OIG and SAM.gov exclusion verification: a step-by-step checklist

Federal exclusion screening is one of the few credentialing tasks regulators expect you to repeat every single month. If a provider on your roster appears on the OIG List of Excluded Individuals and Entities (LEIE), the General Services Administration's SAM.gov exclusion list, or a state Medicaid exclusion list, any federal payment for items or services they ordered, prescribed, or rendered becomes an overpayment that has to be returned.

This is the practical, source-by-source checklist we use to screen providers at hire, every month thereafter, and before payer enrollment.

The four lists you actually have to check

1. OIG LEIE — the federal exclusion list maintained by the Office of Inspector General. This is the canonical source the OIG itself tells you to use.
2. SAM.gov exclusions — the General Services Administration's consolidated list of parties excluded from federal programs, which includes (but is not limited to) OIG exclusions.
3. State Medicaid exclusion lists — every state where the provider is enrolled (or could deliver services to a Medicaid beneficiary). 42 CFR §1002.3 makes states maintain their own list, and CMS expects you to check it.
4. Optional but recommended: OFAC's Specially Designated Nationals list and your state's Medicaid program integrity unit bulletins, which sometimes publish provider-specific actions before they reach the LEIE.

Step 1 — Search the OIG LEIE

Go to the OIG exclusions program page and open the LEIE search tool, then search by both name and NPI. The LEIE is a name-and-DOB match, so close hits (same last name, similar first name) need a second-step verification before you clear them.

What to capture

• Date of the search
• Exact name and NPI submitted
• Result (no match, or screenshot of any hit)
• The reviewer who cleared the result

Step 2 — Search SAM.gov exclusions

Go to sam.gov/search with the Exclusions index selected. SAM.gov searches require both first and last name; do not rely on NPI alone here, because most SAM exclusions do not include an NPI field.

If you screen a high volume of providers, the SAM.gov public API and the downloadable monthly exclusion file are both fair game — but you still need to retain proof of the individual look-up for each provider in their file.

Step 3 — Search every state where the provider is enrolled

Each state Medicaid exclusion list lives at a different URL and uses a different search interface. The OIG's enforcement actions hub and the CMS provider enrollment site both link out to current state Medicaid exclusion resources, which is the right starting point. Be careful: a few states list exclusions as downloadable PDFs rather than searchable databases, and you'll need to search the document text directly.

Step 4 — Re-screen monthly

The OIG's Special Advisory Bulletin on the Effect of Exclusion from Participation in Federal Health Care Programs recommends monthly screening. Most CMS-deemed accreditors and many payers now contractually require it. A monthly cadence also matches the OIG's own LEIE update schedule.

Step 5 — Document what you did

An auditor's question is rarely "did you check?" — it is "show me the proof." For every screening event, your file should contain:

• The list name and source URL
• Date and time of the search
• Exact search inputs (name spelling, NPI, DOB if used)
• Result (and a screenshot for any hit or close match)
• The clearer's name or system user

CredentialTrack Pro automates this — every monthly LEIE and SAM screen runs on schedule, writes an immutable entry to the audit log, and surfaces close matches for human review. If you'd rather see how that works in your own environment, start a 14-day trial or see pricing.

Common pitfalls

• Searching only by NPI. Most exclusions are recorded by name; NPI is optional. Always run both searches.
• Forgetting the state Medicaid list. Federal enforcement looks at the state list too — an OIG-only check is not sufficient under 42 CFR §455.436.
• Letting the screen lapse during onboarding. If a provider was screened in February and onboarded in May, screen again before their first claim.

What to read next

• Primary source verification checklist — every PSV step required by NCQA and the Joint Commission.
• Payer enrollment timeline — how exclusion checks fit into the overall enrollment schedule.