When a healthcare professional clears a background check, there is a natural sense of relief. The file looks complete. The criminal history is clean. The license checks out. The hire moves forward.
That moment of clearance can also be exactly where the risk begins.
A case recently highlighted by the Professional Background Screening Association (PBSA) illustrated this in unsettling terms. A healthcare impersonator moved undetected between facilities by exploiting fragmented state reporting systems, cross-state licensing gaps, and delayed federal database updates. No single failure made it possible. It was the accumulated space between systems — the time lags, the jurisdictional seams, the assumption that a clean record at hire stays clean—that created the opening.
The case put a fine point on something compliance leaders in healthcare have known for a long time without always having the tools to fully address: a one-time background check does not equal ongoing compliance.
Healthcare Compliance Is a Lifecycle, Not a Transaction
Healthcare organizations operate under intense scrutiny from accrediting bodies including NCQA, URAC, CMS, and The Joint Commission. Workforce compliance requirements have expanded well beyond criminal history screening at hire. Today they include healthcare exclusion screening, license monitoring across all active jurisdictions, sanction and debarment checks, DEA and controlled substance oversight, continuous monitoring for adverse actions, and primary source verification of credentials, all of which need to hold up under audit and not just at onboarding.
Many organizations are still running pre-employment screening models designed for industries without these requirements. The result is predictable gaps in coverage.
In a typical multi-vendor setup, one provider handles criminal background checks, another manages drug testing, a third verifies professional licenses, and ongoing credential monitoring either falls to an internal team or gets handled inconsistently. Each vendor operates on different turnaround timelines, uses different reporting formats, and runs different dispute processes. When a Joint Commission surveyor asks for a primary source verification audit trail, the credentialing team is pulling data from three different systems and hoping the timelines align.
That model made sense when healthcare hiring was more static. Travel nurses and locum physicians now move between facilities constantly, and a license that was clean at hire can be under review by a state board within weeks. The gaps that seemed manageable before are much harder to defend today.
How the Gaps Form
Most compliance breakdowns follow a recognizable pattern. Identity validation weaknesses, including incomplete identifiers, aliases, and inconsistent name formatting, create ambiguity that bad actors can exploit. Over-reliance on a single exclusion database means that state-level disciplinary actions, often the earliest signal of a problem, go undetected until they surface in a federal system.
Federal exclusion databases commonly reflect updates more than 30 days after state licensing boards publish disciplinary actions. In healthcare, a month is not a rounding error. It is enough time for a provider to change employers, relocate across state lines, or continue treating patients while a sanction is sitting in a system that has not caught up.
Cross-state reporting fragmentation makes this worse. A provider disciplined in one state may hold active licenses in two or three others, and those boards do not automatically communicate with each other. Without continuous, multi-jurisdictional monitoring, that information never reaches the employer holding the credential.
Post-onboarding monitoring also tends to fall through the cracks. Most organizations conduct a thorough check at hire, then re-screen on an annual cycle if at all. A license can lapse, a sanction can be issued, and a malpractice payment can be recorded in the months between those scheduled reviews, with no one aware until it becomes a problem.
The Move Toward Perpetual Credentialing
Healthcare organizations are gradually moving toward what the industry calls perpetual credentialing, an always-current view of a provider’s status rather than a snapshot taken at hire and revisited once a year. The concept is not new, but the infrastructure to support it has matured considerably.
The partnership between Universal Background Screening (UBS) and Verisys was built to address this need directly.
UBS establishes the foundation at hire through multi-jurisdictional criminal history research, identity verification, OIG and GSA exclusion searches, NPDB queries, primary source license and credential verification, and drug testing. All of it runs through a single platform with dedicated account teams who understand healthcare regulatory requirements and integrate directly with the ATS and HRIS systems clients already use. UBS is PBSA-accredited, FCRA-compliant, and has been recognized as the number one enterprise background screening firm by HRO Today for 14 consecutive years.
Verisys extends that coverage beyond onboarding through FACIS 3, widely regarded as the most comprehensive healthcare exclusion and disciplinary monitoring database available. Federal databases aggregate updates on a delayed cycle. FACIS 3 pulls directly from state board meeting minutes, agency publications, and leading indicator sources including press releases and board action notices, often surfacing risk indicators days or weeks before they appear in federal systems.
FACIS 3 draws on more than 10 million sanction, exclusion, debarment, and disciplinary records across 5,600 primary sources and 2,700 actively monitored sources, covering all 56 U.S. jurisdictions including territories and more than 800 provider taxonomies. Verified accuracy holds at 99.97%, with FCRA-compliant verification and dispute processes included. Verisys currently monitors more than 15 million individuals and entities across more than 30 million total records.
The combined program closes the time lag between state board action and federal reporting, and addresses the cross-state fragmentation that allows providers to slip between jurisdictions undetected. Alerts are delivered via API, SFTP, or portal in real time, so an organization knows about a change when it happens and not at the next scheduled review.
What This Means in Practice
For hospitals, health systems, health plans, pharmacies, and regulated employers, compliance failures carry consequences that reach well beyond operational inconvenience. Financial penalties, loss of accreditation, and CMS participation risks are well-documented. Less visible is the cumulative exposure from delegated credentialing arrangements and supply chain relationships where an organization may be held accountable for the compliance posture of providers it does not directly employ.
The UBS and Verisys program supports NCQA and URAC accreditation readiness, CMS participation requirements, delegation oversight, provider credentialing and re-credentialing workflows, payment integrity programs, and facility compliance across multi-state footprints. Because the program is built on primary source verification, it produces a documented audit trail that holds up under regulatory scrutiny, not a collection of database hits but verified records tied back to the issuing authority.
For compliance and credentialing teams, that means acting on information that reflects current provider status rather than a file that was accurate six or twelve months ago.
Closing Thoughts
Healthcare compliance has always required more than a pre-employment checklist. The regulatory environment has gotten more demanding, the workforce has gotten more mobile, and the tools available to manage workforce risk have gotten more capable. Organizations that are still operating on a hire-and-hold-until-annual-review model are carrying more exposure than their programs may reflect.
Screening at hire protects a single hiring decision. Monitoring after hire protects the organization, the patients it serves, and the accreditation that makes continued operation possible.
Universal Background Screening builds that foundation. Verisys keeps it current. For healthcare organizations looking to close the gap between onboarding and ongoing compliance, the combination is worth a conversation.
To learn how UBS and Verisys can strengthen your healthcare screening and exclusion monitoring program, watch is webinar or reach out to our team.
