The National Practitioner Data Bank at 25


By Robert E. Oshel, PhD

The National Practitioner Data Bank (NPDB or Data Bank)—the nation’s leading source for verifying practitioners’ licensure, clinical privileges, disciplinary events, and malpractice payment histories—opened its doors a quarter century ago, on September 1, 1990. It now contains well over one million reports, more than 40% of which concern physicians. Other reports concern dentists, nurses, pharmacists, chiropractors, and all other types of licensed practitioners. The Data Bank’s information is rated as accurate, timely, and appropriate by almost all users, whether they are required by law to obtain Data Bank information or do so voluntarily.

Yet there is still room for improvement—specifically, the Data Bank’s reporting could be more comprehensive. Payments for employed physicians may go unreported because of the “corporate shield” reporting loophole. Similarly, some serious disciplinary matters may go unreported because licensing boards and peer reviewers craft disciplinary actions that are not reportable. Such non-reporting may benefit a practitioner in the short run, but lessen the ability of licensing and credentialing authorities to discern patterns of malpractice or improper behavior that could lead them to take actions to protect public health and safety.

A source of information for licensing and credentialing

Since its opening, the Data Bank has become the most comprehensive source of information anywhere about a healthcare practitioner’s malpractice and medical discipline record. But with a few limited exceptions, only licensing boards, hospitals, and other healthcare entities with a peer review process can access its information, and then only on a “need to know” basis. Practitioners are able to access their own records, but the information is not available to the public or others who might be interested, such as malpractice insurance companies (What is an eligible entity?, n.d.; 42 USC 11101).

Hospitals are required by law to query the Data Bank to obtain any reports it may have on all new applicants for their medical staffs. In addition, hospitals must query the Data Bank concerning all members of their medical staffs every two years (42 USC 11135) to be sure they have relatively up-to-date information on the malpractice and medical disciplinary action records of anyone holding clinical privileges. They may do this by submitting individual queries when they want to receive the information, or they may enroll practitioners on their staff in the Data Bank’s “continuous query” service, which provides copies of any new reports on a practitioner as soon as they are received (HHS, 2015, D-1–D-17).

Other authorized users (licensing boards, health maintenance organizations, managed care organizations, other providers with peer review activities, professional associations, and certain other agencies) are not required to get or use the data, but they often do.

Contents of the National Practitioner Data Bank after 25 years

The Data Bank has received legally required reports of all malpractice payments of any dollar amount for all types of licensed healthcare practitioners since it opened on September 1, 1990. Similarly, the Data Bank has received reports of all but the least serious state licensure and hospital or managed care organization and professional society peer reviewed disciplinary actions for physicians and dentists since that date. It also has licensure reports for other types of licensed healthcare practitioners for actions taken since August 1996. Further, the Data Bank has reports on HHS OIG exclusions of practitioners from participation in Medicare, Medicaid, and other federal health programs, as well as on Drug Enforcement Administration (DEA) actions limiting the authorization of practitioners to prescribe controlled substances (HHS, 2015, E-5).

As of March 31, 2015, the Data Bank contained 1,139,649 reports, 449,731 of which were for physicians (allopathic and osteopathic physicians and their respective interns and residents). Of the physician reports:1

  • 319,386 were reports of malpractice payments (71% of physician reports)
  • 95,026 were reports of state licensure disciplinary actions or modifications of such actions, including reinstatements (21.1%)
  • 19,773 were reports of hospital or other peer reviewed clinical privileges disciplinary actions affecting clinical privileges for more than 30 days or modifications of such actions, including reinstatements (4.4%)
  • 12,485 were reports of Office of Inspector General (OIG) exclusion from participation in federal healthcare programs and payment by such programs, e.g., Medicare and Medicaid or reinstatement reports related to previous exclusions (2.8%)
  • 2,082 were DEA actions concerning authorization to prescribe controlled drugs (0.5%)
  • 979 were reports of peer reviewed professional society disciplinary actions or modifications of such actions, including reinstatements (0.2%)

A total of 217,289 physicians, including interns and residents, were responsible for these reports, although some of them may no longer be practicing because of retirement or other reasons. Many had only one report, but some had dozens or even hundreds. Physicians with dozens of reports typically had them for various types of malpractice. In contrast, those with hundreds of reports typically repeated the same mistake over and over, such as prescribing tetracycline to young children, which caused lasting discoloration of their permanent teeth and could cause growth problems. The physician with the most payment reports had 251 as of March 31, 2015. Another physician had 216 reports. Six physicians had between 100 and 199 payments reported to the Data Bank. 48,180 physicians had three or more malpractice payment reports.2

It should be emphasized that about 85% of all licensed physicians had no malpractice payments at all in their records, and another 10% had only one malpractice payment. Just over 3% had two payments. This means that fewer than 2% of all physicians had three or more payments (see Footnote 2). Furthermore, only 1.8% of physicians were responsible for over half of all the money paid out for malpractice over the first 20 years of the Data Bank’s operation.

Nonphysician practitioners were responsible for most of the remaining reports in the Data Bank. 223,030 nurses and nursing-related practitioners had 398,141 reports. 43,018 dentists were responsible for 81,106 reports. 31,108 pharmacists and pharmacy assistants were responsible for 47,521 reports. 13,116 chiropractors were responsible for 21,193 reports. No other practitioner type had as many as 10,000 licensees reported (see Footnote 2).


Impact of the Data Bank

Although hospitals are required to query the Data Bank, about 76% of the Data Bank’s total of more than 4,250,000 queries a year are submitted voluntarily (mostly by health maintenance organizations and similar providers); required hospital queries account for only about 24% of queries. As of the end of 2012, more than 1,200,000 practitioner names were enrolled in the continuous query service. Just over 56.2% were enrolled by hospitals (NPDB, 2012, tables 7, 10).

The high percentage of voluntary queries to the Data Bank indicates the value placed on the information since users must pay $3.00 per queried name or $3.00 per year per name for continuous query enrollment (NPDB, n.d.). The fact that the Data Bank’s voluntary users find the information on physicians’ records useful enough to spend over $14.5 million each year to get it, strongly suggests that the information also would be valuable to individual healthcare consumers.

Further evidence of the usefulness of the Data Bank’s information came in a 2014 survey of Data Bank users conducted for HRSA. More than 95% of survey respondents found the information they received from the Data Bank to be “accurate, timely, and appropriate.” About one-third of respondents said they had received information from the Data Bank they had not obtained from any other source (NPDB, 2015). The fact that the Data Bank can provide information not found anywhere else—including physicians’ own applications, which apparently sometimes omit required disclosures—is particularly significant.

An earlier survey of Data Bank users that examined a random sample of specific query responses found that 9% of the time when users received a response from the Data Bank that included one or more reports of malpractice payments or medical disciplinary actions concerning a practitioner, they learned new information—information they had not found from any other source, including the physician’s application—that led them to make a different decision on licensing or granting privileges to the practitioner. This means that the Data Bank’s information may change about 40,000 credentialing and licensing decisions each year (NPDB, 2002, p. 11). Since the Data Bank’s information is largely negative, one can surmise that each year, about 40,000 licenses or medical staff memberships were limited or withheld because of the malpractice or medical discipline information in the Data Bank.


The Data Bank continues to be controversial among the practitioner community. The AMA has called for its abolition despite the fact that it would be in the long-term interest of the medical profession to identify and deal with miscreant and underperforming or dangerous practitioners.

In reality, “blaming the messenger” constitutes a major component of criticism of the Data Bank. The Data Bank is only a messenger for information affecting licensure or clinical privileges decisions. It becomes the messenger for this information only when applicant physicians fail to disclose the information themselves on their applications, as they are required to do. The Data Bank contains no information that applicants aren’t routinely required to disclose in their applications. In fact, it receives and discloses less information than applicants routinely are required to disclose. For example, applications typically ask for pending malpractice claims, while the Data Bank only has and only discloses information about paid claims.

It should be noted that querying entities seem to understand the Data Bank’s role as the messenger only when physicians do not respond fully on applications. Hospitals and other queriers typically do not view the fact that a physician has a Data Bank report as negative in and of itself. Only 16% in the 2014 survey rated having a report as “negative” or “very negative” (NPDB, 2015).

Physicians, on the other hand, are more prone to blame the messenger. Seventy percent of practitioners surveyed rated having a report in the Data Bank as “negative” or “very negative” (NPDB, 2015). They did so despite the fact that even when the Data Bank is a messenger bringing new information to a querier, the real problem for the practitioner, if there is one, concerns the underlying malpractice payment or medical disciplinary information and the practitioner’s lack of honest disclosure.

Needed improvements

“Blaming the messenger” is not the only component of criticism of the Data Bank. Although the Data Bank has won awards for its innovative computer system (NPDB, 2010, p. 43) and is rated highly by its users in American Customer Satisfaction Index surveys (NPDB, 2004, p. 15), there are areas that could be improved, particularly in relation to operating policies.

Reporting requirement loopholes could be corrected to ensure queriers receive complete information. The most notable loophole concerns malpractice payments. Although payments in any amount must be reported, if a payment is made for the benefit of an institution rather than a named individual physician, it is not reportable to the Data Bank. Through what is known as the “corporate shield,” institutions may prevent reporting of their employed physicians or other practitioners by making sure that malpractice claims are brought against the institution rather than the practitioner. Depending on the method used by the institutions to attempt to shield their practitioners, a report may actually be legally required, but the Data Bank has no way of knowing about these situations and enforcing the requirement. In some cases, use of the corporate shield could be considered analogous to tax avoidance, which is legal; in other cases, it more closely resembles tax evasion, which is illegal. Regardless, use of the corporate shield is contrary to the spirit of the reporting law.

There is no firm data on how extensively the corporate shield is used, but its frequency is probably growing as hospitals increasingly acquire physician practices and create arrangements in which physicians become hospital employees. As part of these arrangements, hospitals become legally responsible for the care provided by their physician employees and provide malpractice coverage for them. This makes it easy to shift claims from the reportable employed physicians to the non-reportable hospitals.

It is important to note that the federal government does not use the corporate shield to protect federally employed physicians from reporting. Although under the Federal Tort Claims Act, all malpractice actions against federally employed physicians are formally filed against the government and not the individual employees, if the standard of care was not met, the responsible practitioners are identified and reported to the Data Bank if a payment is made. This ensures that their record will be complete if they later seek to practice in a capacity other than as federal employees or if they seek new employment within the government.

As significant as the corporate shield is, it is not the ultimate malpractice reporting loophole. If a payment isn’t made, there is nothing to report. Most malpractice events do not result in a payment; the gap between the number of malpractice events and malpractice payments is increasing because of tort reform, and fewer and fewer malpracticing physicians are being reported.

A further problem is that attempts to facilitate quick settlement of malpractice cases in some states (e.g., Oregon and Massachusetts) are creating situations in which some payments, if the physician admits the error and initiates discussions toward a payment, may not be reported. This may be beneficial to that injured patient, but non-reporting could lead to more patients being harmed in the future if the physician’s pattern of malpractice is not detected because of non-reporting of payments.

Some observers also consider the fact that peer reviewed disciplinary actions affecting a physician or dentist’s clinical privileges for 30 days or less are not reported to the Data Bank to be a loophole in reporting. Others claim that minor peer reviewed disciplinary actions do not rise to the level of meriting a permanent report on a physician’s record; the law reflects this view, but the 30-day threshold creates an opportunity for abusive reporting avoidance. This issue needs further study.

Anecdotally, we know that many peer reviewed clinical privileges actions are imposed for only 29 or 30 days specifically to avoid reporting. This avoidance may be responsible for the fact that after almost a quarter-century of required reporting, about 46% of hospitals had never reported even one clinical privileges action to the Data Bank. Although simple failure to report actions may be responsible for some of this non-reporting, it is likely that the vast majority stems from imposition of non-reportable penalties. It simply is beyond belief that 46% of hospitals have never had reason to discipline a physician because of incompetence or misconduct from September 1990 through June 2012.

It is unknown how many practitioners have escaped reporting because of the corporate shield, tort and settlement reform, or the 30-day threshold. What is known is that the Data Bank is the only relatively comprehensive national source for malpractice and medical disciplinary information. There simply are no other “one-stop shop” repositories for the kinds of information reported to the Data Bank—indeed, for most of the information it contains, there are no other central repositories at all. Thus the Data Bank, even with its needed improvements, remains the key source for verified licensing and credentialing information. It is likely to continue to play a vital role in protecting the public from dangerous and miscreant physicians for years to come.

Robert Oshel served as associate director for research and disputes at the Division of Practitioner Data Banks, Health Resources and Services Administration, U.S. Department of Health and Human Services at the time of his retirement in 2008. He had served in this position for 10 years and had been with the Division of Practitioner Data Banks for 15 years. Oshel led the Division’s research efforts and designed the Data Bank’s Public Use Data File, which contains information from each report in the Data Bank but does not identify reported practitioners. He also led the Division’s adjudication process to determine the accuracy of disputed reports and whether they meet legal requirements for reporting. Oshel’s most recent publication is the chapter “Secrets of the National Practitioner Data Bank and the Failure of Medical Licensing Boards, Hospitals, and the Legal System to Protect the Public From Dangerous Physicians” in The Truth About Big Medicine, edited by Cheryl L. Brown and John T. James (Rowman & Littlefield, 2015). He may be contacted at



42 USC 11101, et sec. For the secrecy provision, see 42 USC 11137(b).

42 USC 11135.

99th Congress, 2d. Session House of Representatives, Rpt 99-903. Report to Accompany HR 5540 [by the Committee on Energy and Commerce], p. 2.

National Practitioner Data Bank 2002 annual report. (2002). Retrieved from

National Practitioner Data Bank 2004 annual report. (2004). Retrieved from

National Practitioner Data Bank 2010 annual report. (2010). Retrieved from

National Practitioner Data Bank 2012 Annual Report. (2012).
Retrieved from
2012NPDBAnnualReport.pdf. The 2012 Annual Report is the latest available as of April 13, 2015.

National Practitioner Data Bank. (2015, January). Data Bank News. Retrieved from

National Practitioner Data Bank. (n.d.). Billing and fees. Retrieved August 17, 2015, from

U.S. Department of Health and Human Services. (2000, July). Healthcare Integrity and Protection Data Bank Information Guidebook, A-1.

U.S. Department of Health and Human Services. (2015). NPDB Guidebook April 2015. Retrieved April 23, 2015, from

What is an eligible entity? (n.d.). Retrieved from