All Reports

VBA Generally Helped Veterans Obtain Damaged or Destroyed Records

10/19/2023

|

22-03522-209

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Veterans Benefits Administration (VBA)

Establish a process to identify and track veterans’ files for those determined to have fire-damaged or destroyed records, such as adding a corporate flash, and update the Adjudication Procedural Manual indicating when veterans service representatives should apply such procedures.

No. 2

to Veterans Benefits Administration (VBA)

Instruct veterans service representatives on the process for requesting service treatment and military service records for fire-related records, which includes more specific guidance on what information is required for the National Personnel Records Center to locate veterans’ records.

No. 3

to Veterans Benefits Administration (VBA)

Ensure veterans service representatives are made aware of and follow steps as outlined in the manual for when to send required forms and conduct follow-up contact with veterans.

VHA Should Continue to Improve Water Safety and Oversight of Prevention Practices to Minimize the Effects of Legionella

10/3/2023

|

22-03247-198

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Veterans Health Administration (VHA)

The assistant under secretary for health for support should establish certification procedures for Veterans Integrated Service Networks to ensure medical facilities’ healthcare-associated Legionella disease prevention plans for buildings comply with Veterans Health Administration Directive 1061 requirements.

No. 2

to Veterans Health Administration (VHA)

The assistant under secretary for health for support should develop and ensure Veterans Integrated Service Networks perform and document quality control and quality assurance checks of their requirements for oversight and enforcement of the Veterans Health Administration Directive 1061 quarterly Legionella water testing procedures conducted by the facility.

No. 3

to Veterans Health Administration (VHA)

The assistant under secretary for health for operations should monitor Veterans Integrated Service Network officials fulfillment of their oversight responsibilities found in Veterans Health Administration Directive 1061 regarding Legionella water sampling, testing, remediation efforts, and reporting of Legionella water testing data, including the post-remediation test results.

No. 4

to Veterans Health Administration (VHA)

The director of the Office of Healthcare Engineering should consider alternative measures, such as adding dedicated resources, to provide expertise and support for medical facilities experiencing persistent positive Legionella in facility water supply systems after applying the remediation efforts prescribed by Veterans Health Administration Directive 1061.

No. 5

to Veterans Health Administration (VHA)

The director of the Office of Healthcare Engineering should assist the Salem VA medical center with their persistent positive Legionella in the facility water supply system, and, with consideration of the ongoing water supply system renovations, develop an action plan to mitigate remediation challenges.

No. 6

to Veterans Health Administration (VHA)

The director of the Office of Healthcare Engineering should clarify the responsibility section of Veterans Health Administration Directive 1061 to clearly define oversight responsibilities for ensuring required remediation steps are completed when facilities received positive Legionella water test results.

No. 7

to Veterans Health Administration (VHA)

The director of the Office of Healthcare Engineering should revise the Water Safety Management Tool to alert Veterans Integrated Service Network and medical facility oversight officials when quarterly testing data is not posted.

No. 8

to Veterans Health Administration (VHA)

The assistant under secretary for health for operations should take actions to confirm that Veterans Integrated Service Network officials are ensuring front-line staff are routinely notified by responsible medical facility officials when elevated Legionella water sample levels require diagnostic awareness and additional clinical surveillance of veterans to detect Legionnaires’ disease.

VA Should Strengthen Enterprise Cloud Security and Privacy Controls

9/27/2023

|

22-03525-195

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Information and Technology (OIT)

The assistant secretary for information technology develop a timeline for updating the security and privacy guidance to reflect the latest revisions to the National Institute of Standards and Technology Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations, and address identified weaknesses with personally identifiable information and supply chain management.

No. 2

to Information and Technology (OIT)

The assistant secretary for information technology eEstablish a mechanism to ensure continuous monitoring of VA Enterprise Cloud systems to include having and testing contingency, incident response, and disaster recovery plans and conducting scanning as required.

No. 3

to Information and Technology (OIT)

The assistant secretary for information and technology ensure VA Directive and Handbook 6517 are updated to reflect the revised National Institute of Standards and Technology requirements.

No. 4

to Information and Technology (OIT)

The assistant secretary for information and technology continue to improve criteria and processes for submitting claims for recoupment of service credits.

No. 5

to Information and Technology (OIT)

The assistant secretary for information and technology assign roles and responsibilities for submitting claims for service credits and monitoring outcomes.

Oversight Could Be Strengthened for Non-VA Healthcare Providers Who Prescribe Opioids to Veterans

9/26/2023

|

22-00414-113

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Veterans Health Administration (VHA)

Clarify roles and responsibilities of the Office of Integrated Veteran Care and third-party administrators with respect to ensuring non-VA providers receive and certify they have reviewed Opioid Safety Initiative guidelines in accordance with the John S. McCain III, Daniel K. Akaka, and Samuel R. Johnson VA Maintaining Internal Systems and Strengthening Integrated Outside Networks Act of 2018 and collaborate with the contracting office to modify the contracts as appropriate.

No. 2

to Veterans Health Administration (VHA)

Ensure the Office of Integrated Veteran Care strengthens controls to monitor the third-party administrators to ensure non-VA providers’ completion of the VA Opioid Safety Initiative training module.

No. 3

to Veterans Health Administration (VHA)

Ensure the Office of Integrated Veteran Care strengthens controls to monitor the third-party administrators to ensure non-VA providers’ completion of required prescription drug monitoring program queries

VA’s Governance of Its Personnel Suitability Program for Medical Facilities Continues to Need Improvement

9/21/2023

|

21-03718-189

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Human Resources and Administration/Operations, Security, and Preparedness (HRA/OSP)

Establish robust oversight of the personnel suitability program within responsible office(s) that includes verifying background investigations are initiated and adjudicated within prescribed timelines and that documentation is filed as required.

No. 2

to Human Resources and Administration/Operations, Security, and Preparedness (HRA/OSP)

Reimplement the monitoring program specifically required by VA Handbook 0710 as part of VA’s oversight efforts, or an appropriate equivalent, to identify and prevent systemic weaknesses in the personnel suitability program.

No. 3

to Human Resources and Administration/Operations, Security, and Preparedness (HRA/OSP)

Assess program resources and allocate staff as needed to prioritize oversight of the personnel suitability program within responsible office(s).

No. 4

to Veterans Health Administration (VHA)

Establish a plan to implement the updated staffing metrics for the Veterans Health Administration’s suitability function and consider using available hiring flexibilities.

No. 5

to Human Resources and Administration/Operations, Security, and Preparedness (HRA/OSP)

Incorporate formal data-testing procedures (and data-matching as appropriate) of HR Smart and the VA Centralized Adjudication Background Investigation System (or any replacement systems) into the monitoring program discussed in recommendation 2.

No. 6

to Human Resources and Administration/Operations, Security, and Preparedness (HRA/OSP)

Develop and execute a plan to collect, maintain, and access sufficient and appropriate data through a single system to support the tracking of background investigations from initiation to adjudication.

No. 7

to Human Resources and Administration/Operations, Security, and Preparedness (HRA/OSP)

Establish a plan to ensure that future systems support the functionality needed to effectively oversee and manage the background investigation process, including addressing limitations identified in the current systems and incorporating the fields necessary to track timeliness metrics.

Staff Did Not Limit the Use of Schools and Training Programs That Were Only Approved for the Veteran Readiness and Employment Program

9/14/2023

|

22-02293-188

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Veterans Benefits Administration (VBA)

Develop and implement procedures to ensure the Veteran Readiness and Employment Service has properly researched and clearly understands changes to the laws and regulations that govern Chapter 31–only schools and training programs.

No. 2

to Veterans Benefits Administration (VBA)

Review the existing manual requirements for waivers and coordinate with appropriate officials to ensure amendments to 38 United States Code § 3104(b) have been properly implemented and included in the manual.

No. 3

to Veterans Benefits Administration (VBA)

Train all appropriate Veteran Readiness and Employment Service regional office staff to ensure waivers are obtained for each veteran with the required documentation in accordance with the manual before approval to attend a Chapter 31–only school or training program.

No. 4

to Veterans Benefits Administration (VBA)

Coordinate with appropriate officials to determine whether the existing manual guidance for compliance surveys meets the requirements of 38 United States Code § 3693 as it applies to Chapter 31–only schools and training programs, and if necessary, update the manual and train appropriate Veteran Readiness and Employment Service regional office staff accordingly.

No. 5

to Veterans Benefits Administration (VBA)

Develop and implement monitoring processes—to include veteran waivers, compliance surveys, and completeness of electronic folders—to provide Veteran Readiness and Employment Service reasonable assurance that Chapter 31–only schools and training programs are used as intended by law and regulations.

Total Monetary Impact of All Recommendations

Open: $ 13,000,000.00

Closed: $ 0.00

Additional Measures Would Better Protect Borrowers from Risks Associated with Interest Rate Reduction Refinance Loans

8/23/2023

|

21-01295-149

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Veterans Benefits Administration (VBA)

The OIG recommended the under secretary for benefits assess the loan comparison statement controls implemented in December 2021 and 2022 to ensure they operate as planned and confirm borrowers receive these statements as required.

No. 2

to Veterans Benefits Administration (VBA)

The OIG recommended the under secretary for benefits seek a legal opinion from the VA’s Office of General Counsel on the allowability of fees initially charged as itemized fees to be retroactively accepted as part of the 1 percent flat charge if unsupported, and then review the potential overcharges identified in the audit sample to determine if action is needed to make the borrowers whole.

No. 3

to Veterans Benefits Administration (VBA)

The OIG recommended the under secretary for benefits develop and update policies and procedures to ensure invoices or bills are obtained for all third-party charges and lenders report itemized closing costs at the lowest level of detail.

No. 4

to Veterans Benefits Administration (VBA)

The OIG recommended the under secretary for benefits develop and update policies and procedures for the state deviation process and requirements, assess the extent of missing VA authorizations on the schedule of state deviations and obtain the necessary documentation, and obtain a legal opinion from the VA’s Office of General Counsel on the allowability of state deviation charges in excess of the state-published amounts, and then review the potential overcharges identified in the audit sample to determine if action is needed to make the borrowers whole.

No. 5

to Veterans Benefits Administration (VBA)

The OIG recommended the under secretary for benefits revise policies and procedures to comply with federal regulations on the itemization of costs charged under the 1 percent flat charge to ensure closing costs are properly charged.

No. 6

to Veterans Benefits Administration (VBA)

The OIG recommended the under secretary for benefits obtain a legal opinion from the VA’s Office of General Counsel on the allowability of mortgage brokerage fees charged under the 1 percent flat charge, and then review the potential overcharge identified in the audit sample to determine if action is needed to make the borrower whole.

No. 7

to Veterans Benefits Administration (VBA)

The OIG recommended the under secretary for benefits provide lenders at least annual communication about the importance of providing justifications for any loans not reported within 60 days.

No. 8

to Veterans Benefits Administration (VBA)

The OIG recommended the under secretary for benefits modify policies and procedures for full-file loan reviews to include detailed steps for loan specialists to conduct reviews, as well as the risk factors and methodology for loan selection.

No. 9

to Veterans Benefits Administration (VBA)

The OIG recommended the under secretary for benefits update policies and procedures to ensure the borrower is reimbursed for any overcharges identified during regional loan center quality reviews.

Community Care Departments Need Reliable Staffing Data to Help Address Challenges in Recruiting and Retaining Staff

7/19/2023

|

21-03544-111

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Veterans Health Administration (VHA)

Implement consistent data entry, standardized organizational codes, and periodic reviews for HR Smart community care data.

No. 2

to Veterans Health Administration (VHA)

Develop staffing reports that can be searched by service departments to ensure appropriate resources to meet their assigned missions.

No. 3

to Veterans Health Administration (VHA)

Improve usability of the staffing assessment tool by implementing policy to address the inconsistencies with staffing data entry and review the reported data for accuracy.

No. 4

to Veterans Health Administration (VHA)

Assess whether consolidated community care units would more broadly support veterans’ access to community care and help mitigate the impact of staffing shortages, and, if so, develop a project management plan for implementing those units.

No. 5

to Veterans Health Administration (VHA)

Assess the use of monetary and nonmonetary incentives to evaluate whether they are effective in recruiting and retaining administrative staff within community care departments.

Federal Information Security Modernization Act Audit for Fiscal Year 2022

5/17/2023

|

22-01576-72

|

Topics: FISMA

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology consistently implement an improved continuous monitoring program in accordance with the NIST Risk Management Framework. Specifically, implement an independent security control assessment process to evaluate the effectiveness of security controls prior to granting authorization decisions. (This is a repeat recommendation from prior years.)

No. 2

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology implement improved mechanisms to ensure system stewards and Information System Security Officers follow procedures for establishing, tracking, and updating Plans of Action and Milestones for all known risks and weaknesses including those identified during security control assessments. (This is a repeat recommendation from prior years.)

No. 3

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology implement controls to ensure that system stewards and responsible officials obtain appropriate documentation prior to closing Plans of Action and Milestones. (This is a repeat recommendation from prior years.)

No. 4

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology develop mechanisms to ensure system security plans reflect current operational environments, include an accurate status of the implementation of system security controls, and all applicable security controls are properly evaluated. (This is a repeat recommendation from prior years.)

No. 5

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology implement improved processes for reviewing and updating key security documents such as security plans, risk assessments, and interconnection agreements on an annual basis and ensure the information accurately reflects the current environment. (This is a repeat recommendation from prior years.)

No. 6

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology implement improved processes to ensure compliance with VA password policy and security standards on domain controls, operating systems, databases, applications, and network devices. (This is a repeat recommendation from prior years.)

No. 7

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology implement periodic reviews to minimize access by system users with incompatible roles, permissions in excess of required functional responsibilities, and unauthorized accounts. (This is a repeat recommendation from prior years.)

No. 8

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology enable system audit logs on all critical systems and platforms and conduct centralized reviews of security violations across the enterprise. (This is a repeat recommendation from prior years.)

No. 9

to Information and Technology (OIT)

We recommended the Office of Personnel Security, Human Resources, and Contract Offices implement improved processes for establishing and maintaining accurate data within VA’s authoritative system of record for background investigations. (This is a modified repeat recommendation from prior years.)

No. 10

to Information and Technology (OIT)

We recommended the Office of Personnel Security, Human Resources, and Contract Offices strengthen processes to ensure appropriate levels of background investigations are completed for applicable VA employees and contractors. (This is a modified repeat recommendation from prior years.)

No. 11

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology implement more effective automated mechanisms to continuously identify and remediate security deficiencies on VA’s network infrastructure, database platforms, and web application servers. (This is a repeat recommendation from prior years.)

No. 12

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology implement a more effective patch and vulnerability management program to address security deficiencies identified during our assessments of VA’s web applications, database platforms, network infrastructure, and workstations. (This is a repeat recommendation from prior years.)

No. 13

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology maintain a complete and accurate security baseline configuration for all platforms and ensure all baselines are appropriately monitored for compliance with established VA security standards. (This is a repeat recommendation from prior years.)

No. 14

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology implement improved network access controls that restrict medical devices from systems hosted on the general network. (This is a repeat recommendation from prior years.)

No. 15

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology consolidate the security responsibilities for networks not managed by the Office of Information and Technology, under a common control for each site and ensure vulnerabilities are remediated in a timely manner. (This is a repeat recommendation from prior years.)

No. 16

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology implement improved processes to ensure that all devices and platforms are evaluated using credentialed vulnerability assessments. (This is a repeat recommendation from prior years.)

No. 17

to Information and Technology (OIT)

We recommended the Acting Assistant Secretary for Information and Technology implement improved procedures to enforce standardized system development and change control processes that integrates information security throughout the life cycle of each system. (This is a repeat recommendation from prior years.)

No. 18

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology review system boundaries, recovery priorities, system components, and system interdependencies and implement appropriate mechanisms to ensure that established system recovery objectives can be measured and met. (This is a modified repeat recommendation from prior years.)

No. 19

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology ensure that contingency plans for all systems are updated to include critical inventory components and are tested in accordance with VA requirements. (This is a repeat recommendation from prior years.)

No. 20

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology implement more effective agency-wide incident response procedures to ensure timely notification, reporting, updating, and resolution of computer security incidents in accordance with VA standards. (This is a repeat recommendation from prior years.)

No. 21

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology ensure that VA’s Cybersecurity Operations Center has full access to all security incident data to facilitate an agency-wide awareness of information security events. (This is a repeat recommendation from prior years.)

No. 22

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology implement improved safeguards to identify and prevent unauthorized vulnerability scans on VA networks. (This is a repeat recommendation from prior years.)

No. 23

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology implement improved measures to ensure that all security controls are assessed in accordance with VA policy and that identified issues or weaknesses are adequately documented and tracked within POA&Ms. (This is a repeat recommendation from prior years.)

No. 24

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology fully develop a comprehensive list of approved and unapproved software and implement continuous monitoring processes to prevent the use of prohibited software on agency devices. (This is a repeat recommendation from prior years.)

No. 25

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology develop a comprehensive inventory process to identify connected hardware, software, and firmware used to support VA programs and operations. (This is a repeat recommendation from prior years.)

No. 26

to Information and Technology (OIT)

We recommended the Assistant Secretary for Information and Technology implement improved procedures for monitoring contractor-managed systems and services and ensure information security controls adequately protect VA sensitive systems and data. (This is a repeat recommendation from prior years.)

VHA Can Improve Controls Over Its Use of Supplemental Funds

5/9/2023

|

21-03101-73

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Office of Management (OM)

Assess the iFAMS configuration to determine whether integration with the payroll subsystems can be accomplished to resolve some of the payroll-related issues that require the need for expenditure transfers.

No. 2

to Veterans Health Administration (VHA)

Establish guidance that outlines the type of documentation required to support the amounts identified in the manual journal vouchers when processing expenditure transfers.

No. 3

to Veterans Health Administration (VHA)

Require medical facility staff have documented authority, through proper delegation, to make purchases.

No. 4

to Veterans Health Administration (VHA)

Verify that medical facility staff segregate duties so that the same person is not both authorizing and receiving goods and services.

No. 5

to Veterans Health Administration (VHA)

Make certain the purchase card holder is not the requestor or approver for the purchase.

No. 6

to Veterans Health Administration (VHA)

Ensure contracting officer’s representatives know and understand their duties and responsibilities for the certification and payment of invoices.

No. 7

to Veterans Health Administration (VHA)

Check vendors’ compliance with contract terms to include the comparison of invoiced amounts with the contract line-item unit costs.esponse to the pandemic and develop appropriate action plans to integrate oversight roles, responsibilities, and clear guidance into the use of supplemental funds.

No. 8

to Veterans Health Administration (VHA)

Ensure that medical facility staff track the receipt of goods to make certain they are the correct quantity.

No. 9

to Veterans Health Administration (VHA)

Conduct an assessment of lessons learned from the emergency response to the pandemic and develop appropriate action plans to integrate oversight roles, responsibilities, and clear guidance into the use of supplemental funds.

Total Monetary Impact of All Recommendations

Open: $ 187,200,000.00

Closed: $ 0.00

Office of Emergency Management Has Not Deployed a Functional Last-Resort Emergency Communications System

4/6/2023

|

21-03133-48

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Veterans Health Administration (VHA)

Ensure medical facilities monitor resilient high-frequency radio network training and staffing levels and maintain enough trained staff to operate the resilient high-frequency radio network.

No. 2

to Veterans Health Administration (VHA)

Ensure that the appropriate stakeholders know the program office responsible for the resilient high-frequency radio network and understand the roles and responsibilities for the Veterans Health Administration’s Resilient High-Frequency Radio Network program.

No. 3

to Veterans Health Administration (VHA)

Finalize the Veterans Health Administration High-Frequency Radio Operations Plan.

No. 4

to Veterans Health Administration (VHA)

If additional resilient high-frequency radio network equipment is purchased, work with the contracting officer to provide guidance to facility representatives to ensure they verify radios are fully functional before acceptance.

No. 5

to Veterans Health Administration (VHA)

Conduct a risk assessment and provide guidance for the placement of resilient high-frequency radio networks within facilities and any needed monitoring schedules.

No. 6

to Veterans Health Administration (VHA)

Ensure sites can obtain repairs for broken or inoperable resilient high-frequency radio network equipment.

Improvements Needed in Integrated Financial and Acquisition Management System Deployment to Help Ensure Program Objectives Can Be Met

3/28/2023

|

21-01997-69

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Office of Management (OM)

Implement controls to mitigate the risk that data are unreliable and inconsistently recorded between eCMS and iFAMS when staff deobligate funds for converted contracts.

No. 2

to Office of Management (OM)

Establish and implement a methodology to prioritize user feedback into the risk management process.

No. 3

to Office of Management (OM)

Use the risk register to document and assess the risks associated with the manual deobligation process.

No. 4

to Office of Management (OM)

Ensure that converted contracts are included in integrated system testing and user acceptance testing.

No. 5

to Office of Management (OM)

Implement a process that provides formal acknowledgment on whether requests related to high-priority business intelligence reports have been accepted as requirements.

Audit of VA’s Financial Statements for Fiscal Years 2022 and 2021

12/7/2022

|

22-01155-14

Buy American Act Compliance Deficiencies at Regional Procurement Office Central

9/28/2022

|

21-02641-229

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Acquisitions, Logistics, and Construction (OALC)

Assess compliance weaknesses identified by VA Office of Procurement Policy, Systems and Oversight internal reviews, and implement corrective actions determined appropriate.

No. 2

to Acquisitions, Logistics, and Construction (OALC)

Require contracting officers responsible for Buy American Act compliance deficiencies identified by contract file reviewers and VA Office of Procurement Policy, Systems and Oversight internal reviews to attend refresher Buy American Act–specific training.

No. 3

to Veterans Health Administration (VHA)

Evaluate the contract file review procedures to make certain they require the use of the Definitions of Comment Categories, and presolicitation and preaward checklists, and document that use, to strengthen compliance.

Home Improvements and Structural Alterations Program Needs Greater Oversight

9/22/2022

|

21-03906-226

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Veterans Health Administration (VHA)

Coordinate with the Prosthetic and Sensory Aids Service executive director to (1) develop and issue guidance clearly articulating eligibility requirements for the lifetime benefit amounts to address non-service-connected disabilities and (2) communicate this guidance in an effective manner, such as including specific language in handbooks, providing examples of scenarios to reinforce the requirements, and requiring annual training to make sure all prosthetic staff responsible for the program understand these eligibility requirements.

No. 2

to Veterans Health Administration (VHA)

Coordinate with the Prosthetic and Sensory Aids Service executive director to make sure Veterans Integrated Service Network prosthetic representatives look at veteran eligibility for non-service-connected disability benefits in their annual reviews of medical facilities’ prosthetics programs.

No. 3

to Veterans Health Administration (VHA)

Coordinate with the Prosthetic and Sensory Aids Service executive director to correct and update inaccurate information on the publicly accessible Home Improvements and Structural Alterations Program website.

No. 4

to Veterans Health Administration (VHA)

Coordinate with the assistant under secretary for health for operations and the Prosthetic and Sensory Aids Service executive director to make sure medical facilities or Veterans Integrated Service Networks implement procedures for verifying that veterans’ Home Improvement and Structural Alterations packages include documentation of approval and justification for all improvements and alterations paid for with program benefits.

No. 5

to Veterans Health Administration (VHA)

Coordinate with the assistant under secretary for health for operations and the Prosthetic and Sensory Aids Service executive director to ensure medical facilities and Veterans Integrated Service Network directors implement procedures to capture when key documentation is received and monitor these dates to ensure facilities adhere to timelines for the Home Improvements and Structural Alterations Program and take corrective action when they are not meeting standards outlined in 38 C.F.R. §§ 17.3100 through 17.3130 and VHA Directive 1173.14.

Total Monetary Impact of All Recommendations

Open: $ 12,676,084.00

Closed: $ 1,122,360.00

VA Is Moving toward Full Compliance with Geospatial Data Covered Agency Responsibilities

9/21/2022

|

22-00563-224

New York/New Jersey VA Health Care Network (VISN 2) Should Improve Boiler Maintenance to Reduce Safety Risks and Prevent Care Disruptions

9/19/2022

|

21-00887-211

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Veterans Health Administration (VHA)

The director of Veterans Integrated Service Network 2 should ensure useful life assessments are conducted for those boilers operating past their expected or extended lifespans outlined in this report to ensure safe operation. 23

No. 2

to Veterans Health Administration (VHA)

The director of the Office of Healthcare Engineering should clarify policies and procedures for scheduling useful life assessments of boilers prior to the end of expected lifespans and after an extension has been granted.

No. 3

to Veterans Health Administration (VHA)

The director of the Office of Healthcare Engineering should update VHA Directive 1810 to ensure that medical facility boiler policies are updated to reflect site-specific safety device testing procedures, including justifications for each test prescribed in the VHA Boiler and Associated Plant Safety Device Testing Manual that the medical facility does not plan to perform.

No. 4

to Veterans Health Administration (VHA)

The director of the Office of Healthcare Engineering should update VHA Directive 1810 to clarify which tests and inspections require the use of third-party inspectors, as well as the frequency of these tests and inspections.

No. 5

to Veterans Health Administration (VHA)

The director of Veterans Integrated Service Network 2 should review medical facilities’ boiler operation policies to ensure procedures for notifying management and documenting corrective action plans and timelines for addressing safety incidents are consistent with VHA Directive 1810 requirements.

No. 6

to Veterans Health Administration (VHA)

The director of Veterans Integrated Service Network 2 should employ a management information system to ensure all individuals with oversight responsibility are granted access to records for boiler maintenance deficiencies and corresponding corrective actions, boiler inventory, testing and inspection compliance, and useful life assessment completeness.

VA Medical Facilities Took Steps to Safeguard Refrigerated Pharmaceuticals but Could Further Reduce the Risk of Loss

6/30/2022

|

21-01898-152

|

Topics: Supplies and Equipment

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Veterans Health Administration (VHA)

Direct the assistant under secretary for health operations to reinforce to medical facility directors the importance of establishing a process to ensure facility managers include pharmaceutical refrigerators and freezers in the facility’s routine maintenance schedules and develop and implement a procedure to make sure medical facilities follow VHA Notice 2021-16.

No. 2

to Veterans Health Administration (VHA)

Require the assistant under secretary for patient care services to coordinate with the assistant under secretary for health operations to update the 10N Guide to VHA Issue Briefs and clarify that medical facilities must report all refrigerated pharmaceutical loss via the issue brief tracker.

Total Monetary Impact of All Recommendations

Open: $ 0.00

Closed: $ 5,100,000.00

Veterans Data Integration and Federation Enterprise Platform Lacks Sufficient Security Controls

6/1/2022

|

21-01123-97

|

Topics: Information Technology and Security

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Information and Technology (OIT)

The assistant secretary for information and technology and chief information officer will ensure the Veterans Data Integration and Federation Enterprise Platform security objectives are all set at a categorization level of high based upon both the sensitive personal information maintained in the system and the approved risk assessment.

No. 2

to Information and Technology (OIT)

The assistant secretary for information and technology and chief information officer will act to reestablish the Veterans Data Integration and Federation Enterprise Platform in the Enterprise Mission Assurance Support Service to ensure appropriate security controls are implemented and the system is assessed at the high risk level.

No. 3

to Information and Technology (OIT)

The assistant secretary for information and technology and chief information officer will ensure the Office of Information Technology provides appropriate oversight and follows proper program management processes and protocols when establishing and monitoring security controls for IT systems.

VHA Continues to Face Challenges with Billing Private Insurers for Community Care

5/24/2022

|

21-00846-104

|

Topics: Community Care,Financial Management

Open

Closed-Implemented

Closed-Not Implemented

No. 1

to Veterans Health Administration (VHA)

Maximize opportunities to bill veterans’ private health insurers for recoverable claims by developing procedures that align and prioritize the processing of such claims to insurers’ filing deadlines.

No. 2

to Veterans Health Administration (VHA)

Strengthen information system controls to make certain that complete and accurate claims information is transferred between applicable current and future Community Care payment systems and the Consolidated Patient Account Centers’ workflow tool and VistA patient treatment files.

No. 3

to Veterans Health Administration (VHA)

Conduct an assessment to determine if staffing resources and workload are sufficiently aligned to process the anticipated volume of claims to be billed to veterans’ private health insurers and make adjustments as needed.

Total Monetary Impact of All Recommendations

Open: $ 805,200,000.00

Closed: $ 0.00

Appointment Scheduling and Wait Times
Care Coordination
Claims and Appeals
Claims and Fiduciary
Claims and Medical Exams
Clinical Care Services Operations
Community Care
Contract Integrity
COVID-19
Education and Loan Guaranty
Electronic Health Records Modernization (EHRM)
Financial Management
FISMA
Healthcare Infrastructure
Information Technology and Security
Leases and Major Contracts
Maintenance and Construction
Medical Staff Privileging Credentialing
Mental Health
Military Sexual Trauma
PACT Act
Patient Care Services Operations
Patient Safety
Purchase Cards
Staffing
Suicide Prevention
Supplies and Equipment
System Development and Implementation
VA Police
Women’s Health

Accountability and Whistleblower Protection (OAWP)
Acquisitions, Logistics, and Construction (OALC)
Advisory Committee Management
Asset Enterprise Management (OAEM)
Board of Veterans’ Appeals (BVA)
Center for Faith-Based and Neighborhood Partnerships
Center for Minority Veterans
Center for Women Veterans
Congressional and Legislative Affairs (OCLA)
Electronic Health Record Modernization Integration Office (EHRM IO)
Employment Discrimination Complaint Adjudication
Federal Recovery Coordination
General Counsel (OGC)
Human Resources and Administration Office/Operations, Security, and Preparedness (HRA/OSP)
Information and Technology (OIT)
National Cemetery Administration (NCA)
Non-Governmental Organization Gateway Initiative
Office of Enterprise Integration (OEI)
Office of Management (OM)
Office of the Secretary (SVA)
Policy and Planning
Public and Intergovernmental Affairs (OPIA)
Small & Disadvantaged Business Utilization (OSDBU)
Survivors Assistance
Veterans Benefits Administration (VBA)
Veterans Health Administration (VHA)
Veterans Service Organizations Liaison

Alabama
Alaska
Arizona
Arkansas
California
Colorado
Connecticut
Delaware
District of Columbia
Florida
Georgia
Hawaii
Idaho
Illinois
Indiana
Iowa
Kansas
Kentucky
Louisiana
Maine
Maryland
Massachusetts
Michigan
Minnesota
Mississippi
Missouri
Montana
Nebraska
Nevada
New Hampshire
New Jersey
New Mexico
New York
North Carolina
North Dakota
Ohio
Oklahoma
Oregon
Pennsylvania
Rhode Island
South Carolina
South Dakota
Tennessee
Texas
Utah
Vermont
Virginia
Washington
West Virginia
Wisconsin
Wyoming
American Samoa
Federated States of Micronesia
Guam
Marshall Islands
Northern Mariana Islands
Palau
Puerto Rico
Virgin Islands
Armed Forces Africa
Armed Forces Americas
Armed Forces Canada
Armed Forces Europe
Armed Forces Middle East
Armed Forces Pacific

Recommendations (3)

Recommendations (8)

Recommendations (5)

Recommendations (3)

Recommendations (7)

Recommendations (5)

Recommendations (9)

Recommendations (5)

Recommendations (26)

Recommendations (9)

Recommendations (6)

Recommendations (5)

Recommendations (3)

Recommendations (5)

Recommendations (6)

Recommendations (2)

Recommendations (3)

Recommendations (3)