There is no single national exclusion list. Best practices for a healthcare screening program is to check the OIG’s List of Excluded Individuals and Entities (LEIE), the GSA System for Award Management (SAM), and all state Medicaid exclusion lists every month for all employees and vendors. In addition to monthly screening, the screening program should check new hires and new vendors prior to them joining the company as full-time or temporary staff. It may be necessary to screen other lists as well depending on local regulations or contractual obligations. To make this easy for you, Exclusion Screening maintains coverage across dozens of databases. The full list of datasets we cover is available below.
Database coverage at a glance
Jump to the summary for any list. Each summary links to its deep-dive guide.
| List / category | Authority | Scope | Updates |
|---|---|---|---|
| Federal core — must screen | |||
| LEIE — OIG List of Excluded Individuals/Entities | HHS-OIG | National | Monthly |
| SAM.gov — System for Award Management | GSA | Federal | Daily |
| CMS Preclusion List | CMS | MA / Part D | Monthly |
| CMS Revocation Database NEW | CMS | Medicare billing privileges | Rolling |
| Sanctions & specialty authorities | |||
| OFAC SDN & Sanctions Lists NEW | Treasury | Global | Rolling |
| FDA Debarment List | FDA | Drug / clinical trial | Rolling |
| DEA Excluded Persons List | DEA | CSA registrants | Rolling |
| State Professional Licensing Boards | 50 state boards | Per state / profession | Varies |
| National Sex Offender Public Website (NSOPW) | U.S. DOJ | National | Real-time |
| Cross-reference data sets | |||
| NPDB — National Practitioner Data Bank | HRSA | National | Real-time |
| NPPES — National Provider Identifier Registry | CMS | National | Daily |
| SSA Death Master File | SSA | National | Weekly |
| State Medicaid | |||
| State Medicaid Exclusion Lists — 50 states + DC | State Medicaid agencies | 38 separate lists; 13 use LEIE | Varies |
| Tribal & Territory | |||
| IHS, Puerto Rico, USVI, Guam, tribal nations | Various | Sub-national | Varies |
The lists, in detail
LEIE — OIG List of Excluded Individuals/Entities
Authority: HHS-OIG · Scope: National · Updates: Monthly
The OIG’s List of Excluded Individuals and Entities (LEIE) is the foundational federal exclusion list. It identifies people and organizations that the U.S. Department of Health and Human Services Office of Inspector General has barred from participating in Medicare, Medicaid, and all other federal health care programs. An exclusion is not a fine — it is a complete prohibition. No federal program payment, direct or indirect, may be made for items or services furnished by an excluded person, including for administrative or management work that doesn’t bill directly.
Exclusions are either mandatory (triggered by a criminal conviction for program-related crimes, patient abuse, felony health care fraud, or felony controlled-substance offenses under SSA § 1128(a)) or permissive (a longer list under § 1128(b), including misdemeanor convictions, licensure actions, and student loan default). The OIG updates the LEIE monthly. A potential match must be verified using identifiers beyond name — typically date of birth, SSN if available, and the OIG’s own record details.
Providers that employ or contract with an excluded individual face civil monetary penalties of up to $20,000 per item or service plus treble damages, and may face exclusion themselves under § 1128(b)(8). The OIG’s Special Advisory Bulletin recommends monthly screening of every employee, contractor, vendor, and referral source. Auditors increasingly expect a documented monthly screening process, not an annual one.
Read the deep dive on OIG exclusions →
SAM.gov — System for Award Management
Authority: GSA · Scope: Federal · Updates: Daily
SAM.gov is the federal government’s central database of entities and individuals barred, suspended, or otherwise ineligible to receive federal contracts or assistance. It is managed by the General Services Administration and consolidates what used to be the Excluded Parties List System (EPLS). For healthcare organizations, SAM is the second mandatory federal screen alongside the LEIE — anyone receiving funds traceable to federal programs is expected to verify counterparties against SAM exclusion records.
Unlike the LEIE, SAM is broader in subject matter. It includes debarments imposed by every federal agency — not just HHS — covering procurement fraud, environmental violations, anti-kickback findings, and a long list of other grounds. Healthcare-relevant entries often overlap with OIG exclusions, but SAM also captures individuals and entities excluded by GSA, USDA, DOJ, and others whose actions disqualify a provider from receiving federal payments.
SAM is updated daily. Records carry an “Active Exclusions” indicator and structured fields for the agency, exclusion type, and date range. Verifying a match requires more than name — entity records often include UEI/DUNS identifiers, addresses, and known aliases. Healthcare screening programs that only check LEIE miss debarments imposed outside HHS, including debarments that disqualify counterparties from federal payment regardless of the underlying ground.
Read the deep dive on the GSA SAM database →
CMS Preclusion List
Authority: CMS · Scope: Medicare Advantage & Part D · Updates: Monthly
The CMS Preclusion List is a separate, narrower list maintained by the Centers for Medicare & Medicaid Services. It identifies prescribers and providers from whom Medicare Advantage plans must deny payment and whose Part D prescriptions plans must reject. CMS created the Preclusion List in 2019 to replace the Medicare Advantage and Part D enrollment requirement, focusing instead on a smaller list of providers who have engaged in conduct detrimental to the Medicare program.
Preclusion is distinct from OIG exclusion. A provider can be precluded without being excluded, and vice versa. Common preclusion grounds include enrollment revocation under 42 CFR § 424.535 with an active reenrollment bar, felony convictions within the prior ten years that CMS determines are detrimental to the program, and other conduct warranting exclusion-equivalent treatment in the MA/Part D context.
The list is updated monthly and distributed to MA and Part D plans through a CMS portal. Plans must deny payment for items, services, or prescriptions provided by anyone on the list. Providers and prescribers who are precluded receive notice and have appeal rights. For healthcare organizations, preclusion screening is now a standard part of vendor and prescriber due diligence — particularly for entities billing Medicare Advantage plans or processing Part D claims.
Read the deep dive on the CMS Preclusion List →
CMS Revocation Database
Authority: CMS · Scope: Medicare billing privileges · Updates: Rolling
The CMS Revocation Database identifies individuals and entities whose Medicare billing privileges have been revoked under 42 C.F.R. § 424.535. CMS made the database publicly available for the first time in February 2026, and approximately 7,400 individuals and entities are currently listed. Revocation is distinct from OIG exclusion: CMS revokes Medicare enrollment and billing privileges (with re-enrollment bars of 1–10 years, or up to 20 years for a second offense), while OIG exclusion is a broader, statutorily grounded bar from all federal health care programs.
Revocation grounds under § 424.535 include false or misleading enrollment information, felony convictions, license suspensions or revocations, ownership and managing-control issues, and other conduct CMS determines warrants revocation. Hiring or retaining a revoked individual exposes the employing organization to enrollment denial, revalidation problems, payment suspension, and — under CMS’s affiliation rule — potential revocation of the organization’s own billing privileges. Where services of a revoked provider are billed under another credentialed provider’s NPI, the conduct can rise to civil or criminal liability.
For Medicare, Medicaid, CHIP, TRICARE, and VA participants, monthly screening of the revocation database is now a low-cost, high-value compliance measure. It also reduces the risk of inaccurate certifications in enrollment, revalidation, credentialing, and contracting submissions — statements that can trigger False Claims Act exposure if tied to claims or government payments.
Read the deep dive on the CMS Revocation Database →
OFAC SDN & Sanctions Lists
Authority: U.S. Treasury OFAC · Scope: Global sanctions · Updates: Rolling
The Office of Foreign Assets Control administers and enforces U.S. economic and trade sanctions. Its Specially Designated Nationals and Blocked Persons (SDN) List, together with a set of sectoral and consolidated sanctions lists, identifies individuals, companies, vessels, and groups whose property is blocked and with whom U.S. persons are prohibited from transacting.
OFAC sanctions are strict liability. A healthcare organization that pays an SDN-listed vendor, employs an SDN-listed individual, or transacts with an entity that’s 50% or more owned by SDN-listed parties (the “50 Percent Rule”) may face civil and criminal penalties even without intent. Penalties under IEEPA and TWEA reach into the millions per violation. Banks and payment processors screen aggressively, which means an SDN match in a provider’s payroll or AP stream can freeze payments and trigger a Suspicious Activity Report.
For Medicare and Medicaid providers, OFAC screening is increasingly an expectation rather than an option. The patient and vendor populations of large health systems routinely include foreign nationals and foreign-owned suppliers, and an OFAC violation creates exposure that LEIE/SAM screening alone won’t catch. OFAC publishes consolidated and SDN data files, but real-world screening requires fuzzy matching against name variants, transliterations, and ownership structures.
Read the deep dive on OFAC sanctions screening →
FDA Debarment List
Authority: FDA · Scope: Drug development & clinical trials · Updates: Rolling
Under Section 306 of the Federal Food, Drug, and Cosmetic Act, the FDA may debar individuals and corporations from participating in the drug approval and clinical trial process. Mandatory debarment follows certain felony convictions related to the approval or regulation of drugs. Permissive debarment covers a broader range of conduct, including misdemeanor convictions and material false statements to the agency.
For healthcare organizations, FDA debarment matters wherever the organization touches drug development, clinical research, or pharmaceutical supply chains. Hospitals and academic medical centers that host clinical trials must verify investigators and study staff against the FDA Debarment List. Pharmacy benefit managers, specialty pharmacies, and manufacturers face debarment-related exclusion exposure that LEIE screening doesn’t reach.
Deep-dive guide coming soon.
DEA Excluded Persons List
Authority: DEA · Scope: Controlled Substances Act registrants · Updates: Rolling
The Drug Enforcement Administration maintains records of practitioners whose DEA registration to handle controlled substances has been revoked, surrendered, or denied under 21 U.S.C. § 824. While not labeled an “exclusion list” in the same way as the LEIE, DEA enforcement actions function as effective exclusions for prescribers, pharmacies, and other registrants who handle controlled substances.
DEA actions are often the first public signal that a prescriber is in trouble. They precede or accompany state board actions, OIG exclusions, and federal indictments. Healthcare organizations that employ or contract with prescribers — particularly in pain management, addiction medicine, and surgical specialties — should incorporate DEA registrant verification into their credentialing and exclusion-screening processes.
Deep-dive guide coming soon.
State Professional Licensing Boards
Authority: 50 state boards · Scope: Per state & profession · Updates: Varies
Every state maintains professional licensing boards for physicians, nurses, pharmacists, dentists, and dozens of other health professions. These boards impose discipline ranging from probation and fines to license suspension and revocation. Adverse actions are reported to the National Practitioner Data Bank and, increasingly, are exchanged between states through interstate compacts and reporting requirements.
For exclusion screening, board actions are a leading indicator. A revoked or surrendered license is the most common trigger for permissive OIG exclusion under § 1128(b)(4). Reciprocal licensure actions — where one state acts based on another state’s discipline — can cascade into Medicare revocation and federal exclusion. Healthcare employers that rely on annual primary source verification miss board actions that occur between credentialing cycles.
Deep-dive guide coming soon.
National Sex Offender Public Website (NSOPW)
Authority: U.S. Department of Justice · Scope: National · Updates: Real-time
The National Sex Offender Public Website (NSOPW) is a DOJ-coordinated search that aggregates registry data from every state, the District of Columbia, U.S. territories, and participating tribal jurisdictions into a single national query. Exclusion Screening checks each subject against NSOPW at the national level — the same level a federal compliance reviewer or auditor would consult — rather than running 50 separate state queries. NSOPW updates in real time as the underlying registries are updated.
For healthcare organizations, sex-offender registry screening is essential anywhere staff have access to vulnerable populations — long-term care, home care, hospice, behavioral health, pediatric care, intellectual and developmental disability services, and any setting governed by state caregiver or vulnerable-adult laws. Most states bar registered offenders from licensed caregiver roles outright; others require disclosure and case-by-case review. A registry hit is also a leading indicator of permissive OIG exclusion under SSA § 1128(b) for crimes against patients or controlled-substance offenses, so NSOPW screening interlocks with exclusion screening as part of a defensible compliance program.
Effective screening uses identifiers beyond name — date of birth, address history, and aliases — and is repeated on a defined cadence. Programs that rely on a single pre-hire check miss reclassifications and new registrations that occur during employment.
Deep-dive guide coming soon.
NPDB — National Practitioner Data Bank
Authority: HRSA · Scope: National · Updates: Real-time
The National Practitioner Data Bank is a federal repository of information about medical malpractice payments and certain adverse actions taken against health care practitioners, providers, and suppliers. It is maintained by the Health Resources and Services Administration (HRSA) and is queryable by hospitals, state licensing boards, professional societies, and health plans.
The NPDB is not an exclusion list — it is the upstream reporting system that often produces the data that ends up driving exclusions. Reportable events include medical malpractice payments, adverse clinical privilege actions, professional society membership actions, certain DEA actions, OIG exclusions, and Medicare/Medicaid exclusions. Hospitals must query the NPDB when granting privileges and every two years thereafter.
For exclusion screening, NPDB data supplements — but does not replace — direct screening of the LEIE, SAM, and other primary sources. NPDB reports are queryable per-practitioner, not as a bulk download, so they’re used as an identity verification and corroboration tool. Where an LEIE match shows an exclusion, the NPDB often holds the underlying narrative.
Read the deep dive on the NPDB →
NPPES — National Provider Identifier Registry
Authority: CMS · Scope: National · Updates: Daily
The National Plan and Provider Enumeration System (NPPES) assigns and maintains National Provider Identifiers for every individual and organizational health care provider in the United States. It is a public, daily-updated registry that supports the HIPAA standard transactions and serves as the canonical identifier for billing, claims, and credentialing.
For exclusion screening, NPPES is essential for two reasons. First, the LEIE doesn’t include NPIs — which means matching a name against the LEIE requires additional identifiers to confirm. NPPES provides the NPI, taxonomy, and practice address data that helps disambiguate common names. Second, NPPES allows verification that a provider exists and is active — preventing false negatives during onboarding and ongoing screening.
NPPES is also useful for vendor and referring-provider validation. A vendor entity that claims to be a provider should be verifiable in NPPES, and the registered legal name and address can be cross-referenced against LEIE and SAM data.
Read the deep dive on NPPES screening →
SSA Death Master File
Authority: Social Security Administration · Scope: National · Updates: Weekly
The Social Security Administration maintains the Death Master File (DMF), a national record of reported deaths derived from Social Security records. The full DMF is restricted; a limited public version is available with a three-year delay. Healthcare organizations and their screening partners typically use the Limited Access DMF (LADMF) through certified subscribers.
DMF screening protects against two specific compliance risks. The first is billing fraud — claims submitted under a deceased provider’s NPI or for a deceased patient generate immediate False Claims Act exposure. The second is identity fraud, particularly in remote credentialing and onboarding, where stolen SSNs of deceased individuals are routinely used. Both risks intersect with exclusion screening because both can trigger downstream OIG exclusion and CMP liability.
DMF data must be paired with other identifiers — name alone is insufficient. Effective screening uses SSN, DOB, and state of issuance to confirm a match.
Read the deep dive on the SSA Death Master File →
State Medicaid Exclusion Lists
Authority: State Medicaid agencies · Scope: 50 states + DC · Updates: Varies
Thirty-eight states maintain their own Medicaid exclusion or sanction lists separate from the federal LEIE. The remaining thirteen rely on the LEIE alone. Section 6501 of the Affordable Care Act requires states to terminate any provider terminated for cause by Medicare or another state Medicaid program, but data sharing across states remains uneven and lagging.
For any healthcare organization billing Medicaid in multiple states, this fragmentation creates the largest single gap in most screening programs. An individual excluded in Ohio may continue to bill Indiana Medicaid for months before that state’s list is updated. A vendor terminated in Texas may pop up in a Florida provider’s accounts payable. Each state’s list has its own format, update cadence (weekly to quarterly), and matching conventions — and many require manual screening through state-specific portals.
Compliant programs screen against every state where the organization operates, employs people, or bills. For a multi-state health system, that’s typically thirty or more separate lists in addition to the federal sources.
Open the interactive 50-state guide →
Tribal & Territory
Authority: IHS, territory health agencies · Scope: Tribal nations, PR, USVI, Guam · Updates: Varies
Federal exclusion screening obligations don’t stop at the 50 states. Indian Health Service programs, Puerto Rico’s Medicaid agency, the U.S. Virgin Islands Medicaid program, Guam, and several tribal nations maintain their own exclusion, sanction, or termination lists. The CMS rule under 42 CFR § 1001.1901 expressly applies to providers operating in territories and tribal contexts.
These lists are smaller, less standardized, and often missed by screening programs that focus only on the LEIE and the larger states. Healthcare organizations operating in or contracting with providers in these jurisdictions should incorporate the relevant lists into their screening program.
Read the deep dive on territory screening requirements →
Talk to our team
If you’re screening against fewer than a dozen databases, your coverage probably isn’t where your auditor expects it to be. The gap is usually state Medicaid lists and vendor chains.