OIG Exclusion Screening for Fraud, Waste & Abuse: Requirements and Best Practices

OIG Exclusion Screening Requirements

OIG exclusion screening is the process you use to ensure no individual or entity that is excluded by the U.S. Department of Health and Human Services Office of Inspector General participates in items or services reimbursed by a federal healthcare program. You do this by checking the List of Excluded Individuals/Entities LEIE and documenting results before work begins and throughout the relationship.

Your program should cover anyone who contributes—directly or indirectly—to services or supplies billed to a federal healthcare program. That typically includes employees, medical staff, contractors, vendors, temps, volunteers in patient-facing roles, executives, owners, and governing board members whose decisions influence billing or care delivery.

• Screen against the LEIE using reliable identifiers (full name, aliases, date of birth, NPI, SSN/Tax ID where permissible).
• Maintain Compliance Documentation: search dates, data sources, match results, and final determinations for each person or entity.
• Resolve potential matches through secondary verification and keep a clear audit trail of your decision-making.
• Extend screening requirements to subcontractors through contract clauses and attestations.
• Include event-driven screening when roles change, names/NPIs update, or new affiliates join your network.

Exclusion Enforcement is strict: federal programs will not pay for items or services furnished, ordered, or directed by an excluded party. Solid documentation and repeatable processes protect you if questions arise later.

Purpose of Screening

The primary purpose is to safeguard Federal Healthcare Program Integrity by preventing payments tied to excluded parties. Done well, screening reduces the risk of fraud, waste, and abuse, preserves program dollars for patient care, and demonstrates your organization’s good-faith compliance posture.

Screening also enables prompt remediation if a match occurs, helping you avoid downstream overpayments, claim denials, and reputational harm. Consistent controls make it easier to respond to audits and payer inquiries.

Responsible Parties

Accountability typically sits with your compliance officer, supported by HR, medical staff services/credentialing, supply chain, revenue cycle, and IT. Department leaders own day-to-day execution for their teams, while legal and internal audit provide oversight and testing.

Contracting teams should embed screening obligations into vendor and practitioner agreements, require periodic attestations, and ensure obligations flow down to subcontractors. Executive leadership and the board should receive routine reporting on screening metrics, exceptions, and corrective actions.

Screening Frequency

Screen at onboarding (or before credentialing/contract execution) and continue on a recurring schedule. Monthly checks against the LEIE are widely regarded as the minimum best practice and align with OIG guidance; some payers and states expect the same cadence. Increase frequency for high-risk roles or where your risk assessment indicates elevated exposure.

• Pre-hire/Pre-contract: complete screening before start of work.
• Ongoing: run monthly screenings and after key events (name changes, licensure actions, mergers, or role changes).
• Exit: document a final check when relationships end, especially for leadership and billing-sensitive roles.

Automate scheduling and alerts so no cycle is missed, and record all “no-match” results to prove continuous monitoring.

Best Practices for Compliance

Design a risk-based policy and scope

• Define who must be screened, what identifiers you collect, and how you will resolve potential matches.
• Map screening touchpoints across onboarding, credentialing, vendor management, and revenue cycle.

Use strong data and matching methods

• Capture multiple identifiers (legal name, aliases, DOB, NPI, Tax ID) to reduce false positives.
• Standardize name formatting and maintain a history of prior names and corporate DBAs.

Leverage technology responsibly

• Adopt Automated Screening Tools to run monthly batches, flag potential matches, and maintain immutable logs.
• Protect PII with access controls and retention schedules that meet regulatory expectations.

Respond and remediate quickly

• Isolate the individual/entity from federally reimbursable activities upon a probable match.
• Conduct secondary verification, assess billing exposure, and initiate refunds/adjustments if needed.
• Consider self-disclosure pathways when appropriate and implement corrective action to prevent recurrence.

Document, train, and oversee

• Keep comprehensive Compliance Documentation, including governance approvals, procedures, training, and monitoring reports.
• Provide role-based training and test controls via internal audit or independent review.
• Report metrics and incidents to leadership and your board compliance committee.

Consequences of Non-Compliance

Allowing an excluded party to participate in federally reimbursed services can trigger claim denials, overpayment recoupments, and Program Funding Loss. The OIG may impose Civil Monetary Penalties CMP, and certain fact patterns may create exposure under the False Claims Act or lead to corporate integrity obligations.

• Financial: repayment of affected claims, CMP assessments, and potential multiplier effects from broader enforcement.
• Operational: disruption to clinical services, emergency recredentialing, and contract termination by payers.
• Reputational and strategic: damaged stakeholder trust and increased scrutiny during future audits.

Federal Healthcare Programs Covered

Exclusion rules apply to federal healthcare programs and all items or services they fund. This includes Medicare (Parts A, B, C/Medicare Advantage, and D), Medicaid, Medicaid managed care, the Children’s Health Insurance Program (CHIP), and programs such as PACE and other HHS-funded initiatives. Managed care payments and downstream subcontractor activities are included when federal dollars are the source.

If there is any possibility that federal funds touch the activity—even indirectly—treat it as in scope and screen the people and entities involved before work begins and throughout the relationship.

Conclusion

Define a clear policy, screen comprehensively and monthly, use reliable identifiers and Automated Screening Tools, and keep strong documentation. These steps strengthen Federal Healthcare Program Integrity, enable swift Exclusion Enforcement when needed, and protect your organization from CMPs, repayment risk, and broader compliance fallout.

FAQs

What is OIG exclusion screening?

It is the control process you use to confirm that employees, medical staff, contractors, and vendors are not listed on the OIG’s List of Excluded Individuals/Entities LEIE before they perform work tied to federally reimbursed items or services, and to keep verifying that status on a recurring basis.

How often should OIG exclusion screening be performed?

Screen at onboarding and then monthly thereafter, which is the widely accepted best practice aligned with OIG guidance. Increase the cadence for higher-risk roles or as required by your payers or state programs.

What are the penalties for non-compliance with exclusion screening?

Consequences can include claim denials, overpayment refunds, Program Funding Loss, Civil Monetary Penalties CMP, potential False Claims Act exposure in certain circumstances, and reputational damage that invites further oversight.

Who must comply with OIG exclusion screening requirements?

Any organization or practitioner involved in items or services reimbursed by federal healthcare programs—such as hospitals, physician groups, clinics, labs, pharmacies, home health agencies, DME suppliers, and managed care participants—must screen their workforce and vendors, and ensure subcontractors do the same.