Business ViewINSIGHTS

Zero Tolerance for Exclusions

wchinsights

Essential OIG and OMIG Compliance Requirements for Every Healthcare Practice

by Eldar Murtazaev, Legal Counsel, WCH   

The integrity of government-funded health care programs is a paramount concern that extends from the federal to the state level. For WCH Service Bureau—as for any entity operating within New York’s healthcare landscape—compliance is not a singular obligation but a dual-layered responsibility. It requires adherence to the stringent standards set forth by the U.S. Department of Health and Human Services Office of Inspector General (OIG) while simultaneously fulfilling the mandates enforced by the New York State Office of the Medicaid Inspector General (OMIG). The protection of taxpayer funds, originating from both federal and state sources, demands a vigilant and unwavering commitment to ensure that excluded parties do not participate in the delivery of care or any administrative services connected to it. This commitment is operationalized through the systematic and recurring screening of all individuals and entities associated with an organization against the OIG’s List of Excluded Individuals/Entities (LEIE) and the OMIG Excluded Provider List.   

The Formalization of Exclusion Screening  

The formalization of exclusion screening as a mandatory component of healthcare compliance began not with a technological revolution, but with a clarion call from regulators in the late 1990s. While the OIG’s authority to exclude parties existed for years prior, it was the agency’s push to foster corporate accountability that transformed screening from an ad hoc practice into a systematic duty. The pivotal moment arrived in 1998 with the publication of the OIG’s Compliance Program Guidance for Third-Party Medical Billing Companies. This document served as the foundational text, explicitly instructing the industry for the first time that billing companies “should check the OIG’s List of Excluded Individuals/Entities… to ensure that none of its employees or contractors are excluded” and, critically, that they should “also check to ensure that its physician-clients are not excluded.” This established a clear, non-delegable responsibility. The guidance was soon followed by similar documents for hospitals and other provider types, creating a consistent expectation across the healthcare landscape, with OMIG aligning its state-level requirements to mirror these federal standards. Initially, this was a manual, labor-intensive process, requiring providers to download monthly files and conduct name-by-name checks. The principle, however, was firmly established: ignorance was no longer a defense. The era of “should have known” had begun, laying out the groundwork for the rigorous, monthly, and technologically assisted screening protocols that are the non-negotiable standard of today.   

The Legal Foundation  

The legal foundation for this duty is robust and exists at both jurisdictional levels. The OIG derives its authority from Sections 1128 and 1156 of the Social Security Act, which permit the exclusion of individuals and entities for a range of offenses, including program-related fraud, patient abuse, or controlled substance violations. In parallel, the New York State OMIG operates under the authority of Social Services Law § 363-d, which explicitly requires all Medicaid-participating providers to implement an effective compliance program. A core element of this state-mandated program, as delineated by OMIG, is “checking the exclusion status of all affected individuals.” The term “affected individuals” is intentionally broad, encompassing an organization’s own employees, contractors, vendors, and, crucially, all rendering, ordering, and referring providers for whom it bills or credentials. An exclusion by either body constitutes a definitive prohibition on payment. The OIG’s Special Advisory Bulletin on the Effect of Exclusion is unequivocal: “No payment may be made for any items or services furnished by an excluded individual or entity, or at the medical direction or on the prescription of an excluded physician.” This federal prohibition is mirrored in New York’s enforcement stance, which treats claims involving excluded parties as improper Medicaid payments.   

The Repercussions  

The repercussions for failing to adhere to these prohibitions are severe and potentially cumulative. An organization can be penalized separately by both federal and state authorities for a single instance of employing or contracting with an excluded individual. The OIG may impose Civil Monetary Penalties (CMPs) averaging approximately $20,000 and reaching up to $28,619 per item or service furnished by an excluded person (reflecting the 2025 adjusted amount), while New York State can levy its own significant monetary penalties for the same infraction. Beyond penalties, any payment made by Medicare or Medicaid for services connected to an excluded party is considered an overpayment, which must be promptly identified, reported, and returned. New York’s compliance program regulations specifically require that “any identified Medicaid program overpayments be reported, returned, and explained.” Furthermore, the entity that employed or contracted with the excluded individual faces the ultimate sanction: exclusion from participation in all Federal health care programs and the New York State Medicaid program. For a provider or a billing company, such an exclusion is a severe measure that jeopardizes operations. Submitting claims involving an excluded party can also trigger liability under the federal and New York State False Claims Acts, potentially leading to treble damages and additional penalties.   

To Mitigate These Substantial Risks (WCH Protocol)  

To mitigate these substantial risks, WCH Service Bureau implemented a defensible screening protocol that is comprehensive in scope, rigorous in methodology, and meticulously documented. The screening encompasses every individual or entity that could potentially furnish items or services payable by a government program. This includes all employees, from clinicians to administrative staff; all contractors and vendors, such as IT consultants and billing companies; and all providers—not only those who render services but also those who order or refer them. The omission of ordering and referring providers is a critical, common compliance failure. If, for example, an excluded physician refers a patient for a diagnostic test, the claim for that test is tainted, and any entity that causes that claim to be submitted, including a billing agent, shares in the liability.  

Following OIG recommendations and aligned OMIG requirements, WCH Service Bureau has established monthly screening policy of the LEIE to best minimize liability. While OMIG mandates an annual review of the overall compliance program, monthly screening is the de facto standard requirementd to meet the “knew or should have known” legal test applied by auditors from both agencies. Annual screening will be deemed insufficient in an audit.   

Our Screening Process  

Our screening process itself extends beyond a simple automated name check. It begins with the aggregation of accurate data from HR and provider enrollment systems. This data is then screened against the primary sources: the OIG LEIE, the OMIG Excluded Provider List, and, for federal contractors, the System for Award Management (Sam.gov). When a potential match is identified, the most critical phase begins:begins verification. Each potential hit requires due diligence, including comparison of additional identifiers such as date of birth, Social Security Number, or National Provider Identifier (NPI). This verification includes a manual check of the primary source exclusion websites. Finally, every step of this process—the initial list, the screening reports, and the detailed analysis of each potential match—is meticulously documented and retained for a minimum of ten years. This documentation creates the essential audit trail that demonstrates a good-faith compliance effort.   

Upon the Confirmation of an Excluded Individual  

Upon the confirmation of an excluded individual within an organization’s network, an immediate and structured response is mandatory. The first step is containment: the individual must be immediately removed from any role involving services payable by government programs, and all associated billing must be suspended. This must be followed by immediate internal escalation to the WCH Compliance Officer, the WCH Compliance Committee, and legal counsel. A thorough financial analysis is then conducted to identify all claims submitted for the excluded individual since their exclusion effective date, calculating the exposure to both Medicare and Medicaid. Remediation requires the prompt reporting and returning of all identified overpayments in accordance with the federal 60-day rule and New York State’s self-disclosure requirements. Making a voluntary disclosure through the OIG Self-Disclosure Protocol or the OMIG Self-Disclosure Program can significantly mitigate potential penalties. Finally, a root cause analysis is conducted to understand the failure in the screening process, leading to revised procedures, staff retraining, and implemented controls to prevent recurrence.   

In Conclusion  

In conclusion, exclusion screening is a non-negotiable imperative, not a discretionary best practice. The legal and financial risks of non-compliance are too severe to ignore, capable of resulting in substantial penalties and the potential dissolution of an organization. A defensible program is one that is comprehensive in its scope, monthly in its frequency, meticulous in its verification of potential matches, immediate in its response to confirmed exclusions, and meticulously documented at every single step. In the realm of healthcare program integrity, for entities subject to the authority of both the OIG and OMIG, vigilance is the mandatory price of participation.   

References and Authoritative Sources  

1. OIG Special Advisory Bulletin on the Effect of Exclusion    

   Link: https://oig.hhs.gov/exclusions/files/sab-05092013.pdf  

2. OIG List of Excluded Individuals/Entities (LEIE)    

   Link: https://oig.hhs.gov/exclusions/exclusions_list.asp  

3. NY OMIG Excluded Provider List    

   Link: https://omig.ny.gov/exclusions/exclusions-search  

4. NY State Social Services Law § 363-d    

   Link: https://www.nysenate.gov/legislation/laws/SOS/363-D  

5. OIG Self-Disclosure Protocol    

   Link: https://oig.hhs.gov/compliance/self-disclosure-info/index.asp 

Discover more from Doctor Trusted

Subscribe to get the latest posts sent to your email.

Related Posts

Insured Patient Balances Are Becoming the Primary Driver of Bad Debt: The Structural Breakdown Providers Can No Longer Ignore

For years, healthcare finance teams operated under a foundational assumption: insurance coverage meaningfully protected providers from uncompensated care. That assumption…

CMS CRUSH Initiative: What the New Anti-Fraud Rules Mean for Providers

By Elena Pak, Credentialing Department, WCH KEY TAKEAWAYS CMS launched CRUSH — a real-time, AI-powered anti-fraud framework targeting molecular diagnostics,…

Payer CEOs Made Up to $61 Million in 2025 — While Providers Fought Denials, Delays, and Shrinking Margins

In 2025, many physician practices described the same financial reality in increasingly urgent terms: claims taking longer to adjudicate, prior…

Discover more from Doctor Trusted

Subscribe now to keep reading and get access to the full archive.

Continue reading