Federal Reports

We evaluated the U.S. Department of Housing and Urban Development (HUD) practices for identifying and protecting personally identifiable information (PII). The evaluation assessed HUD’s current capabilities to properly manage and protect PII and to properly maintain paper and electronic PII records. This evaluation was conducted in conjunction with the fiscal year (FY) 2019 Federal Information Security Act of 2014 (FISMA) evaluation 2019-OE-0002.We determined that HUD had taken positive steps to improve its records management practices. It had initiated modernization efforts to transition paper-based processes to electronic processes, begun addressing and closing OIG privacy-related recommendations that had been open for several years, and developed a formal communications plan to increase program awareness. The records officer had increased and improved training for records specialists in program offices and was directing an extensive records inventory project. However, HUD had not designated a Senior Agency Official for Records Management (SAORM) at the Assistant Secretary level as required by OMB, and was not meeting certain Federal requirements. HUD was not able to identify and inventory all PII, or search for or track PII. Recordkeeping practices and retention schedules were outdated, and HUD had not fully integrated the records program with risk management and information technology programs.We provide nine new recommendations designed to address HUD’s most significant legal and regulatory obligations, along with other critical challenges laid out in this report.

The VA Office of Inspector General (OIG) investigated allegations that the VA San Diego Healthcare System staff manipulated the time cards for seven fee-basis medical providers in order to pay these individuals on a salary or wage basis rather than a per-procedure basis. In addition, the allegations contended that a fee-basis care provider was told he would be converted to a full-time employee after working full time as a fee-basis provider for one year. The OIG substantiated that certain fee-basis care providers at the VA San Diego Healthcare System were being paid for their time improperly, rather than on a per-procedure basis as required. The OIG did not substantiate that a fee-basis professional had been promised conversion to full-time status. The OIG did not make any recommendations because the medical center took corrective action, including disciplinary action with respect to the supervisor who was accountable for this conduct.

The VA Office of Inspector General (OIG) Administrative Investigations Division investigated alleged misconduct by two employees of the VA Greater Los Angeles Healthcare System in California. A complainant alleged that a supervisory health system specialist misused his/her public office for private gain when, as a part of the supervisor’s VA job responsibilities, he/she improperly participated in matters related to a contract maintained by the healthcare system with a vendor whose vice president was the supervisor’s significant other (non-spouse) and roommate. During the course of the investigation, the supervisor voluntarily resigned from VA, and as a result the OIG removed this allegation from the scope of the investigation. The complainant also alleged that a former medical center director failed to make proper rental payments while residing in the healthcare system’s quarters. Although the OIG determined the director underpaid VA a net amount of $158 for housing during the three years he resided on VA quarters, the OIG determined the cause was a coding error and identified no evidence that the error resulted from any misconduct on the part of the director. Because the error was unintended and corrective action has already been taken by the healthcare system, the OIG made no recommendations.

Following an investigation conducted in response to allegations made to the VA Office of Inspector General (OIG) hotline, the Office of Special Reviews substantiated that an Office of General Counsel (OGC) attorney was using VA time and resources to work on matters related to his outside law practice. Moreover, the OIG determined that the attorney represented private clients in U.S. bankruptcy court in cases where the clients owed money to the federal government. This conduct implicated criminal conflict of interest laws, which prohibit federal government employees from representing third parties in cases where the United States is a party or has a direct and substantial interest. The review team discovered that VA’s OGC received complaints about the attorney using VA time and resources to engage in his outside law practice as early as 2012. The OIG found that OGC's failure to appropriately supervise or meaningfully investigate the attorney's misconduct allowed it to continue. It was not until the OIG alerted OGC to this review’s preliminary findings that the OGC investigated the attorney, which ultimately led to his removal from federal employment in March 2020. The OIG's seven recommendations to the Acting VA General Counsel addressed actions to be considered in light of the attorney's misconduct and OGC officials' prior failures to take prompt appropriate action. These included revision to the OGC's relevant guidance and how OGC identifies and advises its employees who have outside employment. OGC was also asked to consider whether it should implement a supplemental regulation requiring some employees to disclose and obtain prior approval before engaging in outside employment. VA’s OGC concurred with all recommendations.

We investigated allegations that a senior U.S. Park Police (USPP) official asked the United States Attorney’s Office to dismiss criminal citations (tickets) issued to Presidio Trust employees and contractors at the request of Presidio Trust officials.We found that a Presidio Trust official asked a senior USPP official to request the dismissal of several tickets stemming from two separate incidents that occurred at the Presidio and that the senior USPP official’s decisions to request the dismissals were, in part, influenced by these requests. In addition, while we found that the senior USPP official had the discretion to request that the tickets be dismissed and that there was no USPP General Order or U.S. Department of the Interior policy about the process or authority for dismissing tickets, the senior USPP official appeared to deviate from past USPP practices at the Presidio when requesting the dismissals.We provided our report to the Deputy Director, Exercising the Authority of the Director of the National Park Service, for any action deemed appropriate.