[Federal Register Volume 66, Number 29 (Monday, February 12, 2001)]
[Notices]
[Pages 9865-9868]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 01-3419]


-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

Office of Inspector General


Privacy Act of 1974; Amendment to the Health Care Program 
Violations System of Records

AGENCY: Office of Inspector General (OIG), HHS.

ACTION: Notice and comment period.

-----------------------------------------------------------------------

SUMMARY: In accordance with the provisions of the Privacy Act of 1974, 
the Office of Inspector General (OIG) is amending an existing system of 
records, entitled ``Health Care Program Violations.'' This system of 
records maintains certain health care sanction records for the purpose 
of making sanction decisions publically available. In order to assure 
the proper identification of sanctioned individuals, we are amending 
the category of records maintained in the system to include individual 
Social Security numbers (SSNs). The purpose of maintaining SSNs is to 
provide another field of identification which may be entered by those 
querying the system; these SSNs will not be accessible by users of the 
system. In addition, in the future, entities listed in the system will 
be able to be queried by their Employer Identification number (EIN).
    This notice also makes other amendments to the system of records 
that include more specifically describing the categories of individuals 
covered by the system; adding a routine use for disclosure of 
information as required by the Federal Acquisition Streamlining Act of 
1994; revising the routine use for disclosure of information in the 
event of litigation; and explaining the method of retrievability for 
electronic records. Additional minor technical changes include revising 
the period of record retention for paper records; adding a retention 
period for electronic records; and changing the point of contact for 
the record notification procedure.

DATES: Effective date: This revision will become effective, without 
further notice, on March 29, 2001, unless comments received on or 
before that date result in a contrary determination.
    Comment date: Comments on this revision will be considered if we 
receive them at the address provided below no later than 5 p.m. on 
March 14, 2001.

ADDRESSES: Please mail or deliver written comments to the following 
address: Office of Inspector General, Department of Health and Human 
Services, Attention: OIG-52-N, Room 5246, Cohen Building, 330 
Independence Avenue, SW., Washington, DC 20201.
    We do not accept comments by facsimile (FAX) transmission. In 
commenting, please refer to file code OIG-52-N. Comments received 
timely will be available for public inspection as they are received, 
generally beginning approximately 3 weeks after publication of a 
document, in Room 5541 of the Office of Inspector General at 330 
Independence Avenue, SW., Washington, DC, on Monday through Friday of 
each week from 8 a.m. to 4:30 p.m.

FOR FURTHER INFORMATION CONTACT: Joel Schaer, OIG Regulations Officer, 
(202) 619-0089.

SUPPLEMENTARY INFORMATION:

I. Background

A. The Federal Health Care Program Violations System of Records

    Under current law, individuals and entities must be excluded from 
participation in Federal health care programs in accordance with 
section 1128 of the Social Security Act (42 U.S.C. 1320a-7) for certain 
types of convictions, and may be excluded for other reasons, including 
licensure board actions, other Federal or State agency actions, and 
quality of care violations. In conjunction with this authority, the 
``Health Care Program Violations'' system of records, maintained by the 
OIG, serves as a source of public information on all individuals or 
entities excluded from Federal health care programs. This system of 
records also provides the organizations responsible for licensing, 
certifying or otherwise approving the health-related activities of 
individuals and entities with the information they may need to make 
decisions. The system of records also allows health care employers to 
check on the exclusion status of new and current employees and 
contractors. This is of particular importance to hospitals and other 
health care entities, which are subject to civil money penalties, as 
authorized by Public Law 105-33, for hiring or contracting with 
excluded individuals and entities. Finally, the system of records 
serves as a fraud deterrent by virtue of public knowledge of its very 
existence, and provides the OIG with a means of analyzing trends and 
impact in fraud and abuse detection and enforcement.
    Procedural information regarding the ``Health Care Program 
Violations'' system of records was last published in the Federal 
Register on August 26, 1982 (47 FR 37693).

[[Page 9866]]

B. Content of, and Querying, the Records System

    Information from paper case files, found in the Civil and 
Administrative Investigative Files of the Inspector General system of 
records (47 FR 43099, September 30, 1982), is extracted and compiled 
into a master List of Excluded Individuals/Entities (LEIE). This list 
contains the Social Security numbers (SSNs) of most individuals 
excluded from participation in Federal health care programs by the OIG. 
The SSNs are not published on the LEIE and are not accessible to the 
general public. In the near future, the list will also contain the EINs 
of entities excluded by the OIG from participation in the Federal 
health care programs.\1\
---------------------------------------------------------------------------

    \1\ Some individuals may also be referenced by EINs in addition 
to their SSN.
---------------------------------------------------------------------------

    The LEIE is transmitted and made available electronically to other 
Federal agencies and organizations that are required by law to take 
action based upon the exclusions imposed by the OIG. In addition, the 
LEIE is available to the general public on the OIG's web site at http://www.dhhs.gov/progorg/oig. The on-line searchable database allows users 
to obtain information regarding excluded individuals and entities 
sorted by:
     The legal bases for the exclusion;
     The types of individuals and entities excluded by the OIG; 
and
     The States where excluded individuals reside or entities 
do business at the time of their exclusions.
    Users may also query the database in order to ascertain whether a 
particular individual or entity is currently excluded from program 
participation by submitting the pertinent information regarding the 
subject. Users may have the data sorted by name, profession or 
specialty, city, state, zip code or sanction type. Users may input 
information in any of these fields and will receive a list of currently 
excluded individuals and entities which meet the criteria entered.

II. Amendment to the System of Records

    The following summarizes the major changes being proposed:

A. Categories of Records in the System

    This amendment to the system of records will include individual 
SSNs and EINs within the category of records in the Health Care Program 
Violations system as another field of identification. The OIG has 
received numerous comments from users of the LEIE that those querying 
the system should be able to input the SSN of an excluded individual as 
part of their search. The commenters believe inclusion of this 
additional search field is necessary to produce more reliable 
identification on the query match, and to ensure that no individuals 
are erroneously determined to be excluded because of the inability to 
get accurate information. In many cases, the queries are being received 
from health care providers who are considering hiring or contracting 
with an individual or entity and want to know if that particular 
individual or entity is excluded. As such, these health care providers 
already have the SSN of a particular individual.
    The purpose of including individual SSNs (and EINs, if applicable) 
in this system is to allow individuals querying the LEIE to use SSNs 
and EINs as specific search fields. However, the SSNs maintained in the 
system will not be accessible by those using an SSN for identification. 
The OIG will include fields where a user may input SSN or EIN 
information. The individual SSNs or EINs will not be retrievable 
through the LEIE. In order to use the SSN or EIN search field, the 
individual entering the query must have the full name and the 9 digits 
of an individual's SSN. The query will either affirm a match or state 
that no match exists; the LEIE will not verify the SSN or EIN. It is 
ultimately the recipient's responsibility to verify the information 
before using it as the basis for any formal action.

B. Categories of Individuals Covered by the System

    The current description of the individuals covered by this system 
is being revised to more specifically describe the categories of 
providers, contractors, grantees and other individuals that are now in 
the system of records. This revised description more accurately 
reflects the categories of individuals, permitting retrieval of 
information on some additional key individuals who are not described in 
the current outdated description. In addition, the revised description 
brings this systems notice into conformity with the categories of 
sanctioned individuals covered in the Civil and Administrative Files of 
the OIG system of records.

C. Routine Uses

    In the system of records, under ``Routine Use,'' a new paragraph 
1.d. is being added to provide for disclosures required by the Federal 
Acquisition Streamlining Act of 1994, Public Law 103-355. The 
disclosures set forth under this routine use provide the information 
necessary for other Federal agencies and their agents to enforce 
debarments, suspensions and exclusions, as required by law. This 
routine use provision provides essential information to other Federal 
agencies with respect to individuals and entities barred from 
participating in Federal procurement and non-procurement programs or 
activities.
    In addition, paragraph 3 under ``Routine Use'' is revised to 
outline the necessary disclosures made in the course of litigation 
involving the Department, its employees, or the United States. It is 
essentially the same type of disclosure provision found in most Federal 
systems of records and is necessary to the effective administration of 
justice in such proceedings. In addition, this revision brings this 
systems notice into conformity with the similar routine use used in the 
Civil and Administrative Investigative Files of the OIG system of 
records.

D. Retrievability

    The method for retrieving records is expanded to include both paper 
and electronic records, including a revised list of the types of 
information that can be used to retrieve the records. This revision 
also sets forth instructions on how to indirectly access the database 
on public records through the Internet; this information was absent 
from the existing outdated description.

E. Other Minor Revisions

    Other minor changes are also being made to clarify certain 
provisions and bring the system of records notice into conformity with 
organizational, legislative and policy changes. They include:
     Records Retention--The retention period for paper records 
is being expanded from 5 years to 6 years to bring it into conformity 
with the retention period established for records of OIG by the 
National Archives and Records Administration. In addition, the 
retention period for electronic records is included.
     Notification Procedure--The notification procedure is 
revised to provide a point of contact for media inquiries and a new 
point of contact for written notification requests. Information on how 
to request records electronically is also included.

    Dated: February 2, 2001.
Michael F. Mangano,
Acting Inspector General.
HHS\OS\OIG 09-90-0101

System name:
    Health Care Program Violations.

Security classification:
    None.

[[Page 9867]]

System location:
    This system is located in the Office of Inspector General, 
Department of Health and Human Services, 330 Independence Avenue, SW., 
Washington, DC 20201. The database for this system, known as the List 
of Excluded Individuals/Entities (LEIE), is on a local area network in 
the Wilber H. Cohen Building, 330 Independence Avenue, SW., Washington, 
D.C. The system is operated by the Office of Inspector General.

Categories of individuals and entities covered by the system:
    Individuals and entities covered by this system are employees and 
former employees, HHS grantees, contractors, sub-contractors and their 
employees; employees of State agencies and Medicare carriers and 
intermediaries; Medicare and Medicaid providers; recipients under 
programs administered or funded by the Federal and State programs; and 
others involved in health care. It includes individuals and entities 
who have been excluded from participation in the Medicare, Medicaid, 
and all Federal health care programs as defined in section 1128B(f) of 
the Social Security Act. The individuals would include physicians, 
nurses, pharmacists, dentists, therapists, suppliers and private 
citizens receiving Federal payments for the furnishing of items or 
services covered by any Federal or private program.

Categories of records in the system:
    The Health Care Program Violations System contains public 
information on individuals and entities which have been excluded from 
participation in the Medicare, Medicaid, and all other Federal health 
care programs (after August 1997, in accordance with Pub. L. 105-33), 
including names, publicly available Social Security numbers, individual 
Social Security numbers (and Employer Identification numbers, if 
applicable), aliases and ``doing-business-as,'' addresses, and other 
available unique identifiers related to fraud, waste and abuse; 
occupations and specialties, and institutional affiliations; type and 
date of exclusion.

Authority for maintenance of the system:
    5 U.S.C. App. 3.

Purposes:
    The Health Care Program Violations System is used to protect 
program beneficiaries and to reduce fraud and abuse in Federal health 
care programs by providing a clearinghouse of public information on 
individuals and entities excluded from health care programs.

Routine uses of records maintained in the system, including categories 
of users and purposes of such uses:
    1. Information maintained by this system may be disclosed, as a 
routine use, to Federal, State, local, public and private agencies and 
organizations, as follows:
    a. Agencies or organizations which reimburse or regulate 
individuals or entities with respect to the furnishing of health-
related services or items.
    b. Agencies or organizations which license, certify, or otherwise 
regulate the health-related activities of individuals and entities 
which provide health care services or items, to alert them to possibly 
disqualifying actions, practices or conditions.
    c. Agencies or organizations charged with investigating or 
prosecuting possible violations indicated in items a and b.
    d. Agencies and their agents or representatives enforcing 
debarments, suspensions and exclusions under the Federal Acquisition 
Streamlining Act of 1994.
    e. Upon written request, agencies and/or their contractors or 
organizations seeking information in connection with the hiring or 
retention of an employee, the issuance of a security clearance, the 
reporting of an investigation of an employee, the awarding of a 
contract, or the issuance of a license, grant or other benefit by the 
requesting agency, to the extent that the record is relevant and 
necessary to the requesting agency's decision on the matter.
    f. Professional and business organizations concerned with standards 
and conduct of individuals and entities engaged in providing health 
care items and services.
    g. Scholars or other researchers investigating trends and 
characteristics in the health care field.
    2. Disclosure may be made to a Congressional office from the record 
of an individual or entity in response to an inquiry from the 
Congressional office made at the request of that individual or entity.
    3. In the event of litigation, information from the system of 
records may be disclosed to the Department of Justice, to a judicial or 
administrative tribunal, opposing counsel, and witnesses, in the course 
of proceedings involving HHS, any HHS employee (where the matter 
pertains to the employee's official duties), or the United States, or 
any agency thereof where the litigation is likely to affect HHS, or HHS 
is a party or has an interest in the litigation and the use of the 
information is relevant and necessary to the litigation.

Policies and practices for storing, retrieving, revealing, retaining, 
and disposing of records in the system:
Storage:
    Paper records, which includes program exclusion case files, are 
kept in files and file folders. Electronic records are stored on hard 
or floppy disks and tapes.

Retrievability:
    The agency retrieves records from files indexed alphabetically by 
geographic region. Both paper records and electronic records are 
retrievable by agency-assigned internal case control numbers, name, 
personal identifier fields such as date of birth, UPIN, Social Security 
or Employer Identification number, address, specialty/occupation, 
program violated, date of exclusion, and type of exclusion.
    Indirect access to the database on public records fields is 
available to the general public on the OIG's Internet site (http://www.dhhs.gov/progorg/oig).

Safeguards:
    Paper records are stored in secured cabinets behind a locked door 
with access limited to authorized personnel. Computer based records are 
available only to authorized users and are safeguarded in accordance 
with the provisions of the National Bureau of Standards Federal 
Information Processing Standards 41 and 31, and the HHS Information 
Processing Standards, HHS ADP Systems Manual, Part 6, ``ADP Systems 
Security.'' All computer tapes are password protected prohibiting 
unauthorized access.

Retention and disposal:
    The OIG maintains the hardcopy records and files for one year, 
after which they are transferred to the Federal Records Center for an 
additional 5 years. The electronic records system is maintained for an 
indefinite period of time.

System manager(s) and address:
    The Systems Manager is an employee of Office of Investigations, 
Office of Inspector General, Department of Health and Human Services, 
330 Independence Avenue, SW., Washington, DC 20201. The OIG web site is 
managed by the Office of Information Technology, Office of Inspector 
General, at this same address.

Notification Procedure:
    An individual who wishes to be notified whether the system contains 
a record should make a request electronically to the OIG web site at 
http://www.dhhs.gov/progorg/oig.

[[Page 9868]]

Media inquiries should be directed to the HHS/OIG External Affairs 
Office, 330 Independence Avenue, SW., Washington, DC 20201. Requests 
for written documentation should be submitted in writing, together with 
a printout from the OIG web site identifying the individual or entity, 
to the Office of Investigations, Health Care Administrative Sanctions, 
Room N2-01-26, 7500 Security Boulevard, Baltimore, MD 21244-1850.

Record access procedure:
    Same as notification procedure.

Contesting record procedures:
    An individual who wishes to contest the record procedures should 
contact the Office of Health Care Administrative Sanctions, Office of 
Investigations, Office of Inspector General, Department of Health and 
Human Services, Room N2-01-26, 7500 Security Boulevard, Baltimore, MD 
21244-1850. The individual or entity should reasonably identify the 
record and specify the information to be contested, the corrective 
action sought and the reasons for the correction, with supporting 
documentation.

Record source categories:
    The sources are Government and private agencies and organizations.

Systems exempted from certain provisions of the Act:
    None.

[FR Doc. 01-3419 Filed 2-9-01; 8:45 am]
BILLING CODE 4152-01-P