Recommendations
2079
| ID | Report Number | Report Title | Type | |
|---|---|---|---|---|
| 20-03178-116 | Deficiencies in Reporting Reliable Physical Infrastructure Cost Estimates for the Electronic Health Record Modernization Program | Audit | ||
1 The executive director for the Office of Electronic Health Record Modernization should ensure an independent cost estimate is performed for program life cycle cost estimates including related physical infrastructure costs funded by the Veterans Health Administration.
Closure Date:
2 The VA Assistant Secretary for Management and Chief Financial Officer should ensure the Office of Programming, Analysis and Evaluation, or another office performing its duties, conducts independent cost
Closure Date:
3 The director of Special Engineering Projects for the Veterans Health Administration’s Office of Healthcare Environment and Facilities Programs should develop a reliable cost estimate for Electronic Health Record Modernization program-related physical infrastructure in accordance with VA cost-estimating standards and incorporate costs for upgrade needs identified in facility self-assessments and scoping sessions.
Closure Date:
4 The director of Special Engineering Projects should also continuously update physical infrastructure cost estimates based on emerging requirements and identified project needs.
Closure Date:
5 Ensure costs for physical infrastructure upgrades funded by the Veterans Health Administration or other sources needed to support the Electronic Health Record Modernization program are disclosed in program life cycle cost estimates presented to Congress.
| ||||
| 20-03380-136 | Drug Interactions Related to a Patient Death, Marion VA Medical Center in Illinois | Hotline Healthcare Inspection | ||
1 The Marion VA Medical Center Director ensures that behavioral health staff provide, and document patient education including discussion of side effects and possible adverse drug-drug interactions during telephone encounters when medications are added or adjusted and monitors compliance.
Closure Date:
2 The Marion VA Medical Center Director confirms that behavioral health providers are communicating test results to patients and providing necessary clinical interventions as required by policy.
Closure Date:
3 The Marion VA Medical Center Director monitors implementation of Phase Four of the Psychotropic Drug Safety Initiative.
Closure Date:
4 The Marion VA Medical Center Director ensures that primary care providers enter return-to-clinic orders and monitors compliance.
Closure Date:
5 The Marion VA Medical Center Director verifies primary care and behavioral health staff document contacts, attempted contacts, and letters sent when patients missed their appointments and monitors compliance.
Closure Date:
| ||||
| 20-01276-131 | Comprehensive Healthcare Inspection of the Cincinnati VA Medical Center in Ohio | Comprehensive Healthcare Inspection Program | ||
1 The Medical Center Director evaluates and determines any additional reasons for noncompliance and ensures the Quality, Safety, and Value Committee fully implements and monitors improvement actions.
Closure Date:
2 The Chief of Staff determines the reasons for noncompliance and makes certain that all applicable deaths are peer reviewed.
Closure Date:
3 The Medical Center Director evaluates and determines any additional reasons for noncompliance and ensures that root cause analyses include all required review elements.
Closure Date:
4 The Chief of Staff determines the reasons for noncompliance and ensures clinical managers define in advance, communicate, and document criteria for focused professional practice evaluations in practitioner profiles.
Closure Date:
5 The Chief of Staff evaluates and determines additional reasons for noncompliance and ensures that service chiefs document the results of focused professional practice evaluations in practitioner profiles.
Closure Date:
6 The Chief of Staff evaluates and determines additional reasons for noncompliance and ensures that service chiefs collect service-specific ongoing professional practice evaluation data.
Closure Date:
7 The Chief of Staff determines the reasons for noncompliance and ensures service chiefs recommend continuation of privileges based on ongoing professional practice evaluation data.
Closure Date:
8 The Chief of Staff evaluates and determines additional reasons for noncompliance and makes certain that Clinical Executive Board meeting minutes consistently reflect the review of professional practice evaluation results in the decision to recommend initiation and continuation of privileges.
Closure Date:
9 The Medical Center Director evaluates and determines any additional reasons for noncompliance and makes certain that provider exit review forms are completed within seven business days of licensed healthcare professionals’ departure from the medical center.
Closure Date:
10 The Chief of Staff evaluates and determines any additional reasons for noncompliance and ensures clinicians complete suicide prevention safety plans in the expected time frame for patients with High Risk for Suicide Patient Record Flags.
Closure Date:
11 The Chief of Staff evaluates and determines any additional reasons for noncompliance and ensures that each community-based outpatient clinic has at least two designated women’s health primary care providers or plans for leave coverage if there is only one designated provider.
Closure Date:
12 The Chief of Staff determines the reasons for noncompliance and makes certain that required members are assigned and consistently attend Women Veterans Advisory Committee meetings.
Closure Date:
13 The Associate Director for Patient Care Services evaluates and determines any additional reasons for noncompliance and makes certain that standard operating procedures align with manufacturer’s instructions for use.
Closure Date:
14 The Associate Director for Patient Care Services evaluates and determines any additional reasons for noncompliance and makes certain that CensiTrac® is fully operational.
Closure Date:
15 The Associate Director for Patient Care Services evaluates and determines any additional reasons for noncompliance and ensures that the Chief of Sterile Processing Services maintains written records of weekly eyewash station function testing.
Closure Date:
16 The Associate Director for Patient Care Services evaluates and determines any additional reasons for noncompliance and ensures that staff who reprocess reusable medical equipment receive monthly continuing education.
Closure Date:
| ||||
| 20-00049-122 | The Office of Field Operations Did Not Adequately Oversee Quality Assurance Program Findings | Review | ||
1 Develop and implement a written plan to strengthen oversight of the quality assurance program for disability compensation benefits and monitor the plan to ensure identified deficiencies are adequately addressed.
Closure Date:
| ||||
| 20-03886-141 | Inadequate Resident Supervision and Documentation of an Ophthalmology Procedure at the Oklahoma City VA Health Care System in Oklahoma | Hotline Healthcare Inspection | ||
1
The Oklahoma City VA Health Care System Director ensures a review of the clinic note for the patient who experienced temporary loss of vision and confirms that the level of supervision provided by the attending ophthalmologist is accurately reflected in the electronic health record.
Closure Date:
2 The Oklahoma City VA Health Care System Director conducts a review to ensure that language used to document resident supervision accurately reflects the presence of the attending ophthalmologist and the degree of resident oversight provided and takes action as indicated.
Closure Date:
3 The Oklahoma City VA Health Care System Director confirms that ophthalmology service procedures include a hand-off process to address attending coverage in situations when an attending ophthalmologist is unavailable to provide timely resident supervision.
Closure Date:
| ||||
| 20-03593-140 | Care and Oversight Deficiencies Related to Multiple Homicides at the Louis A. Johnson VA Medical Center in Clarksburg, West Virginia | Hotline Healthcare Inspection | ||
1 The Under Secretary for Health ensures actions are taken to clarify and broadly disseminate adjudicator expectations for follow-up of an unreturned INV Form 41.
Closure Date:
2 The Louis A. Johnson Medical Center Director ensures Pharmacy Service utilizes the required Veterans Health Information Systems and Technology Architecture Automatic Replenishment System to record medication usage data and maintain the records for inventory accountability.
Closure Date:
3 The Veterans Integrated Service Network 5 Director conducts management reviews of the care of patients 1–10 as discussed in this report and takes action as indicated.
Closure Date:
4 The Louis A. Johnson VA Medical Center Director reviews the availability and timeliness of endocrinology consults, and takes any corrective action needed.
Closure Date:
5 The Veterans Integrated Service Network 5 Director ensures evaluation of quality of care concerns or other irregularities (beyond hypoglycemia) of: cases provided by the OIG; cases that may otherwise be pertinent or concerning; and cases brought forward by patients and/or family members who express concerns or make other inquiries about care they received from Ms. Mays. As determined by the VISN, clinical experts external to the facility should be utilized when appropriate.
Closure Date:
6 The Louis A. Johnson Medical Center Director develops and disseminates guidance on clinical communication(s) to ensure that patient care and outcomes are routinely discussed in appropriate forums, such as interdisciplinary team meetings, and the discussions are documented.
Closure Date:
7 The Louis A. Johnson Medical Center Director ensures that close observation documentation is readily available in the electronic health record, and monitors for compliance.
Closure Date:
8 The Louis A. Johnson Medical Center Director ensures clinical documentation reviews are completed timely for patient safety and continuity of care.
Closure Date:
9 The Louis A. Johnson VA Medical Center Director evaluates the factors and processes surrounding employees’ failures to report and follow up on the unexplained hypoglycemic events, and takes action to ensure appropriate reporting of actual or potential patient safety events, system vulnerabilities, or other unexpected events that offer opportunities for lessons learned.
Closure Date:
10 The Louis A. Johnson Medical Center Director requires that all staff are trained on reporting patient safety events using the correct reporting system and monitors for compliance.
Closure Date:
11 The Louis A. Johnson Medical Center Director ensures that the interdisciplinary mortality review workgroup meet as required with appropriate reporting through oversight council(s), and monitors for compliance.
Closure Date:
12 The Louis A. Johnson Medical Center Director ensures that oversight and reporting practices align with Louis A. Johnson Medical Center policy requirements.
Closure Date:
13 The Under Secretary for Health determines the potential advantage of a rescue medication flagging system as an additional tool to evaluate unexplained adverse patient events, including but not limited to mortalities, and takes action as indicated.
Closure Date:
14 The Louis A. Johnson VA Medical Center Director takes action to prioritize and continue efforts to promote a strong culture of safety, such as periodic facility-wide refresher patient safety training or additional patient safety stand downs when indicated, and monitors for effectiveness.
Closure Date:
15 The Under Secretary for Health reevaluates how the Veterans Health Administration collects, reviews, and analyzes mortality data from VA facilities, and takes action to address identified gaps and weaknesses, as indicated.
Closure Date:
| ||||
| 20-02265-100 | Deficiencies in Leaders’ Responses to Lapses in Reusable Medical Equipment Reprocessing at the Chillicothe VA Medical Center in Ohio | Hotline Healthcare Inspection | ||
1 The Chillicothe VA Medical Center Director develops an oversight plan to address concerns regarding the employee’s compliance with Sterile Processing Services’ procedures as identified by facility and Veterans Integrated Services Network leaders and the Clinical Episode Review Team and confirms effective resolution.
Closure Date:
2 The Under Secretary for Health ensures that the Clinical Episode Review Team reviews the OIG-provided biomedical equipment manufacturer’s information for the automated endoscope reprocessor to determine if the information alters their determination regarding the potential risk to patients or the need for a large-scale disclosure and takes action as necessary.
Closure Date:
| ||||
| 20-01523-102 | Deficiencies in Community Living Center Practices and the Death of a Patient Following Elopement from the Chillicothe VA Medical Center in Ohio | Hotline Healthcare Inspection | ||
1 The Veterans Integrated Service Network Director consults with the VA Office of Mental Health and Suicide Prevention to review the classification and commitment of patients to the long-stay mental health recovery unit in the facility’s community living center, and makes recommendations to ensure the provision of safe mental health care to patients at the Chillicothe VA Medical Center.
Closure Date:
2 The Veterans Integrated Service Network Director conducts a comprehensive review of the patient’s calendar year 2019 mental health care, including psychiatric care and medication management, and makes recommendations to the facility, if indicated.
Closure Date:
3 The Chillicothe VA Medical Center Director establishes a review process to ensure that community living center assessments clearly align the service offerings of the community living center with the individual needs of patients.
Closure Date:
4 The Chillicothe VA Medical Center Director ensures development of a process to address the care needs of patients who are determined inappropriate for community living center admission.
Closure Date:
5 The Chillicothe VA Medical Center Director establishes a review process to ensure that community living center care plans are consistent with applicable Veterans Health Administration policy and communicated to the community living center staff caring for patients.
Closure Date:
6 The Chillicothe VA Medical Center Director ensures all community living center long-stay mental health recovery unit staff receive mental health training and pass competency evaluations to provide care specific to the needs of the population served.
Closure Date:
7 The Chillicothe VA Medical Center Director ensures that all facility staff are trained on, and comply with, the facility policy concerning patient behavior management.
Closure Date:
8 The Chillicothe VA Medical Center Director ensures that all facility community living center staff report near-miss and actual missing patient events to patient safety staff and monitors for compliance.
Closure Date:
9 The Chillicothe VA Medical Center Director ensures that patient safety staff review reported events for patterns or trends indicating risks to patients with a need for mitigation and confirms that effective mitigation strategies are initiated.
Closure Date:
10 The Chillicothe VA Medical Center Director ensures all facility community living center staff receive initial orientation on how to prevent and respond to missing patient events, activating all alerts and involving all relevant staff, as required.
Closure Date:
11 The Chillicothe VA Medical Center Director reviews the facility’s policy on missing patients, ensures that it clearly outlines actions staff should take to prevent missing patient events, and verifies that relevant staff are trained and knowledgeable about such actions.
Closure Date:
12 The Chillicothe VA Medical Center Director ensures that VA police officers receive training and resources to provide missing patient alerts to all facility staff and appropriate law enforcement agencies.
Closure Date:
| ||||
| 20-01272-129 | Comprehensive Healthcare Inspection of the Aleda E. Lutz VA Medical Center in Saginaw, Michigan | Comprehensive Healthcare Inspection Program | ||
1 The Medical Center Director evaluates and determines any additional reasons for noncompliance and ensures the Executive Quality Leadership Council recommends and takes action in response to identified problems or opportunities for improvement.
Closure Date:
2 The Chief of Staff evaluates and determines any additional reasons for noncompliance and makes certain that the Chief of Medicine includes the minimum gastroenterology-specific criteria for ongoing professional practice evaluations of licensed independent gastroenterology practitioners.
Closure Date:
3 The Chief of Staff evaluates and determines any additional reasons for noncompliance and ensures that providers with similar training and privileges complete ongoing professional practice evaluations of licensed independent practitioners.
Closure Date:
4 The Medical Center Director evaluates and determines any additional reasons for noncompliance and makes certain that Provider Exit Review Forms are completed within seven business days of licensed healthcare practitioners’ departure from the medical center.
Closure Date:
5 The Chief of Staff evaluates and determines any additional reasons for noncompliance and ensures providers complete and document goals of care conversations prior to hospice referrals.
Closure Date:
6 The Medical Center Director evaluates and determines any additional reasons for noncompliance and makes certain that required members consistently attend Women Veterans Health Committee meetings
Closure Date:
7 The Associate Director for Patient Care Services evaluates and determines any additional reasons for noncompliance and ensures that standard operating procedures align with the manufacturer’s instructions for use.
Closure Date:
8 The Associate Director for Patient Care Services evaluates and determines any additional reasons for noncompliance and ensures that all current Sterile Processing Services employees complete Level 1 training and all new employees complete Level 1 training within 90 days of hire.
Closure Date:
9 The Associate Director for Patient Care Services evaluates and determines any additional reasons for noncompliance and ensures that Sterile Processing Services employees complete competency assessments that align with standard operating procedures and manufacturers’ instructions for use.
Closure Date:
| ||||
| 20-01927-104 | Federal Information Security Modernization Act Audit for Fiscal Year 2020 | Audit | ||
1 We recommended the Assistant Secretary for Information and Technology consistently implement an improved continuous monitoring program in accordance with the NIST Risk Management Framework. Specifically, implement an independent security control assessment process to evaluate the effectiveness of security controls prior to granting authorization decisions.
Closure Date:
2 We recommended the Assistant Secretary for Information and Technology implement improved mechanisms to ensure system stewards and information system security officers follow procedures for establishing, tracking, and updating Plans of Action and Milestones for all known risks and weaknesses including those identified during security control assessments.
Closure Date:
3 We recommended the Assistant Secretary for Information and Technology implement controls to ensure that system stewards and responsible officials obtain appropriate documentation prior to closing Plans of Action and Milestones.
Closure Date:
4 We recommended the Assistant Secretary for Information and Technology develop mechanisms to ensure system security plans reflect current operational environments, include an accurate status of the implementation of system security controls, and all applicable security controls are properly evaluated.
Closure Date:
5 We recommended the Assistant Secretary for Information and Technology Implement improved processes for reviewing and updating key security documents such as security plans, risk assessments, and interconnection agreements on an annual basis and ensure the information accurately reflects the current environment.
Closure Date:
6 We recommended the Assistant Secretary for Information and Technology implement improved processes to ensure compliance with VA password policy and security standards on domain controls, operating systems, databases, applications, and network devices.
Closure Date:
7 We recommended the Assistant Secretary for Information and Technology implement periodic reviews to minimize access by system users with incompatible roles, permissions in excess of required functional responsibilities, and unauthorized accounts.
Closure Date:
8 We recommended the Assistant Secretary for Information and Technology enable system audit logs on all critical systems and platforms and conduct centralized reviews of security violations across the enterprise.
Closure Date:
9 We recommended the Office of Personnel Security strengthen processes to ensure appropriate levels of background investigations are completed for applicable VA employees and contractors and applicable investigation data is accurately tracked within the authoritative system of record.
Closure Date:
10 We recommended the Office of Personnel Security formalize the Position Descriptions and methodology used within the Human Resource business processes to ensure that employees with similar positions are required to have the same level of background investigation.
Closure Date:
11 We recommended the Assistant Secretary for Information and Technology implement more effective automated mechanisms to continuously identify and remediate security deficiencies on VA’s network infrastructure, database platforms, and web application servers.
Closure Date:
12 We recommended the Assistant Secretary for Information and Technology implement a more effective patch and vulnerability management program to address security deficiencies identified during our assessments of VA’s web applications, database platforms, network infrastructure, and workstations.
Closure Date:
13 We recommended the Assistant Secretary for Information and Technology maintain a complete and accurate security baseline configuration for all platforms and ensure all baselines are appropriately implemented for compliance with established VA security standards.
Closure Date:
14 We recommended the Assistant Secretary for Information and Technology implement improved network access controls that restrict medical devices from systems hosted on the general network.
Closure Date:
15 We recommended the Assistant Secretary for Information and Technology consolidate the security responsibilities for networks not managed by the Office of Information and Technology, under a common control for each site and ensure vulnerabilities are remediated in a timely manner.
Closure Date:
16 We recommended the Assistant Secretary for Information and Technology implement improved processes to ensure that all devices and platforms are evaluated using credentialed vulnerability assessments.
Closure Date:
17 We recommended the Assistant Secretary for Information and Technology implement improved procedures to enforce standardized system development and change control processes that integrates information security throughout the life cycle of each system.
Closure Date:
18 We recommended the Assistant Secretary for Information and Technology review system boundaries, recovery priorities, system components, and system interdependencies and implement appropriate mechanisms to ensure that established system recovery objectives are met.
Closure Date:
19 We recommended the Assistant Secretary for Information and Technology ensure contingency plans for all systems and applications are updated and tested in accordance with VA requirements.
Closure Date:
20 We recommended the Assistant Secretary for Information and Technology implement more effective agency-wide incident response procedures to ensure timely notification, reporting, updating, and resolution of computer security incidents in accordance with VA standards.
Closure Date:
21 We recommended the Assistant Secretary for Information and Technology ensure that VA’s Cybersecurity Operations Center has full access to all security incident data to facilitate an agency-wide awareness of information security events.
Closure Date:
22 We recommended the Assistant Secretary for Information and Technology implement improved safeguards to identify and prevent unauthorized vulnerability scans on VA networks.
Closure Date:
23 We recommended the Assistant Secretary for Information and Technology implement improved measures to ensure that all security controls are assessed in accordance with VA policy and that identified issues or weaknesses are adequately documented and tracked within POA&Ms.
Closure Date:
24 We recommended the Assistant Secretary for Information and Technology fully develop a comprehensive list of approved and unapproved software and implement continuous monitoring processes to prevent the use of prohibited software on agency devices.
Closure Date:
25 We recommended the Assistant Secretary for Information and Technology develop a comprehensive inventory process to identify connected hardware, software, and firmware used to support VA programs and operations.
Closure Date:
26 We recommended the Assistant Secretary for Information and Technology implement improved procedures for monitoring contractor-managed systems and services and ensure information security controls adequately protect VA sensitive systems and data.
Closure Date:
| ||||
15039