Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

2008 Top Management & Performance Challenges

Issued on  | Posted on  | Report number: OIG-TMC-2008


Each year, based on its work and observations, OIG identifies the most significant management and performance challenges facing HHS in the coming year. OIG provides the Department with this assessment, which is included in the Department’s annual Agency Financial Report (AFR) to Congress. OIG’s full assessment will be included in the AFR due to Congress by November 17, 2008.

In addition, OIG has identified “Hot Topics” that relate to these challenges. Hot Topics are issues currently receiving heightened attention or scrutiny by the Administration, Congress, the public, or other stakeholders.

The following are the Top Management Challenges OIG and the associated “Hot Topics:

  1. Medicare Part D Oversight
  2. Hot Topics
    • Drug pricing and rebates
    • Fraud and abuse safeguards
    • Access to accurate information
  3. Medicare Integrity
  4. Hot Topics
    • Contractor oversight
    • DME fraud, including error rate and competitive bidding
    • Medicare Advantage
  5. Medicaid and State Children’s Health Insurance Program Integrity
  6. Hot Topics
    • Prescription drugs, including fraud and pharmacy reimbursement
    • SCHIP reauthorization and eligibility
    • Home and community-based care
  7. Quality of Care
  8. Hot Topics
    • Quality measurement and pay for performance
    • Failure of care and “never events”
    • Transparency of ownership and performance
    • Indian health
  9. Emergency Preparedness and Response
  10. Hot Topics
    • Pandemic influenza
    • Select agent transfers
    • Laboratory security
  11. Oversight of Food, Drugs, and Medical Devices
  12. Hot Topics
    • Food safety and security
    • Drug and medical device safety
    • Transparency of provider financial interests
  13. Grants Management
  14. Hot Topics
    • Grant oversight and closeout
    • President’s Emergency Plan for AIDS Relief expansion
    • Head Start facility safety and compliance
  15. Integrity of Information Systems and the Implementation of Health Information Technology
  16. Hot Topics
    • Security of sensitive and personally identifiable information
    • Safeguards and controls over Departmental Information Technology systems
    • Electronic health records and e-prescribing
  17. Ethics Program Oversight and Enforcement
  18. Hot Topics
    • Management of conflicts of interest by extramural grantees
    • Oversight of financial interests of clinical investigators and advisory board members
    • Oversight of HHS employees’ outside and postemployment activities

Top Management Challenges—Summary

Each year, based on its work and observations, OIG identifies the most significant management and performance challenges facing HHS in the coming year. OIG provides the Department with this assessment, which s included in the Department’s annual Agency Financial Report (AFR) to Congress. OIG’s full assessment will be included in the AFR due to Congress by November 17, 2008.

1. Medicare Part D Oversight

The structure and operation of the Medicare Part D benefit contain features that present significant management challenges. For instance, the administration and oversight of Medicare Part D depend upon extensive coordination and information sharing among Federal and State Government agencies, drug plan sponsors, contractors, health care providers, and third-party payers. Payments to drug plan sponsors are based on sponsors’ bids, risk adjustments, and reconciliations, which add to the complexities and challenges of the benefit.

OIG has identified vulnerabilities stemming from insufficient oversight of Part D, particularly those involving implementation of internal controls to ensure payment accuracy. For example, inaccurate bids by some plan sponsors have resulted in Medicare paying higher subsidies and beneficiaries paying higher premiums.

OIG’s concerns about Part D oversight also extend to program safeguards to prevent and detect fraud, waste, and abuse, and beneficiary protections to ensure access to drugs and accurate information and appropriate cost sharing. Limited oversight of plan sponsors’ marketing materials and tracking of beneficiaries’ drug spending, which affects their cost-sharing obligations, are among the beneficiary-protection concerns that OIG has identified.

2. Medicare Integrity

The importance and challenges of safeguarding the Medicare program are greater than ever. In FY 2007, Medicare benefit payments totaled about $413 billion for services provided to approximately 44 million beneficiaries. Additionally, fraud, waste, and abuse schemes have become increasingly sophisticated and constantly adapt in response to the latest Federal oversight efforts and to technology. Payment errors quickly add up to billions of dollars in losses to the Medicare Trust Fund and to taxpayers.

OIG audits, evaluations, and investigations continue to identify improper payments and problems in specific parts of the program. OIG has revealed payments for unallowable services, improper coding, and other types of improper payments for services in a variety of health care settings. They include improper payments for wheelchairs, mental health services, and certain interventional pain-management procedures. Improper payments range from reimbursement for services provided but inadequately documented and inadvertent mistakes to outright fraud and abuse. OIG has also determined that Medicare’s reimbursement rate is too high for some items and services, such as Part B drugs and certain types of DME.

OIG’s FY 2007 financial statement audit report for CMS identified a material internal weakness in Medicare claim-processing controls related to direct update access to Medicare claims data, controls over edit settings in application systems, and lack of CMS oversight. Effective controls over the use of direct update access to claims and changes to edits within major Medicare claims-processing systems are imperative to ensure the accuracy of claims processing.

3. Medicaid and State Children’s Health Insurance Program Integrity

The magnitude and growth of health care expenditures, combined with the health and financial impact of Medicaid and State Children’s Health Insurance Program (SCHIP) on vulnerable populations, make it critical that these programs operate efficiently and effectively and be protected from fraud and abuse. In 2007, the Medicaid program accounted for nearly $350 billion in health care spending; the Federal share was almost $191 billion. SCHIP provides an allotment of Federal matching funds to help States expand health care coverage to uninsured children. In 2007, SCHIP assisted roughly 7.5 million low-income children at a Federal cost of $6 billion.

However, it is particularly challenging to identify payment errors, their causes, and other vulnerabilities in the Medicaid and SCHIP programs because of the diversity of State programs and the variation in their administrative and control systems. Lack of information about payment error rates in Medicaid and SCHIP can present a substantial vulnerability in preventing and detecting fraud, waste, and abuse. OIG investigations have uncovered fraud schemes related to Medicaid reimbursement and marketing of prescription drugs. OIG audits and evaluations have also consistently found evidence that Medicaid drug reimbursement exceeds pharmacies’ drug-acquisition costs, primarily because States lack access to accurate pharmacy drug-cost data.

OIG investigations have uncovered fraud schemes related to Medicaid reimbursement and marketing of prescription drugs. OIG audits and evaluations have also consistently found evidence that Medicaid drug reimbursement exceeds pharmacies’ drug-acquisition costs, primarily because States lack access to accurate pharmacy drug-cost data.

Other Medicaid services particularly vulnerable to inappropriate payments include school-based health services, disproportionate-share hospital payments, casemanagement services, and dental services. Additionally, OIG has identified a number of State financing arrangements and other revenue-maximization tactics that inappropriately increase Federal Medicaid payments to States.

4. Quality of Care

Safeguarding the quality of care provided to Federal health care program beneficiaries continues to be an OIG priority. Much of OIG’s enforcement work focuses on ensuring that resources are not improperly diverted from patient care and on preventing providers from withholding needed care or rendering unnecessary or even harmful services.

In cases involving nursing facilities, OIG has identified systemic problems that have resulted in substandard care, including staffing shortages; improper restraint use; failure to implement medical orders or services identified on the care plan; failure to provide 4 proper nutrition; failure to ensure that residents are protected from falls, physical abuse, and medication errors; and failure to prevent facility-acquired conditions such as infections and pressure ulcers.

While investigating nursing homes for providing substandard care, OIG has encountered nursing facilities with as many as 17 limited liability companies that play a role in the facility’s operations. These complex structures and the associated lack of transparency in a facility’s ownership and management create challenges for ensuring accountability and greatly complicate law enforcement’s investigations. OIG has also found that profitseeking investors sometimes compete against patient care for resources.

OIG continues to raise concerns about shortcomings in program oversight and enforcement systems that may result in inadequate prevention or insufficient identification of substandard care delivery in a variety of other health care settings as well. For example, studies have shown that many home health agencies failing to comply with program standards still maintain their Medicare certification, serve Medicare beneficiaries, and receive Medicare funding.

Other concerns include vulnerabilities associated with providing required emergency services by hospitals, the operations of Quality Improvement Organizations, hospice oversight, and the ability of physician-owned specialty hospitals to manage medical emergencies.

5. Emergency Preparedness and Response

The ability to effectively prepare for and respond to a public health emergency requires planning, coordination, and communication across a wide range of entities that includes Federal agencies; States, localities, and tribal organizations; the private sector; individuals and families; and international partners. This combination of organizations with significantly different roles and organizational structures poses unique and unprecedented demands on HHS, as the Federal agency tasked with the responsibility for coordinating the Nation’s health response in the event of a disaster.

Since 2002, HHS has provided more than $7 billion to States and localities through various programs to enhance their emergency preparedness activities and to better enable them to respond to large-scale public health emergencies, such as bioterrorism, natural disasters, or outbreaks of infectious disease. However, OIG findings demonstrate the need for significant improvements to enable Federal, State, and local health entities to be fully prepared to detect and respond to health emergencies.

As Congress considers options to assist in restoring the health care infrastructure in and around New Orleans, OIG continues to examine the Department’s disaster response work in this area. For example, OIG has identified specific vulnerabilities related to procurements, beneficiary protections, uncompensated care for evacuees, Federal assistance for area hospitals, and the delivery of critical health care services. 5

OIG also remains concerned with the security of Department-funded laboratories and the manner in which these laboratories secure and transfer toxic materials known as “select agents.” OIG work regarding identification of biological agents has also identified vulnerabilities. Early and accurate detection and reporting of biological agents is a critical component of a national response to biological threats. OIG has reported that opportunities exist to improve coordination between State public health and private clinical laboratories to decrease the time to detect and report pandemic influenza. Additionally, OIG found that laboratories had problems maintaining accurate inventory and access records, controlling access, and planning for security.

6. Oversight of Food, Drugs, and Medical Devices

OIG recognizes the significant risks to public health and safety if the critical mandates of FDA and the National Institutes of Health (NIH) are not properly met. Over the past decade, numerous OIG evaluations and audits have consistently documented weaknesses in the Department’s oversight systems for ensuring the safety of food, drugs, and medical devices and for protecting human research subjects in clinical trials associated with NIH grants.

Recent OIG reviews have also identified weaknesses in FDA’s monitoring of drugs following their approval, and noted that FDA’s National Drug Code Directory was neither complete nor accurate at the time of the review. OIG also found that a lack of a clinical trial registry and inconsistencies in inspection classifications inhibited FDA’s ability to effectively manage its Bioresearch Monitoring program.

OIG’s enforcement efforts have also addressed fraudulent marketing activities by drug and device manufacturers, including kickback activity and the promotion of drugs for uses not approved by FDA. Such fraudulent activities undermine the integrity of the products’ labeling and medical decisionmaking and may lead to the products’ inappropriate use, putting patients at risk.

7. Grants Management

The size and scope of HHS grant expenditures, coupled with unique vulnerabilities associated with the very nature of a grant, have made grants management a significant OIG focus area. Unlike the management of other Government expenditures, performance responsibility and grant management rest primarily with the grantee, with little or no Government involvement in the funded activity.

In the area of mandatory grants, OIG has identified improper Temporary Assistance for Needy Families payments in certain States, vulnerabilities associated with State claims for foster care maintenance and administrative costs, and concerns related to undistributed child-support collections and the collection of payments from noncustodial parents with large child-support debts.

In the area of discretionary grants, OIG has identified several areas in need of improvement in the management and oversight of the National Cancer Institute’s Research Project Grants; vulnerabilities in the Head Start program, including problems related to financial management, the health and safety of children, and underenrollment; and instances of improper use of Ryan White funds.

8. Integrity of Information Systems and the Implementation of Health Information Technology

To ensure the confidentiality, integrity, and reliability of critical data that support departmental operations, it is essential that the Department have adequate internal controls over its information systems.

The expansion of HHS programs, such as the creation of the Medicare Part D benefit, significantly increases the programmatic and system demands on the Department. It expands existing relationships with business partners, such as Medicaid State agencies and contractors, and creates new ones. In turn, these relationships create the potential for new system security exposures that must be evaluated and, if need be, mitigated to ensure the confidentiality, integrity, and availability of critical assets.

Recent OIG audits regarding CMS oversight of security requirements established in HIPAA and of the Department’s compliance with Federal information security requirements have identified security vulnerabilities. They include faulty firewalls protecting networks, antivirus and patch management procedures not being adhered to, password requirements not being followed, and access to restricted data by individuals without proper security clearances. Such control weaknesses can compromise the integrity of sensitive program data and increase the risk that such data may be inappropriately used or disclosed. OIG also recently reported that CMS had no effective mechanism to ensure that covered entities were complying with HIPAA’s Security Rule or that electronic personal health information was being adequately protected.

9. Ethics Program Oversight and Enforcement

Since 2005, ethics program oversight, especially of grants management and research contracts, has been recognized as one of the Department’s top management challenges. OIG’s activities have ranged from evaluating agency ethics programs at selected Operating Divisions to determine whether they comply with regulations issued by the Office of Government Ethics and HHS, to investigating allegations of criminal ethics violations by current and former HHS employees.

HHS OIG cohosted a Conflict of Interest and Ethics Violation Summit in May 2007. The Office of Investigations coordinated the summit, which was cohosted by the U.S. Securities and Exchange Commission and attended by more than 200 participants. The summit highlighted the importance of the work being done in the ethics community and provided ideas and information on addressing and coordinating efforts involving ethics issues and investigations.

In recent work, OIG has identified a variety of vulnerabilities in the FDA process for review and approval of requests to engage in outside activities. OIG also found that the majority of the Institutes within NIH do not have Institute-specific policies or procedures for reviewing allegations about employee activities that might be criminal or improper, do not handle allegations uniformly, and do not uniformly confer with the appropriate outside parties when handling allegations of improper behavior.

OIG also determined that NIH’s Institutes and the Office of Extramural Research were unable to provide all of the actual conflict-of-interest reports they received from grantee institutions. NIH also did not follow up with grantee institutions regarding reported conflicts of interest. In addition to performing systemic reviews identifying vulnerabilities in the administration of the Department’s ethics program, OIG continues to investigate complaints involving potential conflicts by Department employees.

Top Management Challenge
Office of the Secretary