Federal Reports

Our objective for this report was to assess the extent to which the company is incorporating its injury claims financial data into its Safety Management System (SMS).We found that the company’s Safety and Operations departments currently use injury and accident reports to identify the most frequent incidents in their efforts to assess and manage safety risks and inform the SMS. These departments have not, however, had regular access to company data on employee and passenger injury claims, including settlement data, which resides with the company’s claims group. Our work determined these data could allow the Safety and Operations departments to better identify additional risks and mitigation strategies and, in turn, help improve safety outcomes and minimize the impact of safety incidents on the company.We recommended that the company develop a policy and process to regularly share legally appropriate injury claims data internally and use these data to help identify and mitigate safety risks as part of its risk management process.

The Office of Inspector General (OIG) performed an audit of the Research, Education, and Economics mission area within the U.S. Department of Agriculture (USDA) to test its controls to prevent, detect, mitigate, and recover from a ransomware attack.

Under the home health prospective payment system (PPS), the Centers for Medicare & Medicaid Services pays home health agencies (HHAs) a standardized payment for each 60-day episode of care that a beneficiary receives. The PPS payment covers intermittent skilled nursing and home health aide visits, therapy (physical, occupational, and speech-language pathology), medical social services, and medical supplies.Our prior audits of home health services identified significant overpayments to HHAs. These overpayments were largely the result of HHAs improperly billing for services to beneficiaries who either were not confined to home (homebound) or were not in need of skilled services.Our objective was to determine whether Brookdale Home Health, LLC (Brookdale), complied with Medicare requirements for billing home health services on selected types of claims.

Strategic Plan for Fiscal Years 2021 through 2025, which articulates the vision for the FEC OIG for the next five years.

The spread of COVID-19 drastically increased the demand for personal protective equipment (PPE) such as masks, gloves, and gowns, and significantly disrupted the global supply chain. As the nation’s largest integrated healthcare system, the Veterans Health Administration (VHA) had to compete for PPE for its personnel and patients. The VA Office of Inspector General (OIG) received hotline allegations that VHA medical facilities could not acquire and maintain enough PPE to keep pace with escalating needs. The OIG assessed how VHA reported and monitored PPE supply levels during the pandemic. The review team also solicited information about whether facilities ran out of PPE or experienced significant shortages. Without reliable PPE inventory information, VHA cannot effectively assess demand, monitor stock levels, or identify supply shortages that require prompt action.In interviews of 22 people involved in logistics operations at 42 facilities, no one reported running out of PPE items. Some individuals reported running low, but risks of outages were mitigated by shifting supplies among facilities or acquiring additional PPE in time.Overall, the OIG found VHA took swift steps to work around known limitations in its inventory management system by developing new processes and tools, to use near real-time information on PPE inventory to shift and order supplies, and to otherwise ensure its facilities would not run out of PPE. The OIG found, however, that VHA could improve the accuracy and consistency of the PPE data for reporting and monitoring.VHA concurred with the OIG’s two recommendations to provide guidance for reporting expired quantities of PPE that may still be of use, and to more effectively verify facilities’ self-reported information. Although not a formal recommendation, the OIG also called on VHA to report any data limitations until corrections can be made.

The SEC Can Further Strengthen the Tips, Complaints, and Referrals Program, Report No. 566

The SEC Has Taken Steps to Strengthen Its Monitoring of ISS Contractor’s Performance, But Additional Actions Are Needed, Report No. 565

Under the Medicare Advantage (MA) program, the Centers for Medicare & Medicaid Services (CMS) makes monthly payments to MA organizations according to a system of risk adjustment that depends on the health status of each enrollee. Accordingly, MA organizations are paid more for providing benefits to enrollees with diagnoses associated with more intensive use of health care resources than to healthier enrollees, who would be expected to require fewer health care resources.To determine the health status of enrollees, CMS relies on MA organizations to collect diagnosis codes from their providers and submit these codes to CMS. Some diagnoses are at higher risk for being miscoded, which may result in overpayments from CMS.For this audit, we reviewed one MA organization, Blue Cross Blue Shield of Michigan (BCBSM), and focused on seven groups of high-risk diagnosis codes. Our objective was to determine whether selected diagnosis codes that BCBSM submitted to CMS for use in CMS's risk adjustment program complied with Federal requirements.

We investigated allegations that a tribal non-profit organization misused $50,000 it received for a 3-day training conference. It received the funds from the Bureau of Indian Affairs (BIA) through a cooperative agreement.We did not find any evidence of misuse of funds or of false claims and determined the organization used the full amount of the cooperative agreement to cover costs associated with the training conference.

The OIG found that the CSB was fully compliant with improper payments legislation and guidance during fiscal year 2020.

The OIG found that the CSB was fully compliant with improper payments legislation and guidance during fiscal year 2020.

The VA Office of Inspector General (OIG) reviewed key aspects of VA’s spina bifida program in response to congressional and other concerns that eligible individuals may not be receiving the compensation, healthcare, home services, and other benefits to which they are entitled. Monthly payments under this relatively small but critical program (serving more than 1,000 beneficiaries) exceeded $20.8 million in 2019, with medical reimbursements of over $45 million.Spina bifida occurs when a fetus’s spine and spinal cord do not form properly. Children born with spina bifida may receive VA benefits such as monthly payments, home services, and health care if one of their biological parents is a veteran presumed to have been exposed to herbicides during the Vietnam War.The Veterans Benefits Administration (VBA) determines eligibility for spina bifida benefits and issues monthly payments. The Veterans Health Administration (VHA) covers all medically necessary health care.The OIG found VBA staff generally decided spina bifida benefit claims accurately. However, program offices in VBA and VHA did not adequately communicate or share data, contributing to beneficiaries receiving improper payments after their deaths and delays in new beneficiaries being enrolled in health care. Further, individuals with spina bifida and their caretakers did not receive needed information about benefits because VA did not consistently reach out and accurately communicate with them.The OIG made four recommendations related to preventing payments to deceased beneficiaries through better coordination between the Denver VBA regional benefits office and VHA’s Office of Community Care, ensuring all eligible beneficiaries are promptly enrolled in health care, making certain that agents for national call centers consistently provide accurate and comprehensive benefits information, and engaging eligible beneficiaries who are not aware of or using services.

Service standards are the Postal Service’s stated delivery performance goals for each mail class measured in days from point of entry into the mailstream to final destination. These standards are one of the primary operational goals or benchmarks against which the Postal Service measures its performance. The Postal Service defines misrouted or missent mail as mail sent from an originating facility to the wrong destinating facility. For example, mail originating in Albany, NY, that is addressed to Tampa, FL, but is received in San Francisco, CA. Our objective was to determine why there is misrouted mail and its impact on the Postal Service.

In response to Executive Order 13767, U.S. Customs and Border Protection (CBP) implemented new tools and technologies that have enhanced Border Patrol’s surveillance capabilities and efficiency along the southwest border. However, these upgrades are incomplete as CBP has deployed only about 28 percent of planned technology solutions, even after receiving more than $700 million in funding for new technology since fiscal year 2017. Consequently, most southwest Border Patrol sectors still rely predominantly on obsolete systems and infrastructure with limited capabilities. CBP faces additional challenges that reduced the effectiveness of its existing technology. Border Patrol officials stated they had inadequate personnel to fully leverage surveillance technology or maintain information technology (IT) systems and infrastructure on site. Further, we identified security vulnerabilities on some CBP servers and workstations not in compliance due to disagreement about the timeline for implementing DHS configuration management requirements. CBP is not well-equipped to assess its technology effectiveness to respond to these deficiencies. Overall, these deficiencies have limited CBP’s ability to detect and prevent the illegal entry of aliens who may pose threats to national security. Deploying adequate technologies to complement the physical wall and infrastructure will be essential for CBP to ensure effective operational control of the southern border. We made three recommendations to improve CBP’s border technology, enhance situational awareness of the southwest border, and address potential IT security vulnerabilities. CBP concurred with all three recommendations.

What We Looked AtThe Federal Aviation Administration (FAA) has historically maintained an excellent safety record. However, two fatal accidents in 2018 and 2019 involving the Boeing 737 MAX 8 raised concerns about FAA's oversight and certification of civilian aircraft manufactured and operated in the United States. At the request of Secretary of Transportation Elaine L. Chao and several members of Congress, our office has undertaken a series of reviews related to FAA's certification of the MAX and its safety oversight, including the Agency's oversight of Boeing's Organization Designation Authorization (ODA). Our overall audit objective was to determine and evaluate FAA's process for certifying the Boeing 737 MAX series of aircraft. In this report, we focused on assessing (1) the effectiveness of FAA's guidance and processes for managing the certification of the 737 MAX 8 and (2) FAA's oversight of the Boeing ODA.What We FoundWhile FAA and Boeing followed the established certification process for the 737 MAX 8, we identified limitations in FAA's guidance and processes that impacted certification and led to a significant misunderstanding of the Maneuvering Characteristics Augmentation System (MCAS), the flight control software identified as contributing to the two accidents. First, FAA's certification guidance does not adequately address integrating new technologies into existing aircraft models. Second, FAA did not have a complete understanding of Boeing's safety assessments performed on MCAS until after the first accident. Communication gaps further hindered the effectiveness of the certification process. In addition, management and oversight weaknesses limit FAA's ability to assess and mitigate risks with the Boeing ODA. For example, FAA has not yet implemented a risk-based approach to ODA oversight, and engineers in FAA's Boeing oversight office continue to face challenges in balancing certification and oversight responsibilities. Moreover, the Boeing ODA process and structure do not ensure ODA personnel are adequately independent. While the Agency has taken steps to develop a risk-based oversight model and address concerns of undue pressure at the Boeing ODA, it is not clear that FAA's current oversight structure and processes can effectively identify future high-risk safety concerns at the ODA.Our RecommendationsWe made 14 recommendations to improve the Agency's aircraft certification process and oversight of the Boeing ODA. FAA concurred with all 14 of our recommendations and provided appropriate actions and planned completion dates.

The Medicare hospice benefit allows providers to claim Medicare reimbursement for hospice services provided to individuals with a life expectancy of 6 months or less and who have elected hospice care. Previous OIG reviews found that Medicare inappropriately paid for hospice services that did not meet certain Medicare requirements.Our objective was to determine whether hospice services provided by Tidewell Hospice, Inc., (Tidewell) complied with Medicare requirements.

In accordance with our annual plan, the Office of Inspector General conducted a follow-up on the Department's implementation of the recommendations in Report Number OIG-2017-01. Our objective was to confirm the Department took appropriate corrective actions in implementing the recommendations. Our scope included existing controls related to implementation of the recommendations outlined in our previous report.

Our objective was to determine if the Postal Service timely terminated payments to Contract Postal Unit (CPU) and Village Post Office (VPO) suppliers when services were no longer provided. The Postal Service fulfills its universal service obligation partly through its Alternate Access Channels programs, which offer postal products and convenient mail services where customers live, work, and shop. These programs include CPUs and VPOs. All CPUs and VPOs provide Postal services as required by contract with the Postal Service in a supplier-owned or supplier-leased facility.

The Child Care and Development Block Grant Act (CCDBG Act) of 2014 added new requirements for States receiving funding from the Child Care and Development Fund (CCDF) to conduct comprehensive criminal background checks on staff members and prospective staff members of child care providers every 5 years. Criminal background checks requirements apply to any staff member who is employed by a child care provider for compensation or whose activities involve the care or supervision of children or unsupervised access to children.Our objective was to determine whether Virginia's monitoring process ensured provider compliance with State requirements related to criminal background checks established under the CCDBG Act.

Facet-joint injections of an anesthetic with or without a steroid are used to diagnose or treat chronic neck and back pain. A prior Office of Inspector General (OIG) review found that 47 percent of Medicare payments to physicians for facet-joint injections nationwide in calendar year (CY) 2006, or approximately $96 million, did not meet Medicare program requirements. In addition, Noridian Healthcare Solutions, LLC (Noridian), one of the Medicare Administrative Contractors (MACs), identified during audits performed in CYs 2016 through 2018 various errors in which physicians did not bill for facet-joint injections in accordance with Medicare requirements. Therefore, we conducted this audit to determine whether Noridian made improper payments for facet-joint injections in Jurisdiction E from January 1, 2018, through May 31, 2019 (audit period).

In recent years, Congress has expressed concerns about the Indian Health Service’s (IHS’s) administrative and financial management of program funds for health services to American Indians and Alaska Natives. Before we could address Congress’ broader concerns, we needed to assess how the 12 IHS Area Offices receive and disburse funds for services provided to Tribal members. We chose to audit the Bemidji Area Office’s (BAO’s) procedures for disbursing IHS funds because it disburses funds to all program types.

On March 27, 2020, the President signed into law the Coronavirus Aid, Relief, and Economic Security Act (CARES Act). To date the CARES Act has provided the U.S. Department of the Interior (DOI) with $909.7 million, which includes direct apportionments of $756 million to support the needs of DOI programs, bureaus, Indian Country, and the Insular Areas, and a $153.7 million transfer from the U.S. Department of Education to the BIE.This report presents the DOI’s progress as of December 31, 2020, in spending CARES Act appropriations. Specifically, the DOI’s expenditures to date total $600,876,882, and its obligations total $668,075,114.We are also monitoring the DOI’s progress on reporting milestones established by the CARES Act and the U.S. Office of Management and Budget.

The OIG investigated allegations that an enrolled member of a Native American tribe paid bribes or kickbacks to an elected member of a tribal business committee in exchange for preference on tribal construction contracts.We did not substantiate the allegations. A financial analysis revealed no evidence to suggest the enrolled member received construction contracts awarded by the tribe or that he owned or operated a construction company. We also found no evidence that the enrolled member paid bribes or kickbacks to tribal officials.

A supervisor based at Sunnyside Yard in New York City was terminated on February 18, 2021, following an administrative hearing. The former employee violated company policies by fraudulently claiming and accepting payment for regular pay, overtime pay, or both during hours when he was not working. In addition, company rail pass records showed that his pass was in use on days when he also claimed work hours, indicating that either he claimed labor hours while he was on personal travel or that he allowed others to use his rail pass privileges.

This report presents the results of the U.S. Government Publishing Office (GPO) product billing rates, Project No. A-20-005. We contracted with the Independent Public Accounting firm, KPMG LLP (KPMG), to conduct this review. The objective was to determine if GPO’s rate structure allows the agency to identify and recover total costs for products and services in accordance with 44 U.S.C. § 309(b)(1).

The VA Office of Inspector General (OIG) conducted an inspection to assess an allegation that the Cardiac Catheterization Lab (CCL) was closed due to concerns of risk to patients at the Samuel S. Stratton VA Medical Center (facility) in Albany, New York. The OIG did not receive a response from Veterans Integrated Service Network (VISN) 2 staff following an inquiry and subsequently opened the healthcare inspection.The OIG substantiated that the CCL was closed due to concerns of risk to patients and determined the closure was in response to issues including use of improper clinical procedural techniques, personnel disputes, and a hostile work environment. A facility fact-finding review identified concerns with communication and team dynamics among staff and suspended CCL procedures. The OIG found that VISN and facility leaders acted promptly to obtain unbiased assessments when they arranged for an external review of the CCL by the National Cardiology Program Office (NCPO). The NCPO made recommendations addressing the clinical judgment and technical skills of the CCL cardiologists. Facility leaders convened an administrative investigation board and initiated management reviews. Clinicians independent of the facility and well versed in interventional cardiology assessed the CCL cardiologists’ clinical competence. VISN and facility leaders decided that the CCL should remain closed indefinitely.According to the NCPO, its role is typically confined to advising the Veterans Health Administration (VHA) and facilities on policy matters. In this instance, the offering of recommendations by NCPO extended beyond policy matters and addressed operations, including the safe resumption of interventional cardiology at the facility. The OIG made three recommendations: two recommendations to the Under Secretary for Health regarding the designation of a VHA specialty leader in interventional cardiology and one recommendation to the VISN Director to review the circumstances that led to the failure to respond to an OIG inquiry.

We evaluated the U.S. Department of the Interior’s Land Buy-Back Program for Tribal Nations. We found that the Bureau of Indian Affairs violated Federal regulations by delegating land title authority to its Acquisition Center. The delegation of land title authority resulted in confusion about roles and responsibilities, allegations of title document defects, breakdown in communication between offices, and the potential for litigation. In addition, the improper delegation of land title authority could result in claims that the Department breached its fiduciary trust responsibilities by mismanaging tribal trust funds and could potentially place all program actions at risk of being invalidated.The offices involved in the Land Buy-Back Program have been working to address the land title authority and title document defect issues. On February 24, 2020, and May 22, 2020, the Bureau, in coordination with the Office of the Solicitor, updated two policies regarding the delegation of land title authority issues. An Office of the Solicitor official told us that these policy changes resolved the issues and that no further policy changes were needed. On June 3, 2020, the Assistant Secretary for Indian Affairs signed a corrective action plan regarding the missing land title document identified by a 2019 document review project.We make three recommendations to help the Department’s leadership ensure that program land acquisitions are legally defensible and to minimize risks that the Department will face liability. The Department responded to our draft report on September 10, 2020, and based on the response, we consider Recommendations 1 and 2 resolved and implemented and Recommendation 3 resolved but not implemented. Throughout the course of our review, we communicated our findings to the Department, and the Department took corrective actions to implement two of our recommendations before issuance of our draft report. We will refer Recommendation 3 to the Assistant Secretary for Policy, Management and Budget to track implementation.

We audited the costs claimed by the State of Alabama, Department of Conservation and Natural Resources, Division of Wildlife and Freshwater Fisheries (Division), under grants awarded by the U.S. Fish and Wildlife Service (FWS) through the Wildlife and Sport Fish Restoration Program. The audit included claims totaling $89.3 million on 70 grants that were open during the State fiscal years that ended September 30, 2017, and September 30, 2018. The audit also covered the Division’s compliance with applicable laws, regulations, and FWS guidelines, including those related to the collection and use of hunting and fishing license revenue and the reporting of program income.We found that the Division generally ensured that grant funds and hunting and fishing license revenue were used for allowable fish and wildlife activities and complied with applicable laws and regulations, FWS guidelines, and grant agreements. We noted, however, issues with an ineligible subaward payment in the amount of $5,000 (Federal share $3,750). In addition, we noted multiple control deficiencies, including opportunities to improve controls in subaward oversight, tracking of volunteer hours for hunter education, program income reporting, barter disclosure, timeliness of Federal financial reports, and reconciliation of real property.The FWS concurred with our 15 recommendations and will work with the Division to implement corrective actions.

What We Looked AtUnder the Office of National Drug Control Policy (ONDCP) Circular, National Drug Control Program Agency Compliance Reviews, when drug-related obligations total less than $50 million and a full compliance with the Circular would constitute an unreasonable reporting burden, agencies may submit alternative reports. The Federal Aviation Administration (FAA) submitted alternative Budget Formulation Compliance, Detailed Accounting, and Performance Summary reports. We reviewed the reports and related management assertions to determine the reliability of those assertions in compliance with the Circular. We conducted our review in accordance with generally accepted Government auditing standards for attestation engagements. We limited our review to inquiries and analytical procedures appropriate for an attestation review according to the Circular’s criteria. What We FoundWe were not able to validate the budget amounts in FAA’s Budget Formulation Compliance Report because FAA did not provide sufficient supporting documentation to allow a review. As a result, we were not able to conclude that the funding levels in the budget submission provided by the budget decision units to FAA were without alteration or adjustment. We were not able to verify the reasonableness of FAA’s reported Air Traffic Organization (ATO) obligations because FAA did not provide documentation to support the obligations. We also noted that the estimation method FAA used to determine its ATO obligations included a baseline full-time equivalent level last updated in 2003. Because FAA did not provide a signed assertions letter with its Performance Summary Report, as required, we were unable to perform procedures related to performance assertions. Based on our review of FAA’s fiscal year 2020 Budget Formulation Compliance, Detailed Accounting, and Performance Summary reports, we were not able to conclude on the reliability of FAA’s management assertions.

Under a contract monitored by the National Credit Union Administration OIG, KPMG, an independent certified public accounting firm, performed an audit of NCUA’s financial statements, which includes the Share Insurance Fund, the Operating Fund, the Central Liquidity Facility, and the Community Development Revolving Loan Fund, as of and for the years ending December 31, 2020 and 2019.

The Medicare and Medicaid programs cover care in nursing homes for eligible beneficiaries. Sections 1819 and 1919 of the Social Security Act (the Act) establish requirements for CMS and States to perform surveys of nursing homes to determine whether they meet Federal participation requirements. For Medicare and Medicaid, these statutory participation and survey requirements are implemented in Federal regulations at 42 CFR part 483, subpart B, and 42 CFR part 488, subpart E, respectively.Nursing homes are required to comply with all Federal, State, and local laws, regulations, and codes, as well as accepted professional standards and principles (42 CFR § 483.70). Federal regulations on life safety (42 CFR § 483.90) require that nursing homes comply with standards set forth in the National Fire Protection Association (NFPA) Life Safety Code (NFPA 101) and Health Care Facilities Code (NFPA 99). CMS lists applicable requirements on Form CMS 2786R, Fire Safety Survey Report. Federal regulations on emergency preparedness (42 CFR § 483.73) include specific requirements for nursing homes’ emergency preparedness plans and reference the Standard for Emergency and Standby Power Systems (NFPA 110) as part of these requirements. CMS lists applicable requirements on its Emergency Preparedness Surveyor Checklist. The Fire Safety Survey Report and Emergency Preparedness Surveyor Checklist are used when CMS or a designated agency performs a nursing home survey. The results of each survey are reported and added to CMS’s Automated Survey Processing Environment (ASPEN) system.

We have performed audits in several States, including New York, in response to a congressional request concerning deaths and abuse of residents with developmental disabilities in group homes. Federal waivers permit States to furnish an array of home and community-based services to Medicaid beneficiaries with developmental disabilities so that they may live in community settings and avoid institutionalization. CMS requires States to implement a critical incident reporting system to protect the health and welfare of Medicaid beneficiaries receiving waiver services.Our objective was to determine whether New York ensured that community-based providers complied with Federal Medicaid waiver and State requirements for reporting and monitoring critical incidents involving Medicaid beneficiaries with developmental disabilities residing in community-based settings.

The West Calumet Housing Complex (WCHC), located in East Chicago, IN, was a public housing development that opened in 1972 on top of a former lead smelting plant. HUD and other agencies missed multiple opportunities to identify site contamination at WCHC. As a result, WCHC residents continued living in unsafe conditions for decades, and inadequate oversight led to the lead poisoning of children in WCHC. Between 2005 and 2015, a child living in WCHC had nearly a three times greater chance of having elevated blood lead levels than children living in other areas of East Chicago. HUD has partnered with and relied on the Environmental Protection Agency (EPA) to identify contaminated HUD-funded properties and develop a mitigation strategy for those properties. In 2016, EPA provided HUD a list of HUD-funded properties on or near contaminated sites. Since then, EPA and HUD have updated this list. While HUD has taken steps to improve communication with EPA, it can do more with the information it receives to understand how contaminated sites might impact HUD-funded properties. As a result of HUD’s approach to identifying contaminated sites, residents of those contaminated properties might experience prolonged exposure to potential contaminants. HUD may be unaware of other situations like WCHC. Therefore, HUD needs to take more action and develop a strategy to identify and mitigate those situations. We offer four recommendations to help HUD (1) develop and implement strategies to research properties and determine whether site contamination should be considered in future environmental reviews and then (2) monitor those reviews.

Transmittal of the Final Report Assessing the Federal Trade Commission’s Compliance with the Federal Information Security Management Act for Fiscal Year 2020 (Redacted for public release)