OIG and SAM exclusion checks stand as essential safeguards in the credentialing process. They verify that no providers, staff, or vendors on your team appear on federal exclusion lists, ensuring full compliance before granting privileges or billing privileges.
Skipping these checks exposes your practice to major financial and legal threats. Federal rules demand clean records for anyone involved in Medicare, Medicaid, or other government programs. Violations can lead to denied claims, forced repayments, civil fines reaching $20,000 per incident, contract losses, or federal audits that disrupt operations.
This article guides you through the OIG Exclusion List, the SAM database, and their key differences. It covers screening timelines, fallout from misses, proven best practices, and expert strategies to stay ahead—equipping you with tools for seamless, risk-free credentialing.
Key Takeaways
- The OIG list (healthcare-specific fraud) and the SAM database (broader federal contracts) track different violations. You must check both to ensure full compliance and avoid legal gaps.
- Hiring or contracting with an excluded individual can lead to civil fines of $10,000 to $20,000 per claim and the mandatory repayment of all Medicare/Medicaid reimbursements linked to that person.
- Screening isn’t just for doctors; it must include all nurses, administrative staff, contractors, third-party vendors, and any owners with a 5% or greater stake in the practice.
- Because the OIG and SAM databases update weekly and daily, initial hiring checks are not enough. Monthly recurring screens are the industry standard for catching new exclusions and avoiding audits.
- Simply performing the search is insufficient. You must maintain a “paper trail” (screenshots or PDFs of “no match” results) for 5–6 years to prove due diligence to federal regulators.
What Is the OIG Exclusion List?
The OIG Exclusion List is maintained by the Office of Inspector General (OIG), a key watchdog agency under the U.S. Department of Health and Human Services (HHS). It identifies individuals and entities permanently or temporarily barred from federal healthcare programs, such as Medicare and Medicaid.
Exclusions stem from serious violations, including healthcare fraud, patient or resident abuse, felony convictions involving controlled substances, or disciplinary actions linked to professional misconduct. State agencies, courts, or the OIG itself impose these based on evidence. Temporary bans often last 1-5 years with chances for reinstatement after proving reform; mandatory ones can be lifelong.
This list directly blocks excluded parties from medical billing, ordering services, or receiving payments from over 60 federal programs. It applies to providers, suppliers, owners—even board members with 5%+ stakes. Practices hiring excluded individuals risk paying fines or losing reimbursements entirely.
Regular checks against the OIG list are non-negotiable for compliance. The database updates weekly, so staying current protects your revenue and avoids audits. Free online searches make it accessible, but consistency is key.
What Is the SAM Exclusion List?
The SAM Exclusion List lives within the System for Award Management (SAM.gov), the federal government’s central hub for tracking exclusions from a wide range of programs. It flags individuals, businesses, and entities barred from federal contracts, grants, loans, and other non-healthcare funding streams—not just medical ones.
SAM differs from the OIG list in focus and reach. While OIG zeroes in on Medicare, Medicaid, and healthcare-specific violations like fraud or abuse, SAM covers broader government dealings.
Think procurement contracts, research grants, or disaster aid—exclusions here often stem from debarments for poor performance, ethical breaches, or criminal issues unrelated to patient care.
You must check both lists because gaps exist. Someone excluded on SAM for a federal contract violation might still bill Medicare cleanly, or vice versa. Missing either one risks compliance failures across your operations.
SAM exclusions typically last 1-3 years but can extend longer, and the database updates daily for real-time accuracy. Hospitals and practices screen it alongside OIG to cover all bases during credentialing, hiring, or vendor onboarding.
OIG vs. SAM Exclusion Checks: Key Differences
OIG and SAM exclusion checks serve distinct roles in keeping your practice compliant, but they overlap just enough to demand both.
The OIG Exclusion List, run by the Department of Health and Human Services (HHS), targets healthcare-specific risks like Medicare fraud, patient abuse, or controlled substance felonies.
SAM, managed by the General Services Administration (GSA) through SAM.gov, focuses on broader federal procurement issues, such as contract failures, ethical lapses, or non-medical crimes.
Here’s a simple breakdown of how they differ:
| Aspect | OIG Exclusion List | SAM Exclusion List |
| Purpose | Block billing for federal healthcare programs (Medicare, Medicaid, etc.) | Bar from federal contracts, grants, and non-healthcare funding |
| Scope | Providers, entities in 60+ healthcare programs | Businesses, individuals in procurement, and research grants |
| Agency | HHS Office of Inspector General | General Services Administration (GSA) |
| Common Triggers | Fraud, abuse, license actions | Poor performance, debarment, criminal acts |
| Duration | Often 1-5 years or permanent | Typically 1-3 years, extendable |
Overlap happens when the same person or business hits both—for example, a fraud case leading to healthcare and contract bans.
Checking only OIG misses SAM risks like a vendor debarred from grants, while skipping SAM ignores healthcare-only flags.
Always run both searches weekly or monthly to catch everything, ensuring full coverage for credentialing, hiring, and compliance audits.
When Are OIG & SAM Exclusion Checks Required?
OIG and SAM exclusion checks fit into several key moments in your practice’s lifecycle. Federal rules make them mandatory to avoid billing or contracting with excluded parties, and missing them can trigger big problems down the line.
Here’s when you need to run these screens:
- Initial credentialing: Every new provider applying for privileges or network enrollment gets checked. Hospitals and payers require clean OIG and SAM results before approval, often as part of CAQH applications.
- Recredentialing: Repeat the process every 2-3 years when providers renew credentials. This catches any new exclusions since the last review, keeping your roster compliant.
- Monthly or routine compliance checks: Practices should screen all staff and vendors at least once a month. Government guidance recommends this ongoing habit, especially for high-volume groups or those with federal contracts.
- Hiring and onboarding: Check every new hire, contractor, or vendor before they start. This includes physicians, nurses, admins, and even referral sources to block risks early.
These checks take just minutes online but save months of headaches. Document each one with dates, names, and results—proof that protects you during audits. By building them into your routine, you stay ahead of compliance demands and focus on patient care.
Consequences of Missing an Exclusion
Failing to catch an OIG or SAM exclusion can hit your practice hard, both financially and legally. Federal law prohibits billing or contracting with excluded individuals, and violations trigger swift enforcement. Practices often face a cascade of penalties that disrupt cash flow and operations for months or years.
Key consequences include:
- Claim denials and recoupments: Medicare and Medicaid reject all claims linked to an excluded provider, sometimes going back years. You may owe back every penny received, plus interest—losses can reach hundreds of thousands for busy practices.
- Civil monetary penalties: Fines start at $10,000 to $20,000 per incorrect claim, with no cap. The OIG pursues these aggressively, especially after audits uncover patterns.
- Contract termination risks: Payers drop providers or groups instantly upon discovery. Hospitals revoke privileges, and networks boot members, forcing you to rebuild elsewhere.
- Compliance audits and reputational damage: Regulators launch full reviews of your operations, freezing reimbursements until cleared. Word spreads fast in healthcare circles, scaring off future partners and patients.
These outcomes aren’t rare—thousands of cases hit annually. Catching exclusions early avoids this nightmare, protecting your revenue and standing. Simple monthly checks make all the difference.
Best Practices for OIG & SAM Exclusion Screening
Staying on top of OIG and SAM exclusion checks keeps your practice compliant and running smoothly. These simple habits prevent surprises during credentialing or audits, saving time and money in the long run.
Follow these proven steps:
- Check both lists consistently: Run OIG searches weekly and SAM monthly, or use daily automated alerts. Free tools on OIG.hhs.gov and SAM.gov make it quick—search by name, NPI, or EIN.
- Document screening results: Save screenshots, PDFs, or logs with dates, names screened, and “no match” confirmations. Keep records for 5-6 years to prove due diligence if questioned.
- Screen all providers and vendors: Include physicians, midlevels, admins, contractors, and even referral partners. Don’t forget owners with 5%+ stakes or anyone touching federal programs.
- Use automated tools where possible: Software like provider trust platforms or credentialing services flags matches instantly via API. Set up email notifications for updates, reducing manual work.
Building these into your workflow takes little effort but builds a strong defense. Teams that screen routinely catch issues early, avoid fines, and speed through credentialing with clean records. Your patients and bottom line thank you.
How Get Credentialing Done Manages OIG & SAM Exclusion Checks
Handling OIG and SAM exclusion checks can feel like just one more task on a long list, but with the right partner, it becomes a seamless part of your compliance routine.
At Get Credentialing Done, we take this responsibility off your plate entirely, running comprehensive screens so you can focus on patient care and growing your practice. Our team brings deep expertise in federal exclusion rules, ensuring nothing slips through the cracks.
We manage regular screening with precision and speed. Using direct access to OIG.hhs.gov and SAM.gov, we verify every provider, staff member, vendor, and owner on your roster on a weekly, monthly, or schedule of your preference.
Automated alerts notify us of any matches instantly, and we verify them against false positives, such as name similarities, delivering clear reports within hours. No more manual searches or missed updates.
Our service shines in compliance, documentation, and risk reduction. We archive every screening result with timestamps, search criteria, and outcomes in a secure, audit-ready format that meets CMS and payer standards.
If a potential issue arises, we guide you through the next steps—like deeper reviews or reinstatement processes—while preparing explanation letters and evidence packets.
This proactive approach has helped countless providers avoid fines, claim denials, and delays, keeping their revenue steady and operations uninterrupted.
Partnering with Get Credentialing Done means peace of mind and real results. We tailor our support to your practice’s size and needs, whether you’re a solo clinician, group practice, or facility onboarding dozens.
Reach out today for a free compliance check—we’re here to protect your practice and support your success every step of the way.
FAQ
The OIG check looks specifically for individuals or businesses excluded from healthcare-related programs such as Medicare and Medicaid due to issues like fraud or patient abuse. The SAM check is broader and identifies anyone barred from receiving any type of federal contract or funding, including non-healthcare areas like research grants or construction projects. Since they cover different types of exclusions, both checks are required for full compliance.
Federal law prohibits practices from billing Medicare or Medicaid for services provided by an excluded individual or entity. If a practice unknowingly bills for such services, it may be required to repay all related funds and face additional penalties that can reach up to $20,000 per claim. Regular exclusion checks help ensure compliance and protect your practice from financial and legal risk.
Every individual and entity involved in your practice should be screened. This includes clinical staff, administrative employees, contractors, and vendors. Federal guidelines also require screening owners or board members with a 5% or greater ownership stake, as an exclusion at this level can disqualify the entire practice from receiving federal payments.
Although some practices only screen during hiring, federal guidance strongly recommends running exclusion checks at least once a month. The OIG list is updated weekly and the SAM database is updated daily, meaning exclusions can occur at any time. Monthly checks help identify new issues before they lead to billing violations.
First, confirm whether the match is accurate by verifying identifying details such as Social Security Number or NPI. If the exclusion is confirmed, you must immediately stop the individual from performing any work related to federal healthcare programs and consult a legal or credentialing expert. Continuing to bill for services involving an excluded party can result in severe penalties.
Yes. Performing the search alone is not sufficient for audit purposes. Best practice is to save a dated screenshot or PDF showing no results for each individual or entity screened. These records should be securely stored for at least five to six years to demonstrate ongoing compliance during audits.