Typically when healthcare providers are evaluating compliance, they will look internally. They will make sure their physicians, nurses, and their billers have valid licenses and the ability to work. However, most healthcare providers do not think about the people or companies that are doing business with them. This is referred to as Vendor Blind Spot. 

Vendor Compliance Screening

Consider a hypothetical situation where you have a clinic and the clinic hires a company for transcription services, a cleaning service and an IT company to fix equipment. All three of these vendors provide services to the clinic.

Now, let’s say the owner of the transcription company gets convicted of healthcare fraud in another state. The owner would be placed on the Exclusion List. If you continue to pay the transcription company for transcription services in support of your Medicare billings you would be violating the law by using federal funds to pay someone who has been banned from doing business with you.

Vendor compliance screening is much more complicated than employee compliance screening. An employee typically has a single SSN that can be verified through a database. A vendor can have many different TIN(s), many different names ("dba's"), and also change ownership patterns during the time you are doing business with them.

When doing vendor compliance screening, you are not only verifying that the company is in compliance, it is often necessary to conduct due diligence on owners & managers of the companies also. If the vendor were to sell their organization to a new owner who is excluded and you did not verify that they have been excluded; you would incur liability.

The Government is requiring that all providers of services to Medicare & Medicaid are eligible, this does not merely apply to the physician performing a surgical procedure. Examples of the providers are the individuals that deliver the bandages to you, the individuals who provide consulting to your organization, the therapists that are providing contracted services on behalf of your organization, etc.

The penalties for failing to complete your Exclusions screening as it pertains to vendors are severe. The OIG can require you to send back all the payments made to you while the vendor provided services to you as an excluded vendor.

How to Create Your Own Wall of Protection

You don’t have to go out and find a detective in order for this to be solved, you only need a policy. When you have a vendor, make sure you put into your contract that they have to provide their ownership and to verify that they are not OIG excluded. 

In addition, you need to continue screening their name against the exclusion databases. Like employees, vendor status is subject to change, therefore the fact that you had a clean record on a vendor six months ago doesn’t mean you will in six more months. 

Conclusion

In order to run your healthcare business, you have to do several different things. You cannot drop the ball on compliance, therefore you should integrate your vendor compliance screening with your monthly routine to ensure that you are protecting both your revenue and your license and that you are using vendors that are as ethically sound and qualified as your employees. Don't let your third party vendor cause you legal problems, check them out and feel better at night.