Business Associate / Vendor Risk Management

As per KPMG, 81% of healthcare executives claim their organizations have been compromised by at least one malware, botnet, or other cyber-attack during the past two years.

As a Covered Entity (CE), you have shared responsibility and liability for the actions of your Business Associates (BAs) and their vendors. You are liable for their actions and omissions. It’s the law, and penalties for lax oversight are steep.

If you’re a BA or a vendor working with a healthcare CE, your liability also extends to the actions and omissions of your vendors and subcontractors. Don’t risk facing a tornado of costly penalties, and potential criminal prosecution with little warning.

BA/Vendor Monitoring that differentiates!

  • Since we’re first to market, Integrity Manager is the only RSC tool that scales over an organization and its business associates
  • Easily manage dozens, hundreds, or thousands of BAs and Vendors from one location.
  • Snapshot knowledge via intuitive dashboards & reports.
  • Detailed audit trails and logs, including detailed reports.
  • Allows for all downstream vendors and secondary business associates to get tracked and monitored.
  • Gives security against millions of dollars’ worth of fines from negligence by Business Associates and Vendors.

Sanctions Monitoring

A comprehensive automated suite to check for sanctions of Business Associates’ /Vendors / Individuals and Regulatory compliance and Risk Assessments

Checks for sanctions of Business Associates / Vendors / Employees / Contract Employees – Effective checks against 41 databases.


Healthcare organizations cannot do business with excluded or sanctioned individuals or entities. The OIG has the authority to enforce exclusions against individuals or entities across all States under the Affordable Care Act. An individual or entity excluded in one State is not permitted to participate in federal healthcare funds in all other States.

Any organization that hires excluded individuals or entities are liable for civil monetary penalties.

In order to identify sanctioned entities, a health care organization may manually search through a litany of Federal and State databases.  Integrity Manager, powered by proprietary algorithms, provides an automated comprehensive and continuous search for excluded individuals or identities across 41 Federal and State databases. This search is quick, accurate, and provides a summary for corrective action.

Integrity Manager Enables You To:

  • Automate exclusions checking of your vendors against all available exclusion lists
  • Self-disclose and notify the OIG of any compliance violations
  • Maintain a comprehensive audit trail  of compliance conformity
  • Avoid penalty of  $10,000 per each item claimed or services provided by an excluded vendor
  • Mitigate Treble damage (3 times the amounts claimed to CMS for reimbursement) from doing business with excluded vendors
  • Avoid program exclusion of your organization, and the possible loss of right to bill CMS for services rendered
  • Mitigate additional fines for filing false claims under False Claims Act (Penalties up to $11,000 per claim, and possible placement in a Corporate Integrity Agreement with the OIG)
  • Prevent personal criminal fines and/or jail time

Aegify Consolidated Exclusions Database Includes:

  1. List of excluded Individual & Entities (LEIE)
  2. System for Award Management (SAM)
  3. Office of Foreign Assets Control (OFAC)
  4. Alabama Medicaid Suspended Providers
  5. Alaska Department of Health and Social Services Excluded Provider List
  6. Arizona Health Care Cost Containment System Excluded Providers
  7. California Department of Health Care Services Suspended and Ineligible Provider List
  8. Connecticut Department of Social Services Administrative Actions List
  9. District of Columbia Excluded Parties List
  10. Florida Agency for Health Care Administration Medicaid Sanctioned Providers
  11. Georgia Department of Administrative Services Suspended and Debarred Suppliers
  12. Georgia Office of Inspector General Exclusions List
  13. Hawaii Med-Quest Excluded Providers
  14. Illinois Healthcare and Family Services Office of Inspector General Provider Sanctions
  15. Kansas Department of Health and Environment Terminated Provider List
  16. Kentucky Cabinet for Health and Family Services Medicaid Terminated and Excluded Provider List
  17. Louisiana Department of Health & Hospitals Adverse Actions List
  18. Maine Office of the Department of Health and Human Services MaineCare Excluded Providers
  19. Maryland of Health and Mental Hygiene MMA Providers & Other Entities Sanctioned List
  20. Massachusetts Health and Human Services List of Suspended or Excluded MassHealth Providers
  21. Michigan Department of Community Health List of Sanctioned Providers
  22. Minnesota Department of Human Services Excluded Provider Lists
  23. Mississippi Division of Medicaid Sanctioned Provider List /a>
  24. Missouri Department of Social Services Medicaid List of Terminated Providers
  25. Montana of Public Health and Human Services Excluded or Terminated Medicaid Enrolment
  26. Nebraska Department of Health and Human Services
  27. Nevada Department of Health and Human Services Excluded/Sanctioned Providers
  28. New Jersey Office of the State Comptroller Consolidated Debarment Report
  29. New York Office of the Medicaid Inspector General List of Exclusions
  30. North Carolina Health and Human Services State Excluded Provider List
  31. North Dakota Department of Human Services Provider Exclusion List
  32. Ohio Department of Medicaid Provider Exclusion and Suspension List
  33. Pennsylvania Department of Human Services Medicheck Precluded Providers List
  34. South Carolina Department of Health and Human Services Excluded Providers List
  35. Tennessee TennCare Terminated Providers List
  36. Texas Health and Human Services Commission Office of the Inspector General Exclusions
  37. West Virginia Medicaid Provider Sanctioned/Exclusion List
  38. Wyoming Department of Health Provider Exclusion List

Employee Monitoring

No industry across the globe can survive without being compliant to some regulation or standard. Specifically, healthcare compliance has made significant advances in improving healthcare, including cracking down on fraud and abuse.

Monitoring employees’ license and certification status is a compelling requirement for health care organizations and is a daunting task to deal with manually. And if a medical officer needs to practice in another State, a fresh licence has to be obtained. The implications could become serious, if healthcare organizations fail to detect licensing requirements and renewal dates. Failing to monitor employees’ licenses could result in an organization falling out of compliance with regulators, and ending up with liabilities by penalties and fines.

In the United States, a big budget item is Healthcare spending. With approximately 20 million people working in healthcare providing services, unfortunately, fraud and abuse in healthcare reaches billions per year. Initially, enforcement placed a major focus on pre-hire eligibility.

Now, with billions of dollars in fraud occurring, enforcement has begun placing a larger focus on monitoring employees beyond the initial hire. This effort addresses a gap in communication, where employees could get hired before a previous fraud has been reported.

In protecting themselves against employing unlicensed or sanctioned individuals, leading health care organizations and hospitals are moving away from manually monitoring license renewals to more technology enabled solutions. The forward-thinking leading organizations are starting to adopt automated and integrated medical license monitoring solutions. These solutions provide continual coverage throughout the year, cut down on labor and help organizations maintain compliance.

Integrity Manager provides one stop check on all these. With access to extensive databases, Integrity Manager quickly scans and presents the exceptions/exclusions/employee checks.