Beta This is a new resource - your feedback will help us improve it. Learn More.
Recommendations Tracker
HHS-OIG provides independent and objective oversight that promotes economy, efficiency, and effectiveness in HHS programs and operations. To drive this positive change, we produce reports and identify recommendations for improvement. We have developed this public-facing page for tracking all of our open recommendations.
Use the “Top Unimplemented” View below to read OIG’s Top Unimplemented Recommendations—a subset that we think, if implemented, would have the most impact (learn more). Notable differences from our previous Top Unimplemented Recommendations report include:
- The list is comprised of individual recommendations from OIG reports, not rolled up by topic.
- No arbitrary cap is imposed on the number of recommendations included.
- Status updates as recommendations are implemented.
Summary of All Recommendations
Updated Monthly · Last updated on March 14, 2025
1,280
Unimplemented
recommendations
2,849
Implemented and Closed
recommendations since FY 2017
Views
OIG Recommendations Grouped by Report
Showing 1–1 of 1 reports, containing 22 recommendations
Sorted by latest release date
-
IHS Needs To Improve Oversight of Its Hospitals' Opioid Prescribing and Dispensing Practices and Consider Centralizing Its Information Technology Functions
19-A-18-114.01We recommend that IHS revise the IHM to include the type of action a provider should take and what documentation to include in the patient's EHR when a UDS is unfavorable.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 09/07/2023
- Legislative Related
- No
19-A-18-114.02We recommend that IHS revise the IHM manual to require area offices to submit completed annual reviews to IHS headquarters.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 10/30/2024
- Legislative Related
- No
19-A-18-114.03We recommend that IHS increase oversight of IT systems by IHS management, including consideration of centralizing its key IT systems (including RPMS), services, and cybersecurity functions (e.g., patch management, unsupported network equipment and contingency planning) by conducting a cost-benefit analysis and risk assessment of adopting the Cloud First Policy and other means of centralization (e.g., headquarters, area offices). Specifically, determine if a cloud solutions or other modernization approaches are most effective and cost efficient in addressing persistent cybersecurity vulnerabilities and increasing network resiliency.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 01/17/2023
- Legislative Related
- No
19-A-18-114.04IHS present findings and cost savings analysis to tribal leadership and the IHS user community to get buy-in for any significant IT enterprise changes.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 01/17/2023
- Legislative Related
- No
19-A-18-114.05We recommend that IHS implement a strategic and phased approach to centralization of IT systems, services and cybersecurity functions.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 01/17/2023
- Legislative Related
- No
19-A-18-114.06We recommend that IHS work with hospitals to: ensure pain management and related documentation is done in accordance with IHS policies and procedures.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 08/03/2022
- Legislative Related
- No
19-A-18-114.07We recommend that IHS work with hospitals to develop policies and procedures to review the EHRs of patients with opioid prescriptions from non-IHS providers and document the results of the review in the EHR, particularly for those patients who had previously violated their COT agreements.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 09/07/2023
- Legislative Related
- No
19-A-18-114.08We recommend that IHS work with hospitals to ensure opioid dispensing data are complete, accurate, and submitted in a timely manner to the State PDMP for use by providers and pharmacists.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 08/03/2022
- Legislative Related
- No
19-A-18-114.09We recommend that IHS work with hospitals to ensure all opioids are in a locked cabinet, safe, drawer, or other appropriate secure container at all times.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 08/03/2022
- Legislative Related
- No
19-A-18-114.10We recommend that IHS work with hospitals to track all opioids prescribed at the hospital in the patient EHRs, including those being filled at an outside pharmacy.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 09/07/2023
- Legislative Related
- No
19-A-18-114.11We recommend that IHS work with hospitals to analyze opioid data to make decisions and oversee providers to minimize prescribing practices that exceed daily MME guidelines established by IHS, co-prescribe opioids and benzodiazepines, and use opioids for acute pain.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 08/03/2022
- Legislative Related
- No
19-A-18-114.12We recommend that IHS work with hospitals to remediate the IT vulnerabilities identified.- Status
- Open Unimplemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- 02/14/2025
- Next Update Expected
- 08/28/2025
- Legislative Related
- No
19-A-18-114.13We recommend that IHS work with area offices to renegotiate the MOU with Oklahoma and other States that have restrictive MOU language to allow for PDMP self-audits and collection by clinical directors.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 08/03/2022
- Legislative Related
- No
19-A-18-114.14We recommend that IHS work with area offices to complete required annual reviews that are consistent in type and level of detail across all IHS hospitals.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 09/07/2023
- Legislative Related
- No
19-A-18-114.15We recommend that IHS should assign a centralized team (e.g., headquarters, area office) to: Ensure patches are deployed timely to all IHS end points in accordance with NIST guidance and IHS policies and procedures.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 02/28/2025
- Legislative Related
- No
19-A-18-114.16We recommend that IHS should assign a centralized team (e.g., headquarters, area office) to monitor and track end-of-service-life IT equipment that cannot be maintained centrally (e.g., switches or routers). IHS hospitals and area offices should provide a tracking spreadsheet to IHS headquarters on a periodic basis that highlights equipment that is reaching or has reached end of service life and replace such equipment or provide management approved justification for its continued use.- Status
- Open Unimplemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- 02/14/2025
- Next Update Expected
- 08/28/2025
- Legislative Related
- No
19-A-18-114.17We recommend that IHS should assign a centralized team (e.g., headquarters, area office) to: Securely configure and monitor wireless access points at all IHS hospitals.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 02/28/2025
- Legislative Related
- No
19-A-18-114.18We recommend that IHS should ensure that physical IT controls are included in each hospital's risk assessment.- Status
- Open Unimplemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- 02/14/2025
- Next Update Expected
- 08/28/2025
- Legislative Related
- No
19-A-18-114.19We recommend that IHS should ensure that all devices on IHS's network are scanned for vulnerabilities, scan reports reviewed by appropriate computer personnel, track vulnerability remediation, and ensure that vulnerabilities are remediated in a timely way.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 02/28/2025
- Legislative Related
- No
19-A-18-114.20We recommend that IHS should ensure that all hospitals Institute complete and updated contingency plans and test plans in accordance with Federal guidelines.- Status
- Open Unimplemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- 02/14/2025
- Next Update Expected
- 08/28/2025
- Legislative Related
- No
19-A-18-114.21We recommend that IHS should ensure that all hospitals: Store backup tapes off-site in accordance with Federal guidelines.- Status
- Closed Implemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- -
- Closed Date
- 02/28/2025
- Legislative Related
- No
19-A-18-114.22We recommend that IHS should ensure that all hospitals: Have a complete risk assessment, to include all IT assets, for all risks, both physical and information security, in accordance with IHS and NIST guidance.- Status
- Open Unimplemented
- Responsible Agency
- IHS
- Response
- Concur
- Potential Savings
- -
- Last Update Received
- 02/14/2025
- Next Update Expected
- 08/28/2025
- Legislative Related
- No