A recap of a joint Universal Background Screening & Verisys webinar

The headlines keep coming.

Another healthcare organization fined for employing an excluded provider. A health plan forced to repay millions for claims tied to a sanctioned clinician. A large system struggling to maintain accreditation after auditors uncover serious compliance gaps in workforce screening.

If you work in healthcare HR, compliance, credentialing, or talent acquisition, you already know the pressure. The scrutiny from regulators, accreditors, and payers has intensified, and the margin for error has narrowed. What makes this harder is the uncomfortable reality underneath: many of these failures trace back to the same root problem. Organizations built their compliance strategy around a one-time check at hire and periodic re-screens, and that model no longer fits today’s risk environment.

To dig into what a more resilient approach actually looks like, Universal Background Screening (UBS) and our partner Verisys co-hosted a webinar on “Closing the Hidden Compliance Gaps in Healthcare Screening.” Susan Horn, Senior Vice President of Sales at UBS, and Nicole Berryman, Senior Vice President of Growth and Partnerships at Verisys, walked through where traditional programs break down and how leading organizations are building something better.

This article tells that story: why “background check at hire” is no longer sufficient, the five most dangerous gaps hiding inside standard screening programs, and how UBS and Verisys together help healthcare organizations move from reactive compliance to proactive, continuous workforce risk management.

Why Healthcare Screening Needs a Rethink

The webinar opened on familiar ground. Regulatory scrutiny is increasing across the board. More audits and enforcement actions are landing. CMS, The Joint Commission, NCQA, and URAC are raising expectations. Workforces have grown more complex, blending employees, contractors, telehealth providers, locum tenens clinicians, and extended vendor relationships. And there is a mounting recognition across the industry that, as Susan put it plainly, risk does not stop at hire.

Yet many organizations remain anchored to a legacy model: run a criminal background check, verify the license, check federal exclusion lists like OIG and SAM, and treat a clean report at onboarding as long-term compliance. It is a comforting framework, and it creates real exposure.

“Background checks are just a snapshot in time,” Susan explained during the webinar. “The moment the report is complete, the picture can change.”

She illustrated this with an analogy from her own life. Her husband runs a home inspection company. When buyers hire him before closing on a house, he walks the property, tests the systems, and delivers a thorough report. He also reminds every client that the report is valid for that single moment. The day after he leaves, a pipe can burst or an appliance can fail. Healthcare screening works the same way. People change roles, relocate, experience personal or financial stress, accrue criminal charges, draw board attention, or become sanctioned long after the initial background check clears.

The question is not whether conditions will change. The question is whether your program is built to catch it when they do.

Who’s Involved: UBS and Verisys

Before getting into the risk itself, Susan and Nicole grounded the audience in who both organizations are and why they work together.

Universal Background Screening has spent more than 50 years serving organizations in highly regulated markets, with more than 86% of its client base in those environments. UBS is PBSA accredited, follows Joint Commission standards, and holds SOC 2 certification. The company has been named the #1 Enterprise Background Screening Firm by HRO Today for 14 consecutive years, a distinction built on a combination of compliance rigor and what the company calls “white-glove” service: clients are assigned dedicated account teams who understand their specific screening programs, not generic support queues.

UBS’s healthcare-specific background screening programs are designed for hospitals and health systems, long-term care and assisted living facilities, behavioral health and specialty clinics, healthcare staffing and locum tenens firms, and home health and hospice providers. The programs cover criminal background checks at the county, state, and federal levels, professional license and certification verification from primary sources, sanctions and exclusions screening, employment and education verification, and drug and alcohol testing for safety-sensitive roles. Importantly, UBS programs are built to support accreditation requirements from The Joint Commission, OIG exclusion standards, and HIPAA-aligned data handling.

What distinguishes UBS in a crowded market is program design. Rather than off-the-shelf packages, UBS consultants work with HR, compliance, and credentialing teams to design screening workflows around actual role risk profiles, hiring volumes, and regulatory requirements. The result is a program that can stand up to an audit, not just check a box.

Backing this is a technology infrastructure that integrates with dozens of leading ATS and HRIS platforms, making it possible to bring background screening into existing hiring workflows rather than layering on a separate system.

Verisys is an organization that many know for credentialing but whose reach goes considerably further. They operate one of the largest credentialing verification organizations (CVOs) in the country while simultaneously running one of the largest healthcare data and monitoring platforms. Verisys serves providers including health systems, behavioral and mental health organizations, telehealth platforms, and occupational care; payers including Molina, Kaiser, and Blue Cross Blue Shield; pharmaceutical and pharmacy companies; and healthcare technology platforms including EMR/EHR systems and background screeners like UBS.

Verisys holds URAC and NCQA accreditations, follows Joint Commission standards, and maintains SOC 2 and HITRUST certifications. At the center of their data offering is Basis®, a healthcare sanctions and exclusions solution that draws from more than 5,600 primary sources, reaching well beyond OIG and SAM to provide a far more complete view of provider risk.

Together, UBS and Verisys operate as complementary parts of a modern compliance infrastructure: UBS provides the platform, workflows, and screening expertise while Verisys provides the data and continuous monitoring that fills the blind spots in standard programs.

The Five Gaps Hiding Inside Standard Programs

After the introductions, Susan turned to where most healthcare screening programs quietly fail. On paper, the workflows look solid: identity verification, Social Security and address tracing, county or state criminal checks, OIG and SAM exclusion checks, and license and credential verification. Beneath that surface, however, five gaps consistently expose organizations to risk.

To bring those gaps to life, Nicole shared a real case study that reads, in many ways, as a worst-case illustration of what happens when all five gaps exist simultaneously.

The Multi-Alias Nurse: A Case Study in Exploited Gaps

Nicole described a licensed nurse who, over time, became associated with seven fake Social Security numbers and more than 20 aliases, working across six different states in nursing and rehabilitation facilities. Her pattern was consistent. She would be hired under one identity, engage in fraud, theft of medication or equipment, or patient abuse, and when trouble surfaced, she would move on to another state with a variation of her name. Despite multiple incidents and red flags, she continued working in direct patient care.

She was not caught through typical healthcare screening. A routine traffic stop led officers to search her trunk, where they found multiple fake IDs, stolen medications listed under various names, and stolen medical equipment. Only then were investigators able to piece together the full scope of her activity across states and identities.

The case is dramatic, but he mechanics it illustrates are not unusual at all.

Gap 1: The Name Matching Gap

Names are more fluid than organizations sometimes acknowledge. Maiden versus married names, nicknames and abbreviations, multiple middle names, alternative spellings, data entry errors at the court clerk level, and in some cases, entirely fabricated identities all create opportunities for risk to slip through standard matching logic.

Not all screening providers treat aliases and name variations consistently. Some search only the primary name submitted unless aliases are explicitly specified in the package. Others cap the number of aliases they process or apply them to criminal checks but not to sanctions searches or healthcare-specific databases. Any of these inconsistencies creates a dangerous blind spot: a criminal record under a maiden name, a sanction tied to a prior identity, a variation entered incorrectly in a state database.

Modern best practice requires more than collecting a list of aliases. It means combining name, date of birth, and Social Security number as identifiers, applying fuzzy and Boolean logic to account for reasonable variations, and ensuring that all known aliases are run across every relevant search, not just a selected few.

UBS addresses this through its Social Security Address and Alias Trace service, which generates a comprehensive picture of names and locations associated with a given SSN. This feeds into downstream searches so that alias coverage is systematic rather than dependent on what a candidate self-discloses.

Gap 2: The Single Source Gap

In healthcare, sanctions, exclusions, and disciplinary actions can originate at the state level, the federal level, and the board level. Yet it is still common for organizations to rely primarily or exclusively on OIG and SAM for exclusions, treating those two lists as sufficient coverage.

Standard-setting bodies including NCQA, URAC, The Joint Commission, and CMS increasingly expect multi-source checking and primary-source awareness. A single federal list captures only what has been reported to that list, and reporting timelines vary widely.

Verisys’s Basis solution was built directly to address this gap. Drawing from more than 5,600 primary sources across state boards, federal agencies, and other authoritative records, Basis gives organizations a materially more complete picture of provider risk. When clients run side-by-side comparisons between OIG and SAM-only checks and a Basis-powered search, they routinely find roughly 40% more data, including earlier indicators of risk that would otherwise remain invisible until they surface in a sanction or exclusion listing months later.

Gap 3: The Cross-State Reporting Gap

Healthcare professionals are mobile. They relocate, take travel assignments, hold licenses in multiple states, and split time across jurisdictions. States, however, do not reliably share data with each other, and reporting mechanisms tend to be slow and siloed.

Nicole walked through a scenario that plays out more often than it should. A nurse works in Pennsylvania, is arrested for stealing medication and abusing patients, and faces a case that will not reach final adjudication for 90 to 120 days given court backlogs. Before that process concludes, the nurse moves to Georgia. From a Georgia employer’s perspective, there is nothing actionable yet in the records because nothing has formally resolved.

Without cross-state criminal searches and an awareness of all licenses an individual has ever held, organizations can be blindsided by issues that started and escalated in a different jurisdiction entirely. Best practice involves checking all states where an individual has lived, worked, or studied, and identifying and verifying every license the person has held throughout their career. Many licensed professionals accumulate three or more licenses over the course of their careers, and a screening program designed around only the current, active license leaves the history largely unexamined.

UBS’s statewide criminal searches and multi-state court research capabilities, combined with professional license verification that covers all known credentials rather than just the most recent one, are designed to close this geographic blind spot.

Gap 4: The Timeline Gap

Even when organizations search broadly and across state lines, there is another vulnerability: the gap between when something happens and when it appears in the records you are checking.

Every system in the compliance ecosystem runs on its own clock. Boards may initially flag an issue in meeting minutes before any formal action is taken. Court cases can be backed up for months before an arrest becomes a conviction. State systems may lag in pushing updates to the federal level. Federal lists may not reflect a sanction until months or even years after the triggering event.

Nicole put this in concrete terms. Imagine a Board-Certified Plastic Surgeon who receives a DUI today. The board sees it first and documents it in meeting minutes. The surgeon disputes the charge and is told the criminal courts will decide. The court date is set for 90 days out, and the surgeon requests a full trial, adding further delay. From the DUI to a final conviction, and then through each layer of reporting to state and federal databases, the process can take the better part of a year or more. During that entire window, her license may remain active, and a standard check may show nothing out of order.

The only way to compress that blind spot is to incorporate data that captures leading indicators before final adjudications land on federal lists. Verisys’s Basis solution is designed specifically for this, drawing from board-level data and meeting minutes in addition to final action records, which means earlier and more actionable visibility.

Gap 5: The Continuous Monitoring Gap

The final gap is the most structural: how often an organization looks.

Many healthcare organizations still operate on a periodic model. A background check runs at hire, followed by annual, biannual, or perhaps quarterly re-screens, with an implicit assumption of safety in between. The problem is that risk does not wait for scheduled cycles.

Payer contracts often require at least quarterly sanctions and exclusions checks on licensed and unlicensed individuals. That is the regulatory floor. But consider what happens between quarters. If a nurse is excluded in February, the last check ran in January, and the next scheduled check is in April, that is a three-month window during which the nurse could be seeing patients, generating Medicare or Medicaid claims, and exposing the organization to fines, repayment demands, or program exclusion.

The recommendation from both Susan and Nicole was clear: use periodic checks as the foundation, then enroll the post-hire population into real-time continuous monitoring. In practice, that means a background check at hire or credentialing event followed by ongoing monitoring for sanctions, exclusions, license status changes including suspension, revocation, expiration, and disciplinary actions, for both licensed and unlicensed individuals.

UBS’s employee re-screening and continuous monitoring programs are built around exactly this model. The platform compares updated results against the original background check, flags discrepancies for review, and queues follow-up orders when needed, all without requiring manual management of individual re-screen schedules. The cost of ongoing monitoring is modest relative to the financial and reputational consequences of a single missed sanction.

Rethinking OIG and SAM

During the Q&A portion of the webinar, an attendee raised a question nearly every healthcare compliance team wrestles with: how should we think about OIG and SAM versus a broader monitoring solution?

Historically, checking OIG and SAM was the baseline expectation for organizations billing Medicare or Medicaid. You had to at minimum confirm you were not employing someone on those lists. That baseline has not disappeared, but it has become insufficient.

As Nicole explained, if your organization is aligned with NCQA, URAC, The Joint Commission, or CMS quality programs, OIG and SAM alone no longer meet the bar. Broader solutions like Basis pull from thousands of primary sources, deliver earlier visibility, and return significantly more data in head-to-head comparisons. Nicole encouraged organizations to run a side-by-side test rather than taking it on faith: compare your current OIG and SAM checks against a broader solution and see what additional risk indicators appear and how much earlier they surface.

Once organizations see that difference, it becomes harder to defend a strategy that stops at two federal lists.

A Framework for Self-Assessment: Good, Better, Best

Nicole offered a simple three-level framework that healthcare organizations can use to evaluate where their program currently stands.

At the Good level, organizations are meeting regulatory minimums: running OIG and SAM checks periodically and conducting a standard background check at hire. This is where many organizations still operate, and it was sufficient a decade ago.

At the Better level, programs align with accreditation standards from NCQA, URAC, The Joint Commission, and CMS. Organizations at this level go beyond single sources, incorporating state, federal, and board-level checks into their standard workflows.

At the Best level, programs are primary-source-driven and continuously monitored. Name matching is rigorous and alias-aware. Data comes from multiple source layers. Timeline gaps are addressed through board-level data and early indicators rather than waiting for final adjudications. And the entire post-hire population is enrolled in real-time continuous monitoring rather than managed through scheduled point-in-time checks.

The question Susan and Nicole posed to the audience was direct: Where are you today, and what would it take to move to best practice?

The Question to Take Back to Your Team

As the webinar closed, Nicole offered one prompt for attendees to carry back into their organizations: What happens between the screens?

Between the background check at hire and the next re-screen. Between an initial allegation and a final conviction. Between a board’s first disciplinary session and a federal exclusion listing. For many organizations, the answer is that they simply do not see it until it surfaces as a problem.

UBS and Verisys argue that this is precisely where modern compliance programs need to evolve. Initial background checks, identity verification, and credentialing are the foundation, not the finish line. The finish line is a program that is alias-aware in its name matching, multi-source across state, federal, and board levels, cross-state and cross-license in scope, timeline-conscious through early indicators like board actions and meeting minutes, and continuously monitored rather than periodically snapshotted.

In other words, a program designed for how risk actually behaves.

Moving Forward: From Snapshot to Continuous Vigilance

Fraud, waste, and abuse in healthcare are measured in the billions. The headlines about excluded providers and missed sanctions are not random events; they are symptoms of structural gaps in legacy screening programs. And those gaps, across name matching, data sourcing, cross-state coverage, timeline awareness, and continuous monitoring, are fixable.

What is required is a deliberate shift in how organizations think about workforce compliance: from “we ran a background check at hire” to “we maintain a continuously updated view of workforce risk.”

UBS brings more than 50 years of regulated-market expertise, deep healthcare-specific program design, PBSA accreditation, and seamless ATS and HRIS integration to that goal. Verisys brings primary-source data depth through Basis and a continuous monitoring infrastructure that covers the gaps between scheduled checks. Together, they make it possible for healthcare organizations to move from good to best practice without rebuilding compliance programs from scratch.

Two easy next steps:

Talk with the UBS team about your current screening and compliance workflows. They can help you assess where gaps exist, explore integration with Verisys data and monitoring, and run side-by-side comparisons against your current program.

Watch the full webinar recording to hear Susan Horn and Nicole Berryman walk through real-world scenarios, sample workflows, and best practices, and share it with the HR, compliance, legal, and credentialing stakeholders in your organization who need to be part of this conversation.

Universal Background Screening (UBS) is a PBSA-accredited background screening provider specializing in healthcare and other highly regulated markets. Verisys is a URAC- and NCQA-accredited healthcare data and credentialing organization whose Basis® platform draws from 5,600+ primary sources for sanctions and exclusions monitoring.