Recommendations
2103
| ID | Report Number | Report Title | Type | |
|---|---|---|---|---|
| 20-00541-149 | VA Improved the Transparency of Mandatory Staffing and Vacancy Data | Review | ||
1 The assistant secretary for human resources and administration/ operations, security, and preparedness should ensure VA time to hire percentages are reported using the Office of Personnel Management’s target as required by Section 505(a)(1)(D) of the MISSION Act.
Closure Date:
2 The assistant secretary for human resources and administration/ operations, security, and preparedness should confer with the VA Office of General Counsel to ensure that changes to the reporting methodology comply with Section 505 of the MISSION Act.
Closure Date:
| ||||
| 19-07091-159 | Death of a Patient, Deficiencies in Domiciliary Safety and Security, and Inadequate Contractual Agreement at the VA Northeast Ohio Healthcare System in Cleveland | Hotline Healthcare Inspection | ||
1 The VA Northeast Ohio Healthcare System Director conducts a full review of the patient’s care, including electrocardiograms and methadone initiation, and considers whether an institutional disclosure is warranted.
Closure Date:
2 The VA Northeast Ohio Healthcare System Director ensures that electrocardiograms are completed prior to and during methadone treatment in accordance with Veterans Health Administration Pharmacy Benefits Management Services recommendations.
Closure Date:
3 The VA Northeast Ohio Healthcare System Director ensures that domiciliary leaders implement a process to monitor the integrity of Volunteers of America staff documentation including health and safety rounding sheets and additional documentation directly pertaining to patients’ health, safety, and security.
Closure Date:
4 The VA Office of Asset Enterprise Management Director ensures that the Residential Services Agreement includes references to the Services Provider Contract between CGA LSVA Residential, LLC and Volunteers of America.
Closure Date:
5 The VA Office of Asset Enterprise Management Director, in consultation with the VA Office of General Counsel, determines if the Residential Services Agreement and the new term agreement needs to be reformed, or whether new contracts should be executed that clearly define the rights and responsibilities of all parties with respect to domiciliary services.
Closure Date:
| ||||
| 19-08256-124 | Delays in Diagnosis and Treatment and Concerns of Medical Management and Transfer of Patients at the Fayetteville VA Medical Center, North Carolina | Hotline Healthcare Inspection | ||
1 The Fayetteville VA Medical Center Director ensures that ordering providers review, acknowledge, and document an action plan for abnormal laboratory results.
Closure Date:
2 The Fayetteville VA Medical Center Director considers initiating an institutional disclosure for the failure of primary care provider 1’s clinical action and follow-up for Patient A’s abnormal test results and takes necessary actions.
Closure Date:
3 The Fayetteville VA Medical Center Director ensures that facility Community Care staff process Community Care consults according to the Veterans Health Administration policy.
Closure Date:
4 The Fayetteville VA Medical Center Director conducts a comprehensive review of Patient A’s and Patient B’s episode of care and takes action as indicated.
Closure Date:
5 The Fayetteville VA Medical Center Director evaluates the facility’s treating capabilities, delineates the medical conditions appropriate for admission, and updates the Policy for Admission/Discharge/Care of Patients to Intensive Care Unit.
Closure Date:
6 The Fayetteville VA Medical Center Director conducts an analysis of the inter-facility transfer process for patients in emergency situations, and develops and implements strategies and actions for improvement.
Closure Date:
7 The Fayetteville VA Medical Center Director updates the Patient Transfer Coordination policy to include the improvements from the transfer process analysis.
Closure Date:
8 The Fayetteville VA Medical Center Director makes certain that facility staff are trained on the updated Patient Transfer Coordination policy and emergency inter-facility transfer process for inpatients and monitors the process, including timeliness of transfers.
Closure Date:
9 The Fayetteville VA Medical Center Director reviews Patient B’s emergency medical services’ 911 call cancellation, considers initiating institutional disclosure, and takes appropriate action as indicated.
Closure Date:
10 The Fayetteville VA Medical Center Director ensures the Critical Care Committee thoroughly evaluates code blue events, identifies related performance and system issues, makes recommendations, and ensures actions are implemented.
Closure Date:
11 The Fayetteville VA Medical Center Director makes certain that solo practitioners have the privilege-specific competency components of their focused and ongoing professional practice evaluations performed by another provider with similar training and privileges and monitors compliance.
Closure Date:
12 The Fayetteville VA Medical Center Director ensures inter-facility patient data is collected, analyzed and incorporated into the facility’s quality management program.
Closure Date:
| ||||
| 19-09563-142 | VA’s Compliance with the Improper Payments Elimination and Recovery Act for FY 2019 | Review | ||
1 The Executive in Charge, Veterans Health Administration, implement appropriate IPERA testing procedures to ensure evidence is sufficient to verify that services were received for the Purchased Long-Term Services and Supports program.
Closure Date:
| ||||
| 19-08296-118 | Critical Care Unit Staffing and Quality of Care Deficiencies at the Charlie Norwood VA Medical Center, Augusta, Georgia | Hotline Healthcare Inspection | ||
1 The Charlie Norwood VA Medical Center Director ensures compliance with requirements outlined in Veterans Health Administration and Charlie Norwood VA Medical Center policy memorandums for the prevention and management of pressure injuries, including nursing documentation requirements.
Closure Date:
2 The Charlie Norwood VA Medical Center Director ensures Critical Care Unit nursing staff receive ongoing training to manage patients at risk for developing pressure injuries.
Closure Date:
3 The Charlie Norwood VA Medical Center Director evaluates tele-ICU services, and makes changes as needed to ensure cardiac-monitored patients receive safe care.
Closure Date:
4 The Charlie Norwood VA Medical Center Director ensures that a review to evaluate the circumstances related to Patient 8’s respiratory care is conducted and takes action as indicated.
Closure Date:
5 The Charlie Norwood VA Medical Center Director reviews current practices related to sitter availability when a physician orders a 1:1 sitter for Critical Care Unit patients and takes action as indicated.
Closure Date:
6 The Charlie Norwood VA Medical Center Director reviews current practices related to Critical Care Unit nursing staff assignments and takes action as indicated to support safe patient care when intravenous medications that require frequent dose adjustments are prescribed.
Closure Date:
| ||||
| 18-05350-135 | Radiology Concerns at the VA Illiana Health Care System Danville, Illinois | Hotline Healthcare Inspection | ||
1 The Under Secretary for Health adopts the National Radiology Program Office established guidelines and confers with the National Radiology Program Office to develop and incorporate a risk stratification methodology of the random sample of imaging modalities reviewed, to better inform radiologists’ professional practice evaluations.
Closure Date:
2 The Veterans Integrated Service Network Director provides continued oversight of the National Teleradiology Program expanded review results, ensures an appropriate response from VA Illiana Health Care System, and takes actions, as indicated.
Closure Date:
3 The VA Illiana Health Care System Director verifies that appropriate patient follow-up occurs, disclosures are conducted for events that meet disclosure criteria, and compliance with Veterans Health Administration policy is monitored.
Closure Date:
4 The VA Illiana Health Care System Director ensures the Radiology Service follows VA Illiana Health Care System policy to develop and implement a quality assurance and performance plan and monitors for compliance.
Closure Date:
5 The VA Illiana Health Care System Director considers following the National Guidelines for Radiology Professional Competency for radiologist competency reviews.
Closure Date:
6 The VA Illiana Health Care System Director evaluates the final findings of the National Teleradiology Program review to determine what additional steps are required, including large-scale disclosure and reporting to outside agencies.
Closure Date:
| ||||
| 18-06074-123 | Manipulation of Radiology Reports and Leadership Failures in the Medical Imaging Service at Clement J. Zablocki VA Medical Center in Milwaukee, Wisconsin | Hotline Healthcare Inspection | ||
1 The Under Secretary for Health ensures that the planning and implementation of the new electronic health record includes a process for addenda insertion, deletion, and consistent formatting for radiology reports.
Closure Date:
2 The Under Secretary for Health reviews Veterans Health Administration policy related to management of health information in the electronic health record, evaluates the circumstances that led to the Division Manager’s decision to direct the deletion of a completed and verified imaging report, and takes action, as indicated.
Closure Date:
3 The Clement J. Zablocki VA Medical Center Director ensures a review of the radiology report for the patient with conflicting imaging study results and confirms that the most accurate impression is evident in electronic health record.
Closure Date:
4 The Veterans Integrated Service Network Director reviews access, management, and the Veterans Integrated Service Network oversight of the Clement J. Zablocki VA Medical Center picture archiving and communication system practices, and takes action to remedy issues identified during the review, as indicated.
Closure Date:
5 The Clement J. Zablocki VA Medical Center Director reviews the oversight and management of the Medical Imaging Service, confers with human resources, makes recommendations for improvement as indicated, and monitors progress.
Closure Date:
6 The Clement J. Zablocki VA Medical Center Director completes an evaluation of the Medical Imaging Service’s culture, morale, and team cohesion, develops an action plan for improvement, and monitors progress.
Closure Date:
7 The Clement J. Zablocki VA Medical Center Director evaluates the need for Medical Imaging Service staff to receive training on workplace intimidation and the process for employee reporting of concerns, and takes actions, as indicated.
Closure Date:
8 The Veterans Integrated Service Network Director makes certain that future hotline case referrals are investigated in accordance with Veterans Affairs policy related to Office of Inspector General Hotline complaint referrals, and provides oversight of facility responses.
Closure Date:
| ||||
| 19-09447-136 | Review of Access to Care and Capabilities during VA’s Transition to a New Electronic Health Record System at the Mann-Grandstaff VA Medical Center in Spokane, Washington | Hotline Healthcare Inspection | ||
1 The Under Secretary for Health, in conjunction with the Office of Electronic Health Records Modernization, evaluates the impact of the new electronic health record implementation on productivity and provides operational guidance and required resources to facilities prior to go-live.
Closure Date:
2 The Under Secretary for Health, in conjunction with the Office of Electronic Health Records Modernization, identifies the impact of the mitigation strategies on user and patient experience at go-live and takes action, as needed.
Closure Date:
3 The Executive Director, Office of Electronic Health Records Modernization, in conjunction with the Under Secretary for Health, ensures that clear guidance is given to facility staff on what electronic health record capabilities will be available at go-live.
Closure Date:
4 The Under Secretary for Health, in conjunction with the Office of Electronic Health Records Modernization, reevaluates the electronic health record modernization deployment timeline to minimize the number of required mitigation strategies at go-live.
Closure Date:
5 The Veterans Integrated Service Network Director collaborates with facility leaders to implement VA-provided operational guidance and supports required resources needed throughout the transition to the new electronic health record system.
Closure Date:
6 The Veterans Integrated Service Network Director ensures that positions required for the transition to the new electronic health record system are staffed and trained prior to go-live.
Closure Date:
7 The Mann-Grandstaff VA Medical Center Director ensures that community care consults are managed through go-live to ensure accuracy, completeness, and to avoid the need for manual reentry after go-live.
Closure Date:
8 The Mann-Grandstaff VA Medical Center Director ensures that patients receive medication refills in a timely manner throughout the transition to the new electronic health record system.
Closure Date:
| ||||
| 19-08980-95 | Deficiencies in Infrastructure Readiness for Deploying VA’s New Electronic Health Record System | Audit | ||
1 Establish an infrastructure-readiness schedule for future deployment sites thatincorporates lessons learned from DoD.
Closure Date:
2 Reassess the enterprise-wide deployment schedule to ensure projected milestones arerealistic and achievable, considering the time needed for facilities to completeinfrastructure upgrades.
Closure Date:
3 Implement tools to comprehensively monitor the status and progress of medical devicesat the enterprise level.
Closure Date:
4 Standardize infrastructure requirements in conjunction with VHA and the OIT and ensurethose requirements are disseminated to all necessary staff.
Closure Date:
5 Evaluate physical infrastructure for consistency with OEHRM requirements and monitorcompletion of those evaluations.
Closure Date:
6 Fill infrastructure-readiness team vacancies until optimal staffing levels are attained.
Closure Date:
7 Ensure physical security assessments are completed and addressed at future electronichealth record deployment sites.
Closure Date:
8 Ensure all access points to physical infrastructure are secured and inaccessible tounauthorized individuals.
Closure Date:
| ||||
| 19-06935-96 | Federal Information Security Modernization Act Audit for Fiscal Year 2019 | Audit | ||
1 We recommended the Assistant Secretary for Information and Technology consistently implement an improved continuous monitoring program in accordance with the NIST Risk Management Framework. Specifically, implement an independent security control assessment process to evaluate the effectiveness of security controls prior to granting authorization decisions. (This is a modified repeat recommendation from prior years.)
Closure Date:
2 We recommended the Assistant Secretary for Information and Technology implement improved mechanisms to ensure system stewards and information system security officers follow procedures for establishing, tracking, and updating Plans of Action and Milestones for all known risks and weaknesses including those identified during security control assessments. (This is a modified repeat recommendation from prior years.)
Closure Date:
3 We recommended the Assistant Secretary for Information and Technology implement controls to ensure that system stewards and responsible officials obtain appropriate documentation prior to closing Plans of Action and Milestones. (This is a modified repeat recommendation from prior years.)
Closure Date:
4 We recommended the Assistant Secretary for Information and Technology develop mechanisms to ensure system security plans reflect current operational environments, include an accurate status of the implementation of system security controls, and all applicable security controls are properly evaluated. (This is a repeat recommendation from prior years.)
Closure Date:
5 We recommended the Assistant Secretary for Information and Technology implement improved processes for reviewing and updating key security documents such as security plans and interconnection agreements on an annual basis and ensure the information accurately reflects the current environment. (This is a modified repeat recommendation from prior years.)
Closure Date:
6 We recommended the Assistant Secretary for Information and Technology implement improved processes to ensure compliance with VA password policy and security standards on domain controls, operating systems, databases, applications, and network devices. (This is a repeat recommendation from prior years.)
Closure Date:
7 We recommended the Assistant Secretary for Information and Technology implement periodic reviews to minimize access by system users with incompatible roles, permissions in excess of required functional responsibilities, and unauthorized accounts. (This is a repeat recommendation from prior years.)
Closure Date:
8 We recommended the Assistant Secretary for Information and Technology enable system audit logs on all critical systems and platforms and conduct centralized reviews of security violations across the enterprise. (This is a repeat recommendation from prior years
Closure Date:
9 We recommended the Assistant Secretary for Information and Technology fully implement two-factor authentication to the extent feasible for all user accounts throughout the agency. (This is a repeat recommendation from prior years.)
Closure Date:
10 We recommended the Assistant Secretary for Information and Technology implement more effective automated mechanisms to continuously identify and remediate security deficiencies on VA’s network infrastructure, database platforms, and web application servers. (This is a repeat recommendation from prior years.)
Closure Date:
11 We recommended the Assistant Secretary for Information and Technology implement a more effective patch and vulnerability management program to address security deficiencies identified during our assessments of VA’s web applications, database platforms, network infrastructure, and workstations. (This is a repeat recommendation from prior years.)
Closure Date:
12 We recommended the Assistant Secretary for Information and Technology maintain a complete and accurate security baseline configuration for all platforms and ensure all baselines are appropriately implemented for compliance with established VA security standards. (This is a repeat recommendation from prior years.)
Closure Date:
13 We recommended the Assistant Secretary for Information and Technology implement improved network access controls that restrict medical devices from systems hosted on the general network. (This is a modified repeat recommendation from prior years.)
Closure Date:
14 We recommended the Assistant Secretary for Information and Technology consolidate the security responsibilities for networks not managed by the Office of Information and Technology, under a common control for each site and ensure vulnerabilities are remediated in a timely manner. (This is a repeat recommendation from prior years.)
Closure Date:
15 We recommended the Assistant Secretary for Information and Technology implement improved processes to ensure that all devices and platforms are evaluated using credentialed vulnerability assessments. (This is a repeat recommendation from prior years.)
Closure Date:
16 We recommended the Assistant Secretary for Information and Technology implement improved procedures to enforce standardized system development and change control processes that integrates information security throughout the life cycle of each system. (This is a repeat recommendation from prior years.)
Closure Date:
17 We recommended the Assistant Secretary for Information and Technology review system boundaries, recovery priorities, system components, and system interdependencies and implement appropriate mechanisms to ensure that established system recovery objectives are met. (This is a modified repeat recommendation from prior years.)
Closure Date:
18 We recommended the Assistant Secretary for Information and Technology implement more effective agency-wide incident response procedures to ensure timely notification, reporting, updating, and resolution of computer security incidents in accordance with VA standards. (This is a repeat recommendation from prior years.)
Closure Date:
19 We recommended the Assistant Secretary for Information and Technology ensure that VA’s Cybersecurity Operations Center has full access to all security incident data to facilitate an agency-wide awareness of information security events. (This is a repeat recommendation from prior years.)
Closure Date:
20 We recommended the Assistant Secretary for Information and Technology implement improved safeguards to identify and prevent unauthorized vulnerability scans on VA networks. (This is a repeat recommendation from prior years.)
Closure Date:
21 We recommended the Assistant Secretary for Information and Technology implement improved measures to ensure that security control deficiencies are tracked individually instead of consolidating security deficiencies under one control. (This is a modified repeat recommendation from prior years.)
Closure Date:
22 We recommended the Assistant Secretary for Information and Technology fully develop a comprehensive list of approved and unapproved software and implement continuous monitoring processes to prevent the use of prohibited software on agency devices. (This is a repeat recommendation from prior years.)
Closure Date:
23 We recommended the Assistant Secretary for Information and Technology develop a comprehensive inventory process to identify connected hardware, software, and firmware used to support VA programs and operations. (This is a repeat recommendation from prior years.)
Closure Date:
24 We recommended the Assistant Secretary for Information and Technology implement improved procedures for monitoring contractor-managed systems and services and ensure information security controls adequately protect VA sensitive systems and data. (This is a modified repeat recommendation from prior years.)
Closure Date:
25 We recommended the Executive in Charge for Information and Technology ensure appropriate levels of background investigations be completed for all personnel in a timely manner, implement processes to monitor and ensure timely reinvestigations on all applicable employees and contractors, and monitor the status of the requested investigations.
Closure Date:
| ||||
15169