Office of Inspector General Releases Guidance on Compliance with Exclusion List Screening
On May 8, 2013, the Department of Health and Human Services' ("HHS") Office of Inspector General ("OIG") released a revised Special Advisory Bulletin on the Effect of Exclusion from Participation in Federal Health Care Programs ("Special Advisory Bulletin"), available here. This updated guidance supersedes and replaces the OIG's original 1999 Special Advisory Bulletin.
The Special Advisory Bulletin is a "must-read" resource for compliance officers, as well as legal counsel, human resources, finance and other managers who work to ensure that health care providers do not employ or contract with individuals and organizations that have been excluded from a Federal health care program. Under the law, no Federal health care program payment may be made for any item or service furnished by an excluded person or at the medical direction or on the prescription of an excluded person. Health care providers that violate this provision risk imposition of civil monetary penalties ("CMPs") of up to $10,000 for each item or service furnished by the excluded person, as well as an assessment of up to three times the amount claimed. In serious cases, the provider itself could face exclusion.
In the Special Advisory Bulletin, the OIG reviews the statutory history behind the OIG's exclusion authority, which Congress has strengthened and expanded over the last fourteen years. The Special Advisory Bulletin also updates discussion in the original Bulletin about the effect of exclusion, consequences for excluded persons who violate exclusion, and the effect of exclusion on health care providers. Of particular interest to health care providers is the Special Advisory Bulletin's guidance about exclusion screening, which is richer and more detailed than the discussion on that topic in the 1999 Bulletin. According to the revised Bulletin, the OIG drew this additional guidance from questions raised over the last fourteen years and public comments solicited in November 2010.
Following are some highlights from the revised Special Advisory Bulletin's guidance on the screening process:
Who Should Providers Screen for Exclusion?
- Providers should screen employees and contractors to ensure they have not been excluded from a Federal health care program. In addition, the Affordable Care Act of 2010 extends CMP liability to providers that provide other items or services prescribed or ordered by an excluded person. As a result, providers should screen physicians and other practitioners who order items and services that the provider renders.
- When determining how far downstream to screen for excluded persons, the OIG recommends that providers first determine for each job category or contractual relationship whether the item or service provided is directly or indirectly, in whole or in part, payable by a Federal health care program. If the answer is yes, the OIG recommends that the provider check all persons in that job category or who are employees or perform under the applicable contract, including volunteers who receive no payment from the provider for their services. As the OIG notes, the greatest risk for CMP liability lies with failure to do exclusion checks for individuals who provide services integral to the provision of patient care because it is more likely that those services are payable by a Federal health care program. That being said, the prohibition on payment for services furnished by excluded individuals extends beyond direct patient care to include: services performed by excluded pharmacists, transportation services, and administrative and management services.
- The OIG reminds providers that relying on an outside vendor or contractor to perform exclusion screening does not absolve providers from liability for overpayment or CMPs. For providers that do rely on outside vendors, the OIG warns them to be ever vigilant in ensuring that screening performed by the vendor or contractor is indeed occurring by, for example, requesting and maintaining screening documentation from the vendor or contractor. When providers contract with staffing agencies and rely on them to screen employees assigned to the provider for exclusion, the provider may reduce or eliminate CMP liability if it can demonstrate that it "reasonably relied" on the staffing agency to conduct exclusion checks by requiring exclusion checks in the contract and following up with the contractor to make sure that it regularly conducts exclusion screening.
Which Data Bases Should Be Checked?
- Figuring out which list or how many lists against which to screen employees and contractors can be challenging. The OIG stresses that providers should always check the OIG's List of Excluded Individuals and Entities ("LEIE"), available at http://oig.hhs.gov/exclusions. The LEIE has undergone extensive updates and revisions in the past several years. The online database contains: (1) the name of the excluded person at the time of exclusion—meaning all names used by an individual (e.g. maiden names) should be searched; (2) the excluded person's provider type; (3) the authority under which the person was excluded; (4) the state where the excluded individual resided at the time of exclusion or the state where the entity was doing business; and (5) a mechanism to verify search results, such as Social Security Number or Employer Identification Number. The OIG states that it plans to deliver two additional updates to the LEIE soon, including a National Provider Identifier for individuals and entities excluded after 2009 and information regarding waivers of exclusion granted by OIG. Currently, the OIG's exclusion waivers can be found by searching http://oig.hhs.gov/exclusions/waivers.asp.
- In addition to the OIG's LEIE, other lists maintained by the Federal government include: the General Services Administration's ("GSA") Excluded Parties List System ("EPLS"), GSA's System for Award Management ("SAM"), the National Practitioner Data Bank ("NPDB") and the Health Care Integrity and Protection Databank ("HIPDB"). The good news is that the list has gotten a little shorter as the GSA recently migrated the EPLS to its SAM database and HHS will be merging the HIPDB into the NPDB. Not surprisingly, OIG recommends that providers rely on its LEIE in lieu of SAM or the NPDB because the LEIE provides more details about excluded persons and is updated monthly. Additional information about SAM is available at https://www.sam.gov and additional information about NPDB is available at http://www.npdb-hipdb.hrsa.gov.
- A provider's work is not done once it has checked the LEIE. A provider must also screen employees and contractors against its State exclusion database. For example:
- The Connecticut Exclusion Database is available at
- The New York Exclusion Database is available at http://www.omig.ny.gov/index.php/fraud/medicaid-terminations-and-exclusions
- The Pennsylvania Exclusion Database is available at http://www.dpw.state.pa.us/publications/medichecksearch/index.htm
- The Connecticut Exclusion Database is available at
How Often Should Exclusion Checks Be Done?
- While there is no statutory or regulatory requirement to check the LEIE, OIG recommends that providers screen their employees and contractors for exclusion prior to employment or engagement. In addition, providers should conduct exclusion checks on a regular basis for existing employees and contractors.
- Since there is no statutory or regulatory obligation to check the LEIE specifically, there is no legal requirement addressing the frequency of exclusion checks. Recent OIG Integrity Agreements require annual checks. Some providers check annually, some check quarterly and others check monthly.
- For the first time, the OIG has provided guidance on the frequency of LEIE checks. Pointing out in the Special Advisory Bulletin that it updates the LEIE on a monthly basis, the OIG advises providers to check the LEIE monthly to minimize the risk of CMP liability. While the OIG is not requiring monthly checks and simply suggesting that they be done as guidance, providers that conduct monthly checks may be in a better position to defend situations in which excluded persons are discovered on their payrolls or among their vendors and other contractors.
- When deciding how frequently to perform exclusion screening, providers must also check their state's requirements. Many states require or recommend monthly checks of their databases in response to guidance from the Centers for Medicare and Medicaid Services in 2009 and 2011 recommending that states require monthly screening. For example, in Connecticut, the Department of Social Services issued a notice to providers suggesting but not mandating monthly checks. See https://www.ctdssmap.com/CTPortal/Information/Get%20
How Should Exclusion Checks be Documented?
The OIG suggests that providers maintain documentation of all searches performed in order to verify the results of potential name matches. The OIG provides the example of capturing screen shots of the results of the name search as a way to document exclusion checks performed by providers.
What Happens When the Check Reveals that an Employee or Contractor Has Been Excluded?
- Obviously, the provider should not employ an individual or enter into a contract if the provider's screening shows that the prospective employee or contractor has been excluded.
- A provider may choose to employ or contract with an excluded individual or organization without risking CMP liability only in very narrow circumstances. For example, a provider may employ or contract with an excluded person as long as that individual only provides items or services that are not paid for through Federal health care program dollars; no Federal dollars may be used directly or indirectly to pay for items or services provided by or ordered by an excluded individual. Again, the provider must also ensure that such employment or contract does not run afoul of state requirements, which likely means that the excluded individual or organization cannot provide items or services that will be paid for directly or indirectly with state dollars.
- If a provider discovers that it has employed or contracted with an excluded person or organization, the provider may wish to disclose this information to the OIG using the OIG's Self-Disclosure Protocol ("SDP"). The OIG recently updated the SDP at the end of April 2013. The updated SDP contains specific guidance on making disclosures involving exclusions, including guidelines on how to calculate potential overpayments. Whether to make a disclosure to the OIG is a significant decision and it is advisable to involve legal counsel to ensure discussions about options for self-disclosure are conducted in a privileged manner and informed by a full assessment of legal risks and options. For additional information about the changes to the SDP, please see our advisory at http://www.wiggin.com/oig-revamps-self-disclosure-protocol.
* * *
Wiggin and Dana's Health Care Compliance team regularly counsels clients on compliance with exclusion screening obligations. We also represent clients in federal and state exclusion proceedings, as well as self-disclosures and government investigations involving excluded persons. Please feel free to contact any member of our Health Care Compliance team if you have questions about this advisory or need assistance on a matter.