Open Recommendations

We recommend that Cahaba Government Benefits Administrators, LLC, work with CMS to ensure that its final settlement of contract costs reflects a decrease in Medicare PRB costs of $1,085,470 for CYs 2017 through 2019.

We recommend that Cahaba Safeguard Administrators, LLC, work with CMS to ensure that its final settlement of contract costs reflects a decrease in Medicare PRB costs of $9,806 for CYs 2017 through 2019.

Re-evaluate aged seized digital assets to consider whether risks of misstatement related to accurate valuation, existence, and ownership of assets have been adequately addressed considering the evolving nature of digital asset seizures. Based on the results of the evaluation, design and implement processes, procedures, and controls to appropriately account for aged digital assets. (New)

Assess reconciliation, financial reporting review, and other monitoring controls to increase the precision with which period end financial reporting is performed, including the identification and investigation of significant variances for all financial statements. (New)

We recommend that Cahaba Safeguard Administrators, LLC, develop quality assurance procedures, to include improved policies and procedures, to ensure that going forward, it calculates Medicare segment pension assets in accordance with Federal requirements.

We recommend that Cahaba Government Benefits Administrators, LLC, work with CMS to ensure that its final settlement of contract costs reflects an increase in Medicare pension costs of $348,929 for CYs 2017 through 2019.

We recommend that Cahaba Safeguard Administrators, LLC, work with CMS to ensure that its final settlement of contract costs reflects a decrease in Medicare pension costs of $146,658 for CYs 2017 through 2019.

We recommend that Cahaba Government Benefits Administrators, LLC, decrease Medicare's share of the Medicare segment excess pension liabilities as of December 31, 2018, by $135,979 and recognize $2,111,600 as Medicare's share of the pension liabilities as a result of the benefit curtailment.

We recommend that Cahaba Safeguard Administrators, LLC decrease the Medicare segment pension assets by $94,960 and recognize $10,970,030 as the Medicare segment pension assets as of January 1, 2020.

We recommend that OPM immediately implement internal controls, including written policies and procedures, over the disputed claims process to fully define what constitutes a timely review in the context of 5 CFR Section 890.105, including but not limited to: - policies/procedures to govern the 90-day window allotted for OPM to review disputed claims; - policies/procedures to govern how OPM will address disputed claims appealed to them when the carrier reviewed the disputed claim outside the allotted timeframe and/or the FEHBP member's window to appeal expired (either at the carrier level [FEHBP Benefit Brochures, Section 3 and Section 8, Step 1…

We recommend that 5 CFR Section 890.107 be revised to align the start of FEHBP members' due process rights on the date of OPM's decision on the appeal and not the date on which the service was provided.

We recommend that OPM implement written policies and procedures to address the use of additional information letters in the disputed claims process.

We recommend that OPM implement policies and procedures to standardize the review of disputed claims, provide the policies and procedures to applicable OPM personnel, and implement a plan to review and update the policies and procedures regularly.

We recommend that OPM implement a disputed claims process training program for new and current employees to ensure all personnel involved in the disputed claims review, regardless of assigned FEHB Group, are reviewing disputed claims timely and consistently.

We recommend that OPM immediately implement written policies and procedures for the administration and use of FDC to ensure: - All FDC users are tracking disputed claim cases in the system consistently. - Disputed claim cases are consistently opened and closed in FDC among all users. - Disputed claim cases remain open in FDC during the 30-day FEHBP member response window, and OPM's 90-day review time frame includes the FEHBP member additional information letter process in cases where the FEHBP member responds timely. - The date of the FEHBP member additional information letter and the FEHBP member response date (if…

We recommend that OPM update Section 8, Part 4 of the FEHBP benefit brochures to align with 5 CFR Section 890.105(e)(4), 48 CFR Section 1652.204-72(e)(4), and the FEHBP carrier Contract language Section 2.8(e)(4).

We recommend that OPM implement a disputed claims quality assurance program to ensure that the disputed claims data is regularly reviewed for: - Consistent and timely logging and addressing of FEHBP member correspondence. - The identification of concerning trends with providers, procedures, prescriptions, etc. - Consistent reviews of like-kind claims. - OPM's adherence to the implemented policies and procedures. - Consistent handling of IMR reviews, especially in cases where the carrier provided at least one IMR itself. - Prompt identification and correction of human errors.

We recommend that OPM implement internal controls to ensure that FOIA/PA requests can be met within the statutory deadlines.

We recommend that OPM implement an internal control process to monitor Privacy Act requirements, as they relate to the Disputed Claims process, so that SORNs and other Privacy Act requirements are fulfilled in a timely manner.

We recommend that OPM implement sufficient controls, including written policies and procedures, to ensure that FEHBP members' identities are verified and disputed claims records are not disclosed without consent as specified in the Privacy Act.

We recommend that OPM evaluate the disputed claims data that relate to the decommissioned HITS and ensure that applicable paper files and electronic files are stored per the terms of 36 CRF, Chapter XII, Subchapter B, Records Management and OPM's RMP for the applicable disposition schedule.

We recommend that OPM update the record retention period, ensuring that it provides sufficient time for the processing and resolution of a disputed claim.

We recommend that OPM catalog the disputed claims cases where the same Y codes were applied to unique cases, and that OPM develop a unique record identifier for cases with the same Y code so that they can be clearly differentiated until the record retention requirements have expired.

We recommend that OPM develop written policies and procedures that define the role of the Y code in the disputed claims process and the specific case data to be utilized by applicable OPM personnel to identify unique disputed claims cases.

The OIG has determined that the contents of this recommendation would not be appropriate for public disclosure and has therefore limited its distribution to selected officials.

The OIG has determined that the contents of this recommendation would not be appropriate for public disclosure and has therefore limited its distribution to selected officials.

The OIG has determined that the contents of this recommendation would not be appropriate for public disclosure and has therefore limited its distribution to selected officials.

The OIG has determined that the contents of this recommendation would not be appropriate for public disclosure and has therefore limited its distribution to selected officials.

The OIG has determined that the contents of this recommendation would not be appropriate for public disclosure and has therefore limited its distribution to selected officials.

The OIG has determined that the contents of this recommendation would not be appropriate for public disclosure and has therefore limited its distribution to selected officials.

We recommend that the Ohio Department of Health work with CMS to develop standardized life safety training for nursing home staff.

We recommend that the Ohio Department of Health work with CMS to develop a risk-based approach to identify nursing homes where surveys should be conducted more frequently than once every 15 months, such as those with a history of multiple high-risk deficiencies or frequent management turnover.

We recommend that the Ohio Department of Health develop a plan with CMS to address the foundational issues preventing more frequent surveys at nursing homes with a history of multiple high-risk deficiencies.

We recommend that the Ohio Department of Health follow up with the 18 nursing homes in this audit that demonstrated life safety, emergency preparedness, and infection control deficiencies to verify that corrective actions have been taken regarding the deficiencies identified in this report.

Develop and implement a course approvals plan to address the existing backlog and to avoid future approval delays.

Establish and implement quality control measures for course approvals to include peer review or other mechanisms to ensure course approvals meet requirements.

Develop and implement goals and requirements for the course oversight auditing program, including the number and type of audits to be conducted by each auditor in a given time period.

Establish and implement controls to ensure audit results are used to improve operations and apply enforcement actions to MTPs, such as suspension or withdrawal of course approvals, after serious nonconformities are identified.

Develop and implement policy and procedures for routinely conducting in person-audits of mariner training sites to ensure sites are operating in accordance with the site approval.

Develop and implement a policy for routinely conducting audits of thirdparty course approvers to ensure they have processes for reviewing, approving, and monitoring training that are equal to the Coast Guard’s course approval and oversight processes.

Develop and implement a plan to modernize NMC’s examination processes, with a milestone timeline endorsed by the Coast Guard offices whose support and assistance is needed.

Office of the Chief Information Officer implement adequate data logging in compliance with applicable NIST guidance.

Office of Chief Information Officer implements and updates the agency’s cybersecurity incident response plan to align with Manual Section 899 to include the Office of Inspector General and other required offices in breach notifications.

Office of Chief Information Officer ensures that the Peace Corps network is continuously monitored to mitigate the risk of cyberthreats.

Review the 5,534 tax returns we identified for which the IRS incorrectly paid retroactive credit claims and take the steps needed to recover the erroneously issued funds.

Review the 2,519 tax returns we identified for which the IRS incorrectly denied retroactive credit claims and take the steps needed to ensure that these taxpayers receive the benefits to which they are entitled.

Review over 150,000 returned billing statements, and resolve any involving identity theft, then refer fraudulent loans to OIG.

We recommend that the California Department of Social Services establish procedures for county agency staff to utilize Medicaid data match reports to verify that court authorizations for psychotropic medications prescribed for children in foster care are documented and maintained.

We recommend that the California Department of Social Services establish procedures for county agency staff to document all medications (including opioid medications) prescribed for children in foster care in CWS/CMS, to the extent allowable under California law.

We recommend that the California Department of Social Services develop and implement procedures for county agency staff to upload the court authorizations for psychotropic medications prescribed for children in foster care into CWS/CMS.