Federal Reports

HHS oversees States' administration of various Federal programs, including Medicaid. State agencies are required to establish appropriate computer system security requirements and conduct biennial reviews of computer system security used in the administration of State plans for Medicaid and other Federal entitlement benefits. This review is one of a number of HHS OIG reviews of States' computer systems used to administer HHS-funded programs. Our objective was to determine whether the North Carolina had implemented adequate information system general controls over the North Carolina Medicaid claims processing systems in accordance with Federal requirements.

NARA OIG performed this audit to assess the current status of the ERA 2.0 development effort.

The Office of the Inspector General audited Tennessee Valley Authority (TVA) Internet-accessible Web sites to identify cyber security weaknesses through penetration testing. In summary, 37 Internet-accessible Web sites were tested, and 7 high risk vulnerabilities were identified. Two of the high risk vulnerabilities that were identified require additional testing by TVA's Information Technology for confirmation. TVA management agreed with our findings and recommendations.

The VA Office of Inspector General (OIG) evaluated the quality of care delivered at the James E. Van Zandt VA Medical Center. This included reviews of key clinical and administrative processes that affect patient care outcomes—Quality, Safety, and Value; Environment of Care; Medication Management; Coordination of Care; Diagnostic Care; Community Nursing Home (CNH) Oversight; Management of Disruptive/Violent Behavior; and Post-Traumatic Stress Disorder Care. OIG provided crime awareness briefings to 50 employees.OIG identified certain system weaknesses in taking actions for issues identified by quality, safety, and value reviews; medical staff membership; general safety and security of personally identifiable information at the Huntingdon County VA Clinic; the anticoagulation management program; inter-facility transfer data collection and reporting; point-of-care testing follow-up; CNH oversight and clinical visits; and disruptive behavior training. As a result of the findings, OIG could not gain reasonable assurance that: (1) The facility takes actions for weaknesses identified in peer review and Focused Professional Practice Evaluations.(2) Facility leadership is able to perform appropriate oversight of all medical staff members.(3) The access log for the Huntingdon County VA Clinic information technology network room contains required elements.(4) The Huntingdon County VA Clinic secures patients’ personally identifiable information.(5) A physician is involved in the anticoagulation management program.(6) Data is used to improve inter-facility transfers.(7) Clinicians document required actions in response to glucose point-of-care testing results.(8) The facility effectively oversees the CNH program and monitors and assures the safe care of patients in the program.(9) Facility employees are trained to reduce and prevent disruptive behaviors.OIG made recommendations for improvement in the following seven areas: (1) Quality, Safety, and Value; (2) Environment of Care; (3) Medication Management; (4) Coordination of Care; (5) Diagnostic Care; (6) CNH Oversight; and (7) Management of Disruptive/Violent Behavior.