security Number Verification (or EIN for entities) where permissible, date of birth, NPI, professional license numbers, and historical addresses or employers. Document the evidence and the adjudication decision in your Compliance Documentation.

How can organizations document compliance with LEIE screening?

Maintain a written policy, population completeness checks, search logs with timestamps and data source versions, match workpapers, decision memos, and proof of remediation. Keep vendor and practitioner attestations, training records, internal audit results, and a clear retention schedule so your Compliance Documentation demonstrates design, execution, and continuous improvement.