Federal Reports

The report summarizes the FTC OIG’s activities and accomplishments during the second half of the FY 2017 reporting period.

During this reporting period, the DHS Office of Inspector General (OIG) completed significant audits, inspections, and investigations to promote economy, efficiency, effectiveness, and integrity in the Department’s programs and operations.We issued 72 reports, including management alerts, and reports on Disaster Relief Fund spending (appendix 5), as well as 367 investigative reports, while continuing to strengthen our transparency and internal oversight. Our reports provide the DHS Secretary and Congress with an objective assessment of the issues the Department faces. They also offer specific recommendations to correct deficiencies and improve the economy, efficiency, and effectiveness of DHS’ programs.

OIG conducted a healthcare inspection in response to an allegation received in 2016 that a patient died of an accidental methadone overdose 2 days after receiving a prescription for methadone from a primary care physician (PCP) at the Grand Junction VA Health Care System (System), Grand Junction, CO. We substantiated the allegation that the patient identified in the complaint died 2 days after receiving a prescription for methadone from a System PCP. We were unable to substantiate that methadone contributed to or was the cause of the patient’s death. Neither an autopsy or toxicology study was performed, so additional information was not available.The System lacked a process to ensure prescribers were aware of, or considered, current Veterans Health Administration (VHA) directives, policies, and guidance related to obtaining an electrocardiogram before prescribing methadone for the management of chronic pain. VHA’s “Consent for Long-Term Opioid Therapy for Pain” is an electronic document that is used to obtain consent for long-term opioid therapy. The template document may also be used as a patient education tool but does not include risk factors specific for methadone. System PCPs we interviewed were not aware of how to add methadone specific risk factors to the electronic consent form. After investigating the events surrounding the death of the patient identified in the complaint, System leaders did not confer with the Office of Chief Counsel to determine if an institutional disclosure was necessary. We made five recommendations.

We determined that the Office of Health Affairs (OHA) has not implemented an effective organizational framework for safeguarding personally identifiable information (PII). While OHA appointed a Privacy Officer, this official lacked authority and resources to carry out the required privacy management responsibilities. Given turnover in key positions, OHA leadership had not placed priority on instilling a culture of privacy which resulted in transparency and security control weaknesses. For example, OHA’s emergency medical first responders did not properly notify individuals of their privacy rights when collecting PII. OHA’s BioWatch web portal had been improperly categorized to properly safeguard PII and the portal operated on an untrusted internet site. We recommended that OHA inform its staff of the Privacy Officer’s statutory responsibilities and the need for all staff to comply with privacy requirements, implement a process to provide a Privacy Act Statement when collecting PII from individuals as required by law, and move the BioWatch web portal to a trusted domain to comply with system security requirements and to safeguard PII. We made eleven recommendations improve privacy stewardship and reduce privacy risks to PII that OHA collects and maintains.

As FEMA moves into the recovery phase for Hurricane Harvey in Texas, it will begin to obligate millions, if not billions, of dollars from the Disaster Relief Fund for administrative costs and for Public Assistance and Hazard Mitigation grants to eligible State, tribal, and local governments and certain nonprofit organizations. Texas, as a FEMA grant recipient, will be responsible for oversight and monitoring of the disaster grants to Texas subrecipients. Our prior reports identified FEMA faced resource challenges in its response to a May 2015 Texas flooding disaster and determined that Texas needs to improve its grant management efforts. We urge FEMA officials to be mindful of lessons learned from these prior reports in providing disaster assistance to Hurricane Harvey survivors and that they closely monitor Texas’ grant management activities. Doing so should provide reasonable, but not absolute, assurance that Federal disaster assistance funds are spent properly and that the risk of ineligible and excessive costs borne by taxpayers is mitigated.