Skip to content
FonteumThe Graph

The capability layer

APIREST + bulk accessMCP serverCallable by AI agentsFHIR R4 APIBulk exportAttestation & audit packReconciliationSource-vs-source diffsEntity graphSnapshotsPoint-in-time, bitemporal

By use case

Exclusion & sanctions screeningCredentialing & provider-data enrichmentAudit evidence & defensible programsProvider data for AI / RAGM&A & network diligence

By buyer

Compliance & riskDevelopers & AI teams

The differentiator

Coverage & sourcesThe catalogFreshnessMethodologyCare CompareFacility qualityBrowse all datasets →
Research

The dev on-ramp

DocsAPI referenceMCPQuickstartStatusChangelogSDKs & integrations
Pricing
Sign inTry the FHIR sandbox →Request access →

Platform

APIMCP serverFHIR R4 APIBulk exportAttestation & audit packReconciliationEntity graphSnapshots

Solutions

Exclusion & sanctions screeningCredentialing & provider-data enrichmentAudit evidence & defensible programsProvider data for AI / RAGM&A & network diligenceCompliance & riskDevelopers & AI teams

Data

Coverage & sourcesFreshnessMethodologyCare CompareBrowse all datasets →
Research

Developers

DocsAPI referenceMCPQuickstartStatusChangelogSDKs & integrations
Pricing
Sign inTry the FHIR sandbox →Request access →
Fonteum · Compliance · Attestations

The Audit-Ready Compliance Package

Give us a National Provider Identifier and we return a signed, dated attestation of an exclusion and integrity screen — every federal and state list consulted, the per-source result with its category and snapshot date, the full provenance behind each source, and an Ed25519 signature chained to Fonteum’s append-only attestation chain. The same document is available as machine-readable JSON and as a human-readable PDF.

What the document records

  • The subject NPI and the resolved graph entity it maps to.
  • Every source consulted — OIG LEIE, SAM.gov, each state Medicaid exclusion list, OIG Corporate Integrity Agreements, CMS Civil Money Penalties, and any other registered source.
  • The per-source result — excluded, compromised-flag, or clear — with its category, the snapshot date of the list version screened, and the methodology version.
  • The full 14-field provenance record for each source.
  • The check timestamp, the document SHA-256, and the Ed25519 signature.

How it is signed and chained

The attestation body is canonicalized and hashed with SHA-256. That hash is bound to the current head of Fonteum’s append-only attestation chain and signed with Ed25519. Anyone can recompute the hash from the document, re-derive the chain-bound identifier from the published chain head, and check the signature against the public key published at /.well-known/chain-public-key. A result of “clear” asserts that no matching record was found in the lists Fonteum holds at the snapshot dates shown — not a guarantee that none exists in any jurisdiction.

Where it fits

CMS audit response

Attach a dated, signed record of the exclusion + integrity screen you ran on a billing provider, with the snapshot date of each list at the moment of the check.

OIG inquiries

Show which lists were consulted — OIG LEIE, SAM.gov, state Medicaid exclusions, OIG Corporate Integrity Agreements, CMS Civil Money Penalties — and the per-source result, each carrying its source URL and methodology version.

NCQA / CAQH / URAC credentialing

Keep a reproducible screening-evidence artifact in the practitioner file: the document hash and the published signing key let a reviewer confirm the record was not altered after signing.

False Claims Act evidentiary use

A timestamped, signed screen documents diligence at a point in time. The attestation states what it asserts and what it does not — it is screening evidence, not a legal certification.

How to consume it

Signed JSON attestation for a single NPI:

GET https://fonteum.com/api/v1/exclusions/{npi}/attestation

Human-readable PDF package (same signed body):

GET https://fonteum.com/api/v1/exclusions/{npi}/attestation/pdf

Anonymous access is rate-limited; an API key raises the limit. Every response carries an X-Fonteum-SHA256 header matching the document hash. A signed-vs-JSON consumer checks the signature against the published chain public key; an auditor files the PDF.

This package is screening evidence, not a credentialing decision or a legal certification. Re-confirm any flagged or excluded result against the primary source list before taking adverse action.

Reviewed by Dr. Jennifer Montecillo, MD, medical reviewer. Non-practicing medical reviewer. Questions: hello@fonteum.com.

Built on the authoritative federal record

The primary sources, named on every page.

These are the federal agencies whose public datasets Fonteum ingests and attributes — the issuing authorities, not customers or partners. Every figure on the site links back to one of them.

  • CMS
  • HHS-OIG
  • HRSA
  • FDA
  • NLM
  • NUCC
  • Census
  • BLS
  • BEA

See the full source registry, with license and refresh cadence for each →

Reproducible by design

Every figure traces to its federal source.

14-tuple provenance

Every rendered fact ties to a source URL, dataset ID, snapshot date, row key, and SHA-256 — the full chain-of-custody record.

Reproducible SQL

Each study ships the exact query behind its figures, run against the cited federal snapshot. Re-run it yourself.

Daily reconciliation

Published counts are reconciled against the upstream federal datasets on a daily cadence, with drift logged.

Named medical review

Reviewed by Jennifer Montecillo, MD, medical reviewer. Non-practicing medical reviewer.

Read the full provenance and attestation methodology →

Two doors

Use the free API and open data

Query providers, facilities, sanctions, and quality scores — each field carrying its federal source. Self-serve, no call to start.

Explore the API →Browse the data catalog →

Talk to us

Managed pilots, enterprise terms, and audit-ready, signed attestation packages for compliance, risk, and research teams.

Talk to us →
Fonteum
Platform
Platform overviewAPIMCP serverFHIR R4 APIBulk exportAttestation & audit packReconciliationEntity graphSnapshots
Solutions
All solutionsExclusion & sanctions screeningCredentialing & enrichmentAudit evidenceProvider data for AI / RAGM&A & network diligenceCompliance & riskDevelopers & AI teams
Data & sources
Coverage & sourcesBrowse all datasetsFreshnessMethodologyCare CompareSanctionsOwnershipStaffingDeficienciesSpecial Focus Facilities
Developers
Developer hubDocsAPI referenceQuickstartStatusChangelogSDKs & integrationsWebhooks
Research
Research hubGlossaryComparisonsCitationsWhy Fonteum
Company
AboutPressCustomersPricingContactEditorial policyCorrections
Trust & legal
TrustQualitySecurityPrivacy policyTerms of serviceMedical disclaimer

Reviewed by Jennifer Montecillo, MD, medical reviewer. Non-practicing medical reviewer.

© 2026 Fonteum LLC. All rights reserved.

·hello@fonteum.com

The U.S. healthcare graph AI can cite — every fact carries its source.

Request access→

The substrate, by the numbers

44federal source familiesDistinct CMS, OIG, HRSA, FDA and peer datasets
35dataset pagesCitable, downloadable /data catalog pages
65reproducible studiesEach shipping the SQL behind its figures