What are HHS OIG Exclusions?

HHS OIG Exclusions List

HHS OIG exclusions are individuals and entities that are prohibited from participating in any federal health care program because they have violated a clause of §1128 of the Social Security Act. Healthcare providers in federal health care programs are not permitted to obtain goods or services from excluded individuals or entities, and risk sanctions – or even exclusion themselves – if they do.

There are multiple reasons why an individual or entity can be prohibited from participating in any federal health care program. These include (but are not limited to):

  • A conviction for healthcare fraud or healthcare-related financial misconduct.
  • A conviction for patient abuse or patient neglect under state or federal law.
  • A conviction for the unlawful manufacture, distribution, prescription, or dispensing of a controlled substance.
  • Obstructing an investigation or audit into the use of funds received from a federal health care program.
  • Having a license to provide health care revoked or suspended due to a lack of competence, performance, or integrity.
  • Making false statements or misrepresenting material facts to qualify for participation in a health care program.
  • Knowingly misclassifying drugs in order to affect product information, pricing or data related to product information and pricing.
  • Being excluded or suspended from a state health care program or other federal health program (i.e., Veterans Affairs).

The length of HHS OIG exclusions is determined by the nature and severity of the violation. For example, a felony conviction for healthcare fraud attracts a minimum exclusion of five years, while the baseline exclusion period for a misdemeanor conviction of the same offense is three years. HHS OIG exclusions for license revocations and suspensions are as long as the revocation or suspension.

The Importance of Checking the HHS OIG Exclusions List

Since 1999, HHS OIG exclusions have been included in the online List of Excluded Individuals/Entities. HHS recommends healthcare providers check the LEIE database before engaging new members of the workforce or contracting goods or services from a new supplier to ensure the individual(s) or organization(s) have not been excluded from participating in federal health care programs.

If a match is found, it is important that healthcare providers do not engage/contract the individual(s) or organization(s) because the penalties for doing so can be severe. HHS OIG can issue a civil monetary penalty of up to $20,000 for each service or item claimed from a federal health care program that relates to a service or item provided by an excluded individual or organization.

Additionally, HHS OIG can pursue damages of up to three times each amount claimed and – when a healthcare provider has neglected to regularly check the HHS OIG exclusions list – exclude the healthcare provider from participating in any federal health care program. There are many recent examples of healthcare providers settling six-figure penalties and narrowly avoiding exclusion:


Simple Guidelines
Immediate PDF Download

Immediate Access

Privacy Policy

  • In February 2022, a Connecticut psychiatric practice entered into a settlement agreement of $310,874 for employing an excluded individual as its clinical director for five years.
  • In March 2023, an Illinois rehabilitation center entered into a settlement agreement of $213,000 for billing the services of an excluded nurse to a federal health care program.
  • In June 2023, a New York home attendant program entered into an agreement settlement of $866,339 for employing a personal assistant excluded from the New York Medicare service.

The first of the above examples demonstrates the importance of frequently checking the HHS OIG Exclusions List to screen existing members of the workforce that may have been “late entries” on the LEIE database when it was originally checked, while the third of the examples demonstrates the importance of checking OIG state exclusions databases as well as OIG federal exclusions databases.

OIG Federal Exclusions vs State OIG Exclusions

It is important to be aware there are multiple federal and state exclusion lists. With regards to federal exclusions, the four lists considered the most important in the healthcare industry are the HHS OIG Federal Exclusions List, the Medicare Exclusion Database, the System for Award Management (SAM) database (which now includes the Excluded Parties List System), and the National Practitioner Data Bank (which now includes the Healthcare Integrity and Protection Data Bank).

These exclusions lists are populated by federal and state OIG departments, and external sources such as state licensing authorities, law enforcement agencies, and self-disclosing healthcare providers. In many cases, delays can occur between a state OIG department (or other external source) closing a qualifying case against an individual or entity, and the individual or entity appearing on the HHS OIG Federal Exclusions List. Sometimes the delay can be as long as two years.

The primary reason for delays is that there are two types of exclusion – mandatory and permissive. Mandatory exclusions are automatic for felony convictions and patient abuse cases. However, some permissive exclusions are discretionary inasmuch as the federal OIG will allow an appeal against a federal exclusion. The appeals process takes time; and, when an appeal is successful, may result in a violator appearing on a state exclusions list, but not on a federal exclusions list.

It can also be the case that an individual or entity appears on an OIG state exclusions database but not on the HHS OIG Federal Exclusions List because the violation the individual or entity is convicted of is a violation of state law, rather than a violation of federal law. Therefore, as well as checking the HHS OIG Federal Exclusions List – and any other federal lists that may apply – it is important healthcare providers also check state OIG exclusion lists for excluded individuals and entities.

Example: The Texas OIG Exclusions List

The Texas OIG exclusions list is a good example of why healthcare providers in Texas and neighboring states should screen employees and suppliers against state OIG exclusion lists as well as the HHS OIG Exclusions List. The Texas OIG exclusions list not only includes individuals and entities that have violated federal laws, but also those who have violated regulations promulgated by departments such as the Texas Medical Board, Texas Board of Nursing, and Texas State Board of Pharmacy.

it is important for healthcare providers (in this example, from Texas) to be aware of what federal and state exclusion lists exist and which may impact their activities. For example, a healthcare provider in Texas that employs an individual who appears on the Texas OIG exclusions list, but not on the HHS OIG Federal Exclusions List, will be able to claim for the individual’s services from federal health care programs, but not from Texas health care programs (including the Texas Medicare program).

The reason healthcare providers in neighboring states should screen employees against the Texas OIG exclusions list is that some individuals excluded in one state, but not excluded nationwide, can cross state borders and apply for work in (say) New Mexico. If healthcare providers in New Mexico only screen new hires against the HHS OIG Federal Exclusions List and the New Mexico exclusions list, they could engage the services of an individual that may later be a compliance liability.

In conclusion, violations of §1128 of the Social Security Act have been rigorously pursued by federal and state OIG departments since the passage of HIPAA introduced the Health Care Fraud and Abuse Control Program. Healthcare providers that participate in federal health care programs are assumed to “know or should know” about HHS OIG exclusions, and that they should not engage – or engage with – any individual or entity that appears on the HHS OIG LEIE database. Healthcare providers unsure of their obligations with regards to excluded entities should seek professional advice.

About Liam Johnson
Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: https://www.linkedin.com/in/liamhipaa/