How to Add Exclusion Screening to Vendor Onboarding

Where screening fits in the packet

Standard healthcare vendor onboarding collects W-9, COI, BAA for PHI vendors, and contracts. Exclusion screening should run in parallel — not after go-live. Billing vendors, labs, therapy companies, and software with claims access are Tier 1 and should not receive credentials until screening clears.

Define tiers by vendor type

Not every office supply vendor needs monthly OIG checks. Tier vendors by federal program touchpoint.

• Tier 1 — claims, PHI, clinical services: full OIG, state, SAM, OFAC before access
• Tier 2 — facilities with site access: OIG + COI, annual or quarterly re-screen
• Tier 3 — administrative, no patient contact: risk assessment documented annually

System gates that enforce policy

Policy without system holds fails under volume. Configure ERP, vendor master, and identity tools to block new vendors in 'pending compliance' status. AP should not be able to issue a check to a vendor without a completed screening record.

Owners and SLAs

Compliance or procurement typically owns screening; AP owns payment block. Set an SLA — for example, screening completes within two business days of vendor request — so clinical projects are not delayed by unclear ownership.

Set re-screening at intake

When you onboard, schedule the next OIG and state check — do not wait until someone asks at audit time. The vendor record should show onboarding check plus every subsequent re-screen in one timeline.

Tie to the vendor compliance checklist

Use one checklist for W-9, COI, exclusions, and contracts so nothing slips through because different teams own different attachments. Export the complete packet when legal or a payer requests vendor due diligence.