Recommendations
1011
| ID | Report Number | Report Title | Type | |
|---|---|---|---|---|
| 13-00026-233 | Community Based Outpatient Clinic Reviews at Jesse Brown VA Medical Center, Chicago, IL | Comprehensive Healthcare Inspection Program | ||
1 We recommended that a process is established to ensure that the ordering provider or surrogate is notified of abnormal cervical cancer screening results within the allotted timeframe and that notification is documented in the EHR.
Closure Date:
2 We recommended that managers ensure that patients with abnormal cervical cancer screening results are notified of results within the defined timeframe and that notification is documented in the EHR.
Closure Date:
3 We recommended that managers ensure that clinicians administer pneumococcal vaccinations when indicated.
Closure Date:
4 We recommended that managers ensure that clinicians document all required tetanus vaccination administration elements and that compliance is monitored.
Closure Date:
5 We recommended that the service chief's documentation in VetPro reflects documents reviewed and the rationale for re-privileging providers at the Chicago Heights and Lakeside CBOCs.
Closure Date:
6 We recommended that the MEC grants privileges consistent with the services provided at the Chicago Heights and Lakeside CBOCs.
Closure Date:
7 We recommended that managers ensure that MSDS are readily available to staff at the Lakeside CBOC.
Closure Date:
| ||||
| 13-00586-228 | Inspection of VA Regional Office San Juan, Puerto Rico | Review | ||
1 We recommend the San Juan VA Regional Office Director develop and implement a plan to ensure claims processing staff input suspense diaries to the electronic record as required.
Closure Date:
2 We recommend the San Juan VA Regional Office Director develop and implement a plan to review for accuracy the 132 temporary 100 percent disability evaluations remaining from our inspection universe and take appropriate action.
Closure Date:
3 We recommend the San Juan VA Regional Office Director develop and implement a plan to ensure effective second-signature reviews of traumatic brain injury claims decisions.
Closure Date:
4 We recommend the San Juan VA Regional Office Director develop and implement a plan to ensure staff completely and timely address all required elements of Systematic Analyses of Operations.
Closure Date:
| ||||
| 13-00896-234 | Combined Assessment Program Review of the VA Maryland Health Care System, Baltimore, Maryland | Comprehensive Healthcare Inspection Program | ||
| 13-01673-240 | Combined Assessment Program Review of the Tuscaloosa VA Medical Center, Tuscaloosa, Alabama | Comprehensive Healthcare Inspection Program | ||
1 We recommended that processes be strengthened to ensure that FPPEs for newly hired licensed independent practitioners are reported timely to the MEC.
Closure Date:
2 We recommended that processes be strengthened to ensure that inpatient bathrooms are clean and that compliance be monitored.
Closure Date:
3 We recommended that processes be strengthened to ensure that damaged furniture in patient care areas is repaired or removed from service.
Closure Date:
4 We recommended that processes on the acute MH inpatient units be strengthened to ensure that nurses' stations and medication rooms are secured from unauthorized entry and that furniture meets safety requirements.
Closure Date:
5 We recommended that processes be strengthened to ensure that SPS employees responsible for reprocessing activities receive annual competency assessments.
Closure Date:
6 We recommended that processes be strengthened to ensure that the PCCT includes a dedicated administrative support person.
Closure Date:
7 We recommended that the facility ensure the multidisciplinary committee responsible for construction and renovation oversight includes all required members.
Closure Date:
8 We recommended that processes be strengthened to ensure that construction site inspection documentation includes all the required elements.
Closure Date:
| ||||
| 12-04456-232 | Inspection of VA Regional Office Roanoke, Virginia | Review | ||
1 We recommend the Roanoke VA Regional Office Director develop and implement a plan to ensure claims processing staff input suspense diaries in the electronic record as required.
Closure Date:
2 We recommend the Roanoke VA Regional Office Director develop and implement a plan to ensure claims processing staff timely schedule medical reexaminations when the reminder notifications are received.
Closure Date:
3 We recommend the Roanoke VA Regional Office Director develop and implement a plan to ensure claims processing staff take timely actions to finalize reductions in benefits.
Closure Date:
4 We recommend the Roanoke VA Regional Office Director develop and implement a plan to review for accuracy the 709 temporary 100 percent disability evaluations remaining from our inspection universe and take appropriate actions.
Closure Date:
5 We recommend the Roanoke VA Regional Office Director develop and implement a plan to ensure effective second signature reviews of traumatic brain injury claims decisions.
Closure Date:
6 We recommend the Roanoke VA Regional Office Director develop and implement a plan to ensure staff update the resource directory and regularly contact and provide outreach to homeless shelters and service providers within the VA Regional Office's jurisdiction.
Closure Date:
| ||||
| 13-01846-235 | Review of VA's Programs for Addressing Climate Change | Audit | ||
1 We recommend the Executive in Charge for the Office of Management and Chief Financial Officer coordinate with the Acting Assistant Secretary of the Office of Human Resources and Administration to implement existing telework expansion plans for reducing greenhouse gas emissions and to encourage VA employees to use alternative forms of commuting.
Closure Date:
2 We recommend the Executive in Charge for the Office of Management and Chief Financial Officer identify additional strategies for meeting requirements to reduce greenhouse gas emissions.
Closure Date:
3 We recommend the Executive in Charge for the Office of Management and Chief Financial Officer identify additional strategies for meeting requirements to reduce fleet petroleum consumption.
Closure Date:
| ||||
| 12-01712-229 | VA's Federal Information Security Management Act Audit for Fiscal Year 2012 | Audit | ||
1 We recommend the Acting Assistant Secretary for Information and Technology fully develop and implement an agency-wide risk management governance structure, along with mechanisms to identify, monitor, and manage risks across the enterprise. (This is a repeat recommendation from last year.)
Closure Date:
2 We recommend the Acting Assistant Secretary for Information and Technology implement mechanisms to ensure sufficient supporting documentation is captured in the central database to justify closure of Plans of Action and Milestones. (This is a repeat recommendation from last year.)
Closure Date:
3 We recommend the Acting Assistant Secretary for Information and Technology define and implement clear roles and responsibilities for developing, maintaining, completing, and reporting Plans of Action and Milestones. (This is a repeat recommendation from last year.)
Closure Date:
4 We recommend the Acting Assistant Secretary for Information and Technology implement mechanisms to ensure Plans of Action and Milestones are updated to accurately reflect current status information. (This is a repeat recommendation from last year.)
Closure Date:
5 We recommend the Acting Assistant Secretary for Information and Technology develop mechanisms to ensure system security plans reflect current operational environments, including accurate system interconnection and ownership information. (This is a repeat recommendation from last year.)
Closure Date:
6 We recommend the Acting Assistant Secretary for Information and Technology implement improved processes for updating key security documents such as risk assessments, security impact analyses, and security self assessments on at least an annual basis and ensure all required information accurately reflects the current environment and new risks in accordance with Federal standards. (This is a new recommendation.)
Closure Date:
7 We recommend the Acting Assistant Secretary for Information and Technology implement mechanisms to enforce VA password policies and standards on all operating systems, databases, applications, and network devices. (This is a repeat recommendation from last year.)
Closure Date:
8 We recommend the Acting Assistant Secretary for Information and Technology implement periodic access reviews to minimize access by system users with incompatible roles, permissions in excess of required functional responsibilities, and unauthorized accounts.
(This is a repeat recommendation from last year.)
Closure Date:
9 We recommend the Acting Assistant Secretary for Information and Technology enable system audit logs and conduct centralized reviews of security violations on mission-critical systems. (This is a repeat recommendation from last year.)
Closure Date:
10 We recommend the Acting Assistant Secretary for Information and Technology implement mechanisms to ensure all remote access computers have updated security patches and antivirus definitions prior to connecting to VA information systems. (This is a repeat recommendation from last year.)
Closure Date:
11 We recommend the Acting Assistant Secretary for Information and Technology implement two-factor authentication for remote access throughout the agency. (This is a new recommendation.)
Closure Date:
12 We recommend the Acting Assistant Secretary for Information and Technology implement effective automated mechanisms to continuously identify and remediate security deficiencies on VA's network infrastructure, database platforms, and Web application servers. (This is a modified repeat recommendation from last year.)
Closure Date:
13 We recommend the Acting Assistant Secretary for Information and Technology implement a patch and vulnerability management program to address security deficiencies identified during our assessments of VA's Web applications, database platforms, network infrastructure, and work stations. (This is a modified repeat recommendation from last year.)
Closure Date:
14 We recommend the Acting Assistant Secretary for Information and Technology implement standard security configuration baselines for all VA operating systems, databases, applications, and network devices. (This is a repeat recommendation from last year.)
Closure Date:
15 We recommend the Acting Assistant Secretary for Information and Technology implement procedures to enforce a system development and change control framework that integrates information security throughout the life cycle of each system. (This is a repeat recommendation from last year.)
Closure Date:
16 We recommend the Acting Assistant Secretary for Information and Technology implement processes to ensure information system contingency plans are updated with the required information and lessons learned are communicated to senior management. (This is a modified repeat recommendation from last year.)
Closure Date:
17 We recommend the Acting Assistant Secretary for Information and Technology develop and implement a process for ensuring the encryption of backup data prior to transferring the data offsite
Closure Date:
18 We recommend the Acting Assistant Secretary for Information and Technology ensure that agreements for alternate processing sites have been established that define the roles and responsibilities for alternate locations in the event of a disaster. (This is a new recommendation.)
Closure Date:
19 We recommend the Acting Assistant Secretary for Information and Technology fully implement an automated 24-hour security event and incident correlation solution to monitor security for all systems interconnections, database security events, and mission-critical platforms supporting VA programs and operations. (This is a modified repeat recommendation from last year.)
Closure Date:
20 We recommend the Acting Assistant Secretary for Information and Technology identify all external network interconnections and ensure appropriate Interconnection Security Agreements and Memoranda of Understanding are in place to govern them. (This is a repeat recommendation from last year.)
Closure Date:
21 We recommend the Acting Assistant Secretary for Information and Technology implement more effective agency-wide incident response procedures to ensure timely resolution of computer security incidents in accordance with VA set standards. (This is a modified repeat recommendation.)
Closure Date:
22 We recommend the Acting Assistant Secretary for Information and Technology implement effective continuous monitoring processes to identify and prevent the use of unauthorized application software, hardware (including personal storage devices), and system configurations on its networks. (This is a repeat recommendation from last year.)
Closure Date:
23 We recommend the Acting Assistant Secretary for Information and Technology develop a comprehensive software inventory process to identify major and minor software applications used to support VA programs and operations. (This is a repeat recommendation from last year.)
Closure Date:
24 We recommend the Acting Assistant Secretary for Information and Technology develop procedures to integrate information security costs into the capital planning process while ensuring traceability of Plans of Action and Milestones remediation costs to appropriate capital planning budget documents. (This is a repeat recommendation from last year.)
Closure Date:
25 We recommend the Acting Assistant Secretary for Information and Technology implement procedures for overseeing contractor-managed systems and ensuring information security controls adequately protect VA sensitive systems and data. (This is a repeat recommendation from last year.)
Closure Date:
26 We recommend the Acting Assistant Secretary for Information and Technology implement mechanisms for updating the Federal Information Security Management Act systems inventory, including interfaces with contractor-managed systems, and annually review the systems inventory for accuracy. (This is a repeat recommendation from last year.)
Closure Date:
27 We recommend the Acting Assistant Secretary for Information and Technology implement mechanisms to ensure all users with VA network access participate in and complete required VA-sponsored security awareness training. (This is a modified repeat recommendation from last year.)
Closure Date:
28 We recommend the Assistant Secretary for Information and Technology develop mechanisms to ensure risk assessments accurately reflect the current control environment, compensating controls, and the characteristics of the relevant VA facilities.
Closure Date:
29 We recommend the Assistant Secretary for Information and Technology review and update all applicable position descriptions to better describe sensitivity ratings and better document employee personnel records and contractor files, including 'Rules of Behavior' instructions, annual privacy and Health Insurance Portability and Accountability Act of 1996 training certifications, and position sensitivity level designations.
Closure Date:
30 We recommend the Assistant Secretary for Information and Technology ensure appropriate levels of background investigations be completed for all applicable VA employees and contractors in a timely manner, implement processes to monitor and ensure timely reinvestigations on all applicable employees and contractors, and monitor the status of the requested investigations.
Closure Date:
31 We recommend the Assistant Secretary for Information and Technology reduce wireless security vulnerabilities by ensuring sites have an effective and up-to-date methodology to protect against the interception of wireless signals and unauthorized access to the network and ensure the wireless network is segmented and protected from the wired network.
Closure Date:
32 We recommend the Assistant Secretary for Information and Technology identify and deploy solutions to encrypt sensitive data and resolve clear text protocol vulnerabilities.
Closure Date:
| ||||
| 12-02186-227 | Healthcare Inspection – Nursing Care in the Community Living Center for Spinal Cord Injury, Louis Stokes VA Medical Center, Cleveland, OH | Hotline Healthcare Inspection | ||
1 We recommended that the Facility Director ensure that the staffing levels on the Long-Term Care Spinal Cord Injury unit be consistent with Veterans Health Administration's requirements and the facility's spinal cord injury Master Nurse Staffing Plan.
Closure Date:
2 We recommended that the Facility Director ensure that Long-Term Care Spinal Cord Injury nursing staff consistently provide and document resident care.
Closure Date:
3 We recommended that the Facility Director ensure that Long-Term Care Spinal Cord Injury nurse managers take action to investigate and address staff conduct related issues.
Closure Date:
4 We recommended that the Facility Director ensure that float staff assigned to the Long-Term Care Spinal Cord Injury unit have the training and competencies required for the unit.
Closure Date:
| ||||
| 13-00235-225 | Administrative Investigation, Conduct Prejudicial to the Government, Veteran Employment Services Office, Office of Human Resources and Administration, Washington, DC | Administrative Investigation | ||
| 13-00644-231 | Review of VA's Acquisitions Supporting the Veteran Employment Services Office | Audit | ||
1 We recommend the Acting Assistant Secretary for Human Resources and Administration improve the development and management of ADVANCE-funded acquisitions by strengthening the Strategic Management Group's process to fully assess program offices' procurement requests against VA's existing internal capacities.
Closure Date:
2 We recommend the Acting Assistant Secretary for Human Resources and Administration take immediate action to assess veteran demand for call center services and modify the terms of its interagency agreement with the Office of Personnel Management to reflect anappropriate level of call center operations and related costs, including staffing resources.
Closure Date:
3 We recommend the Acting Assistant Secretary for Human Resources and Administration modify the Veteran Employment Services Office's interagency agreement with the Office of Personnel Management to require routine data reports on call centers' performance that include call volume, length of calls, blocked calls, wait times, and the overall accuracy of information provided to callers.
Closure Date:
4 We recommend the Acting Assistant Secretary for Human Resources and Administration develop a process to independently assess the performance of the Veteran Employment Services Office's employment call centers by establishing metrics such as call volume, call wait times, hang-ups, and accuracy of information.
Closure Date:
5 We recommend the Acting Assistant Secretary for Human Resources and Administration develop policy that prohibits the approval of modifications to interagency agreement terms that combine the costs and terms of distinct deliverables into one deliverable.
Closure Date:
6 We recommend the Acting Assistant Secretary for Human Resources and Administration develop requirements to test and assess functions to be contracted to determine if these functions are inherently governmental as part of the acquisition planning process for all future contracts awarded to support the Veteran Employment Services Office's operations and initiatives.
Closure Date:
| ||||
11259