Federal Reports

The Federal Information Security Modernization Act of 2014 (FISMA) requires each agency’s Inspector General (IG) to conduct an annual independent evaluation to determine the effectiveness of the information security program (ISP) and practices of its respective agency. Our objective was to evaluate the Tennessee Valley Authority’s (TVA) ISP and agency practices for ensuring compliance with FISMA and applicable standards, including guidelines issued by Office of Management and Budget (OMB) and National Institute of Standards and Technology. Our audit scope was limited to answering the FY2018 IG FISMA metrics developed as a collaborative effort by the OMB, Department of Homeland Security, and Council of Inspector Generals on Integrity and Efficiency in consultation with the Federal Chief Information Officer Council. The FY2018 IG FISMA metrics recommend a majority of the functions be at a maturity level 4 (managed and measurable) or higher to be considered effective. Based on our analysis of the metrics and associated maturity levels defined within the FY2018 IG FISMA metrics, we found TVA’s ISP was operating in an effective manner.

Report file size exceeds upload limit.

The VA Office of Inspector General (OIG) conducted this audit to determine whether the Veterans Benefits Administration (VBA) adjusted compensation benefits in the Survivors’ and Dependents’ Educational Assistance (DEA) Program in a timely manner and accurately processed benefits payments. The DEA Program is VA’s second-largest education program with more than $553 million in benefits paid in fiscal year 2017. The DEA Program provides monthly payments for education and training to eligible dependents and spouses of veterans who have permanent and total service-related medical conditions and receive compensation at the 100-percent disability level. Also, veterans with dependent children 18 to 23 years old attending school are eligible to receive an additional allowance in their disability compensation benefits. However, the veteran cannot receive the additional allowance at the same time the dependent children receive DEA benefits. The OIG found that delays in the processing of DEA benefit adjustments led to overpayments totaling approximately $4.5 million through February 1, 2018. Continued delays could result in an estimated $22.5 million in improper payments over a five-year period. Causes include the lack of management over the electronic mailboxes at the regional and national levels, an ineffective notification process, and the lack of system functionality to flag cases with duplication of benefits. In addition, some workload distribution rules caused cases not to be distributed when ready for processing. The OIG recommended that VBA ensure monitoring of electronic mailboxes and timeliness of compensation adjustments, implement a process to ensure receipt of DEA Program benefit notifications by regional staff, develop electronic system functionality to identify cases with potential duplication of benefits, process DEA benefit adjustments as soon as they are ready, and take prompt action to adjust benefits for cases in the OIG sample in which payment duplications had not been identified.

The VA Office of Inspector General (OIG) conducted a focused evaluation of the quality of care delivered in the inpatient and outpatient settings of the Iowa City VA Health Care System. The review covered key clinical and administrative processes associated with promoting quality care—Leadership and Organizational Risks; Quality, Safety, and Value; Credentialing and Privileging; Environment of Care; Medication Management: Controlled Substances Inspection Program; Mental Health: Posttraumatic Stress Disorder Care; Long-term Care: Geriatric Evaluations; Women’s Health: Mammography Results and Follow-up; and High-risk Processes: Central Line-associated Bloodstream Infections. The Facility had generally stable executive leadership since September 2017 and active engagement with employees and patients as evidenced by satisfaction scores. The OIG reviewed accreditation agency findings, sentinel events, disclosure of adverse patient events, Patient Safety Indicator data, and Strategic Analytics for Improvement and Learning (SAIL) results and did not identify any significant organizational risk factors. Although the leadership team was knowledgeable about selected SAIL metrics, the leaders should continue to take actions to improve care and maintain performance of selected Quality of Care and Efficiency metrics that are likely contributing to the improvement from the previous “2-Star” rating to the current “3-Star” rating. The OIG noted findings in three of the clinical operations reviewed and issued three recommendations that are attributable to the Director and Chief of Staff. The identified areas with deficiencies are: (1) Credentialing and Privileging • Ongoing Professional Practice Evaluation process (2) Medication Management: Controlled Substances Inspection Program • Reconciliation of controlled substance returns to pharmacy stock (3) Long-term Care: Geriatric Evaluations • Program oversight and evaluation

The VA Office of Inspector General (OIG) conducted a focused evaluation of the quality of care delivered in the inpatient and outpatient settings of the West Palm Beach VA Medical Center. The review covered key clinical and administrative processes associated with promoting quality care—Leadership and Organizational Risks; Quality, Safety, and Value; Credentialing and Privileging; Environment of Care; Medication Management: Controlled Substances Inspection Program; Mental Health: Posttraumatic Stress Disorder Care; Long-term Care: Geriatric Evaluations; Women’s Health: Mammography Results and Follow-up; and High-risk Processes: Central Line-associated Bloodstream Infections. Facility leaders appeared actively engaged with employees and patients. Organizational leaders supported efforts related to patient safety, quality care, and other positive outcomes (such as initiating processes and plans to maintain positive perceptions of the Facility through active stakeholder engagement). However, the presence of organizational risk factors, as evidenced by Patient Safety Indicator data, may contribute to future issues of noncompliance and/or lapses in patient safety unless corrective processes are implemented and continuously monitored. Although the leadership team was knowledgeable about selected SAIL metrics, the leaders should continue to take actions to improve care and maintain performance of the Quality of Care and Efficiency metrics likely contributing to the improvement from the previous “2-Star” to the current “3-Star” rating. The OIG noted findings in three of the clinical operations reviewed and issued eight recommendations that are attributable to the Director, Chief of Staff, and Associate Director. The identified areas with deficiencies are: (1) Quality, Safety, and Value • Protected Peer Review process • Physician Utilization Management Advisors’ documentation of decisions • Implementation of root cause analysis actions and provision of feedback (2) Credentialing and Privileging • Focused and Ongoing Professional Practice Evaluation processes (3) Environment of Care • Staff education of Safety Data Sheets • Environmental cleanliness • CBOC panic alarm testing