What is the HHS OIG Exclusion List?

The HHS OIG Exclusion List is a federal database that flags individuals and organizations who are not allowed to take part in any federally funded healthcare program, including Medicare, Medicaid, CHIP, TRICARE, and Veterans Affairs. It exists under section 1128 of the Social Security Act and serves as a safeguard against fraud, abuse, and patient harm. Each entry includes basic identifiers, like date of birth, job role, exclusion dates, and the specific reason the person or entity was removed from federal program participation.

A major driver of exclusion is healthcare fraud, which the Centers for Medicare & Medicaid Services defines in a Journal of the American Pharmacists Association study as “knowingly submitting, or causing to be submitted, false claims or making misrepresentations of fact to obtain a federal health care payment for which no entitlement would otherwise exist.” The same study notes that Medicare and Medicaid fraud is common, costly, and dangerous, adding that “fraud increases the overall costs for vital health care services and can be harmful to patients.”

Exclusions can be mandatory or permissive. Mandatory exclusions apply in the most serious cases patient abuse or neglect, or felony healthcare theft, and usually carry a minimum five-year ban. Permissive exclusions apply when the OIG has discretion, often involving issues like license suspensions, improper billing practices, or obstructing an investigation, with the length of exclusion varying by case.

Anyone on the list is prohibited from providing items or services to federal healthcare programs or working, directly or indirectly, for any organization that bills those programs. The list is continually updated based on enforcement activity from the HHS OIG, the Department of Justice, and state Medicaid Fraud Control Units.

The mission of the OIG

The HHS OIG plays a central role in protecting federal healthcare programs from fraud, waste, and abuse. Its job is to make sure that programs use taxpayer dollars the way they’re meant to be used and that beneficiaries actually receive the care and services they qualify for. To do that, the OIG carries out audits, investigations, and evaluations aimed at finding weak spots in HHS programs and identifying where processes can be strengthened.

The NIH annual report notes, “to enhance the health and well-being of all Americans by providing for effective health and human services and by fostering sound, sustained advances in the sciences underlying medicine, public health, and social services.” The OIG’s oversight responsibilities are part of the same ecosystem that drives research, policy, regulation, and service delivery across the Department. In fact, HHS relies on collaboration across its divisions to function effectively; NIH alone reported 601 cross-agency collaborative activities in a single fiscal year.

The agency also oversees compliance with federal laws and regulations, including enforcing exclusions for individuals and organizations involved in fraud or other forms of misconduct. These exclusions help prevent bad actors from participating in federal healthcare programs and protect both patients and the integrity of the system. Beyond enforcement, the OIG’s broader mission is to promote accountability among healthcare providers, contractors, and anyone else who plays a role in delivering federally funded services.

The types of exclusions 

Mandatory exclusions

Mandatory exclusions are imposed by law and require the OIG to bar certain individuals and entities from participating in federal healthcare programs when they’ve been convicted of serious criminal offenses. These cases usually involve crimes like Medicare or Medicaid fraud, patient abuse or neglect, felony healthcare fraud or theft, or illegal activities involving controlled substances. 

Federal programs are vulnerable to misuse and high the stakes are when fraud enters the system. As a study on Preventing Chronic Disease on Medicaid policy notes, “smoking is the leading cause of preventable illness and death, and approximately 15% of Medicaid expenditures are attributable to smoking-related diseases." 

Because of the seriousness of these offenses, mandatory exclusions come with a minimum five-year ban, and that period can be extended depending on the severity of the conduct. The purpose is to protect patients and federal healthcare dollars from individuals or organizations that have already demonstrated a risk to the system. These exclusions are not optional; once the legal criteria are met, the OIG is required to impose them as part of the federal government’s strong stance against fraud and abuse.

Permissive exclusions 

Permissive exclusions work differently. In these cases, the OIG has the authority, but not the obligation, to exclude individuals or entities based on certain types of misconduct that may not rise to the level of mandatory criminal convictions. This category covers a wide range of behavior, including submitting false claims, offering or receiving kickbacks, obstructing investigations, or failing to meet program requirements. 

When deciding whether to impose a permissive exclusion, the OIG looks at the full context.  The seriousness of the conduct, how cooperative the person or entity was during the investigation, whether corrective action was taken, and their past compliance history. As the Respiratory Therapy study explains, “first-time inexperienced RT department supervisors are management officials…who are hired with a tremendous amount of responsibilities that are not taught as part of a clinical RT college program,”

Because the OIG can exercise judgment in permissive cases, these exclusions allow the agency to address risks that don’t meet the threshold for mandatory exclusion while still encouraging providers to remediate problems and work with regulators.

How the exclusion list works

When someone is placed on the exclusion list, whether an individual or an organization, they are completely barred from participating in any federal healthcare program. In practical terms, they can’t provide goods or services that would be paid for with federal healthcare dollars. 

As the HHS OIG explains, “OIG has the authority to exclude individuals and entities from Federally funded health care programs pursuant to section 1128 of the Social Security Act…and maintains a list of all currently excluded individuals and entities called the List of Excluded Individuals/Entities (LEIE). Anyone who hires an individual or entity on the LEIE may be subject to civil monetary penalties (CMP).”

Healthcare organizations are legally required to screen employees, vendors, and contractors against the exclusion list to avoid hiring or working with someone who is prohibited from billing federal programs. Failure to do so can result in steep penalties, repayment obligations, and reputational damage. 

The consequences of hiring an excluded individual 

Hiring someone who appears on the HHS OIG Exclusion List creates an immediate and costly problem for any healthcare organization. Every claim tied to that individual is considered improper, and civil monetary penalties can start at $10,000 per violation, quickly multiplying with each submission. For small or mid-sized practices that rely heavily on federal reimbursements, these penalties can be financially devastating.

As one BMC Primary Care review put it, “The most frequently cited barriers were financial challenges and issues related to health care delivery, such as workloads,” To prevent these risks, the Balanced Budget Act of 1997 requires healthcare organizations to check exclusion lists when hiring and to screen existing staff on a regular basis. Ignoring these duties doesn’t just open the door to penalties, providers themselves can be excluded from federal programs, face lawsuits, or even lose their billing privileges altogether.

See also: HIPAA Compliant Email: The Definitive Guide (2025 Update)

FAQs

Why does the HHS OIG exist?

The OIG exists to ensure programs like Medicare and Medicaid operate honestly, efficiently, and in compliance with federal law.

What authority does the HHS OIG have?

The OIG has legal authority to conduct audits, investigations, and enforcement actions, including imposing civil monetary penalties and exclusions.

How does the HHS OIG protect federal healthcare programs?

The OIG identifies improper payments, detects fraudulent conduct, and recommends corrective actions to strengthen program integrity.