Healthcare credentialing alongside the background check
OIG / SAM / state Medicaid exclusions, primary-source verification, sanction monitoring, and FACIS levels demystified.
Why healthcare hiring is its own discipline
A nurse, a CNA, a clinical pharmacist, and a hospital security guard each require a different combination of background components, exclusion screening, sanction monitoring, and primary-source verification. Misclassify one and the facility's Medicare/Medicaid participation, Joint Commission accreditation, or state license is on the line — not just an employment-law claim. Healthcare credentialing is the strictest, most regulated corner of pre-employment screening, and SafestHires built its healthcare program around the assumption that the report has to satisfy a CMS surveyor on a moment's notice.
OIG, SAM, and state Medicaid exclusion lists
OIG LEIE
The HHS Office of Inspector General's List of Excluded Individuals/Entities (LEIE) bars federal healthcare program payment for items or services furnished by an excluded individual. CMS requires monthly screening of all employees and contractors against the LEIE. A facility that pays an excluded provider — even unknowingly — faces civil monetary penalties of up to $10,000 per item or service (inflation-adjusted to approximately $24,000 as of 2024) plus treble damages.
GSA SAM
The General Services Administration's System for Award Management excludes parties from federal contracting and certain assistance programs. Required for any facility receiving federal funding. Monthly screening cadence.
State Medicaid exclusion lists
Forty-three states publish their own Medicaid exclusion lists, with varying update frequencies, file formats, and match policies. A handful (Texas, California, New York, Florida, Illinois) publish weekly. SafestHires's sanction-monitoring engine aggregates all 43 lists, normalizes the identifiers, and runs monthly automatic re-checks against the facility's roster, with daily delta detection for the high-frequency states.
Primary-source verification
The Joint Commission and most state nursing boards require primary-source verification of credentials. This means SafestHires does not accept a copy of the license, a transcript, or a diploma at face value — every credential is verified directly with the issuing body. For a registered nurse, that's the state board of nursing's licensing database. For a physician, it's a combination of the AMA Physician Masterfile, FSMB Board Action, and the state medical board. For a medical school degree, it's ECFMG-equivalent verification for international graduates and the registrar's office for US graduates.
Primary-source verification is slower than database lookups and costs more per credential. It's also the only acceptable form under Joint Commission EC.02.06.01 and CMS Conditions of Participation. Cutting corners here is what gets facilities into trouble during a survey.
Sanction monitoring after hire
A clean background check at hire doesn't stay clean. State boards revoke licenses, OIG adds exclusions, federal agencies update debarment lists. CMS expects monthly re-screening; the Joint Commission expects facilities to "verify ongoing competence." SafestHires's monitoring layer runs the roster against the full sanction stack monthly, delivers a delta report by the second business day, and routes hits to the facility's credentialing coordinator with the supporting documentation already attached.
FACIS levels demystified
The Fraud Abuse Control Information System (FACIS) is a proprietary, aggregated sanctions database licensed by many CRAs and credentialing platforms. There are three published "levels":
- FACIS Level 1: OIG LEIE + GSA SAM + a small number of additional federal sources. Adequate for non-clinical roles in facilities receiving federal funding.
- FACIS Level 2: Level 1 plus DEA controlled substance registration status, FDA Debarment, Office of Personnel Management, and several others. Common for clinical staff.
- FACIS Level 3: Level 2 plus state Medicaid exclusions, state licensing board actions, state Medicaid provider sanctions, and the more comprehensive abuse registries. Standard for direct-patient-care roles in CMS-participating facilities.
SafestHires builds an equivalent stack natively, without the FACIS license, and surfaces results in the same format credentialing teams already use. Clients who require FACIS labeling for surveyor purposes can be set up with a FACIS Level 3-equivalent profile in the platform.
Drug screening protocols in healthcare
Healthcare facilities operate under their own drug-screening matrices, frequently driven by state board rules and the facility's accreditation. SafestHires supports the major panel variants (5-panel non-DOT, 10-panel, DOT-compliant for transport-affiliated staff, expanded panels including synthetic opioids), all with eCCF electronic chain of custody, MRO review, and direct collection-site network coverage.
The credentialing file as a deliverable
At the end of the process the facility doesn't just receive a background check PDF. It receives a credentialing file: every primary-source verification with source, date, and verifier; every sanction-list hit with documentation; every license with expiration; the matrix decision; and the surveyor-ready audit trail. The file is structured for direct upload into the facility's credentialing system and refreshed automatically as the monitoring layer detects changes.
