What Risks/Challenges Should Be Considered

From a screening standpoint, the challenge with using only the central OIG and GSA databases is that they do not require participation and submission of updates from individual states. Certain states submit their exclusions to OIG/GSA, and others do not. For states that do not, any information about exclusions would have to be obtained from those states directly. Considering that excluded individuals often move from one state to another to obtain new employment, it would be risky to depend solely on screening of the central OIG/GSA lists.

There are also other databases and lists that would be prudent to screen/review to ensure adequate protection. These include various Federal lists (OFAC SDN, DEA, TRICARE, PHS, FDA, Wanted Terrorists/Fugitives), State Debarment & Disqualification lists, Social Security Verification, Homeland Security Verification, Employer/Tax Identification, and various Federal and State news summaries. However, some of these sources are only accessible to licensed investigators, and not every health care institution has someone like this on its staff.

Implementation of a sanction screening compliance program also impacts an organization from a resource standpoint. The health care institution would require the setup of an IT system and methodology to manage screening of multiple, separate database sources (OIG, GSA, OFAC, 19 states, plus others), plus the human resources to compile and perform monthly database screens of current employees and new hires, as well as any vendor entities and employees. Most health care organizations have hundreds or even thousands of vendors. And this is just for the screening process itself, and does not include the coordination of activities surrounding the full sanction screening compliance program such as written policies, communication, training, validation of screening results, management of employment actions against sanctioned individuals, coordination with vendors, updates to regulations, auditing, and self-reporting of results to the state MFCU/OIG (which must happen, including repayments, within 60 calendar days of discovering any sanctions).

All health care institutions have as their number one value to protect the health and welfare of their patients. New regulations now require a more proactive effort to ensure that a safe and qualified workforce is rendering services in accordance with that value. Now is the time for all health care organizations to create robust sanction screening compliance programs to keep patients safe and preserve the integrity of our healthcare system.