General FAQ

General FAQ

In 1977, in the Medicare-Medicaid Anti-Fraud and Abuse Amendments, Public Law 95-142 (now codified at section 1128 of the Act), Congress first mandated the exclusion of physicians and other practitioners convicted of program-related crimes from participation in Medicare and Medicaid. This was followed in 1981 with the enactment of the Civil Monetary Penalties Law (CMPL), Public Law 97-35 (codified at section 1128A of the Act), to further address health care fraud and abuse. The CMPL authorizes the Department and OIG to impose CMPs, assessments, and program exclusions against any person that submits false or fraudulent or certain other types of improper claims for Medicare or Medicaid payment. Claims submitted by an excluded person for items or services furnished during the person’s exclusion violate the CMPL.

To enhance OIG’s ability to protect the Medicare and Medicaid programs and beneficiaries, the Medicare and Medicaid Patient and Program Protection Act of 1987, Public Law 100-93, expanded and revised OIG’s administrative sanction authorities by, among other things, establishing certain additional mandatory and discretionary exclusions for various types of misconduct. The enactment of the Health Insurance Portability and Accountability Act (HIPAA), Public Law 104-191, in 1996 and the Balanced Budget Act (BBA) of 1997, Public Law 105-33, further expanded OIG’s sanction authorities. These statutes extended the application and scope of the current CMP and exclusion authorities beyond programs funded by the Department to all “Federal health care programs.” BBA also authorized a new CMP authority to be imposed against health care providers or entities that employ or enter into contracts with an excluded person to provide items or services for which payment may be made under a Federal health care program.

Since the publication of the 1999 Bulletin, various statutory amendments have strengthened and expanded OIG’s authority to exclude individuals and entities from the Federal health care programs. The Medicare Prescription Drug, Improvement, and Modernization Act of 2003 and the Patient Protection and Affordable Care Act of 2010, as amended by the Health Care Education Reconciliation Act of 2010 (ACA), expanded OIG’s exclusion waiver authority. The ACA also modified and expanded OIG’s permissive exclusion authorities and amended the CMPL by adding a new provision that subjects an excluded person to liability if the person orders or prescribes an item or a service while excluded and knows or should know that a claim for the item or service may be made to a Federal health care program. For more information, please go to

As a Medicare, Medicaid, or Tricare provider – applicable payees including physicians, employees, and even vendors must be routinely crosschecked against the OIG List of Excluded Individuals and Entities. Billing under these programs while associated with excluded parties can result in compounded civil monetary penalties.

Providers and contracting entities have an affirmative responsibility to routinely verify the exclusion status of individuals and entities and maintain a record.

Violations and Civil Monetary Penalty (CMP) amounts of the OIG LEIE fall under the False Claims Act (FCA). Details of CMP assessment include:

  • Fines for each item or service furnished by the excluded individual or entity.
  • An assessment of up to three times the amount claimed (the amount paid to the health care organization by the government program going back as many as 6 years).
  • Government Funded Program exclusion

CMPs are codified and adjusted for inflation annually. The latest adjustments can be referenced at 45 CFR § 102.3 as well as
45 CFR § 1003.210.

The Venops exclusion screening process is straightforward:

  1. An encrypted spreadsheet uploaded from your Venops dashboard provides an “exclusion screening template” with the individuals and entities you want to screen.
  2. Venops accurately crosschecks your list against a direct-source exclusions database of every applicable exclusion/sanction authority.
  3. Complete exclusion clearance investigations are included. A complete exclusion screening record is created and maintained on your dashboard to show there are no excluded parties affiliated with your organization.
  4. Our software instantly identifies all possible exclusion matches by name and source. The Venops knowledge base provides a concise guide to easily clear any possible matches found. This option is best for smaller covered entities with a staff that doesn’t change very often.
  5. Venops access includes monthly Autopilot screening. The Venops system remembers every name previously screened and re-checks each of them automatically against the new updated exclusions database. This provides you with an updated, current exclusion report every month without fail.

This is a statement we hear often enough to address it in our FAQ. Yes – exclusion screening still applies. This is why:

The OIG mandate not only includes exclusion screening to identify excluded parties, but also the requirement to maintain an appropriate record. Your records of routine screening will do much to prove due diligence during any audits that occur – and Venops covers this need with both membership options offered.

Take a closer look by clicking the “Memberships” button above to see a graph showing a side-by-side comparison for each membership level. No registration required.

There are multiple exclusion and sanction lists tracked by Venops. While the federal OIG LEIE and GSA SAM are the most recognized, the majority of states have additional provider sanction lists that are also commonly screened. 

Additional exclusion and sanction authorities are also included with Venops screening, such as OFAC, Tricare, and the CMS Opt Out affidavits. Review a full list of exclusion and sanction authorities tracked by Venops by clicking the Memberships tab above.

Venops is known in the healthcare industry as a reliable steward of sensitive information critical for carrying out compliance services, and trust is our most cherished principle. Venops uses industry standard encryption with SOC 2 elements to protect the data shared for services fulfillment. Additional protocols are in place to further reduce risk.