Federal Reports

U.S. Customs and Border Protection (CBP) did not consistently target for additional inspection or evaluate potentially inadmissible international mail entering the United States through its nine International Mail Facilities (IMFs). Although IMFs faced challenges targeting mail and examining packages identified as potential threats, CBP did not evaluate whether its screening was effective or refer problems to stakeholders for resolution.

This is the audit of the NEA's information technology systems security. Due to security concerns, this report is not published on the internet. You can obtain a copy of this report through a freedom of information act request at the following link: https://www.arts.gov/freedom-information-act-guide.

What We Looked AtThis report presents the results of our quality control review (QCR) of an audit of the Department of Transportation's (DOT) information security program and practices. The Federal Information Security Modernization Act of 2014 (FISMA) requires agencies to develop, implement, and document agencywide information security programs and practices. FISMA also requires inspectors general to conduct annual reviews of their agencies' information security programs and report the results to the Office of Management and Budget. To meet this requirement, we contracted with CliftonLarsonAllen LLP (CLA) to conduct this audit subject to our oversight. The audit objective was to determine the effectiveness of DOT's information security program and practices in five function areas--Identify, Protect, Detect, Respond, and Recover.What We FoundOur QCR disclosed no instances in which CLA did not comply, in all material respects, with generally accepted Government auditing standards.Our RecommendationsDOT concurs with both of CLA's recommendations. We consider both recommendations resolved but open pending completion of planned actions.

The VA Office of Inspector General (OIG) conducted a healthcare inspection to assess care coordination for patients of the VA Eastern Kansas Health Care System (system) who received care and were dually prescribed opioids and benzodiazepines from Community Care Network (CCN) providers. The inspection also reviewed compliance with public law and Veterans Health Administration (VHA) policies and guidelines specific to the oversight of CCN provider opioid prescribing practices. The OIG found issues related to incomplete and delayed CCN provider documentation, Opioid Safety Initiative (OSI) prescribing risk mitigation strategies, prescriptions dispensed at VHA pharmacies versus non-VA pharmacies, and lack of medication reconciliation and VHA medication profile updates, which place patients at risk for adverse opioid related events. Additionally, the OIG identified two examples in which patients received multiple controlled substance prescriptions from a combination of system, non-system VHA providers, and CCN providers.The OIG found the Veterans Integrated Service Network (VISN) Director and system staff were not conducting oversight of CCN providers opioid prescribing practices as required under the MISSION Act and as recommended by the OIG in 2019 and were not reporting concerns of unsafe CCN provider practices to the third party administrator.The OIG made seven recommendations to the Under Secretary for Health related to CCN provider documentation, evidence of CCN provider training and use of OSI risk-mitigation strategies, state prescription drug monitoring program queries, and capture of CCN-prescribed medications in electronic health records (EHR). The OIG made two recommendations to the VISN Director related to ensuring the system has processes in place to conduct oversight of CCN providers’ prescribing practices. The OIG made four recommendations to the System Director related to documenting use of OSI risk-mitigation strategies, capturing CCN-prescribed medications in the EHR, filling vacant positions, and educating staff on reporting patient safety concerns involving CCN providers.