Oregon State Police: Forensic Division Has Taken Appropriate Steps to Address Oregon’s Sexual Assault Kit Testing Backlog

Report Highlights


Oregon State Police (OSP) has taken appropriate steps to manage an influx of Sexual Assault Forensic Evidence (SAFE) kits sent by local law enforcement agencies after Melissa’s Law passed in 2016, including adding staff and equipment, changing how they prioritize the testing of DNA evidence, and using more efficient technologies for DNA processing. Many of these changes occurred too recently to definitively determine whether they will successfully eliminate the remaining backlog. However, the actions taken are aligned with best practices and OSP officials estimate they will largely eliminate the backlog by the end of 2018.

Background

The Forensic Services Division of OSP provides Oregon’s only full-service forensic lab system. The intent of Melissa’s Law is to prevent a future SAFE kit testing backlog at local law enforcement agencies by mandating all non-anonymous kits be sent to OSP for testing.

Purpose

The purpose of this audit was to report on whether OSP has taken actions consistent with statute and best practices to address the SAFE kit backlog.

Key Findings

  1. OSP has complied with Melissa’s Law by increasing lab capacity and reporting results to legislators on efforts to reduce the SAFE kit backlog.
  2. OSP is following best practices outlined by the National Institute of Justice for forensic labs that process SAFE kits. For example, OSP’s “high-throughput” approach to obtaining DNA profiles from SAFE kits is recommended for decreasing kit backlogs.
  3. The agency’s decision to suspend DNA processing of property crime evidence to focus on SAFE kits could lead to a backlog of DNA evidence of this type at local law enforcement agencies. Local law enforcement agencies are eager for OSP to resume accepting DNA evidence for property crimes.
  4. As of January 2018, many of OSP’s capacity-building and process improvement efforts have been implemented. Since then, OSP has shown substantial improvement in the number of kits processed each month. Also, there has been a significant reduction in the statewide backlog. A 2017 survey of local law enforcement agencies found approximately 1,100 kits needing testing, down from approximately 4,900 in 2015. For these reasons, OSP believes it can eliminate the backlog by the end of 2018.

Recommendations

We recommend that OSP publicly post backlog status reports, examine options for a statewide SAFE kit tracking system, and plan for reintroducing DNA testing in property crimes.

OSP generally agrees with our recommendation. The agency’s response can be found at the end of the report.

Read full report here.

Featured New Audit Release Performance Audit

Audit Release: The State Must Do More to Prepare Oregon for a Catastrophic Disaster

Report Highlights


Oregon is at risk of a major Cascadia earthquake and tsunami that will threaten infrastructure, cost potentially billions of dollars, and result in numerous deaths. The state must do more to prepare for such a disaster, including completing and implementing critical plans, fulfilling minimum standards for an effective emergency management program, and adequately staffing the agency charged with coordinating emergency management efforts.

Background

The emergency management system encompasses local governments and almost all of state government. The Office of Emergency Management (OEM) is charged with coordinating Oregon’s emergency management efforts, including mitigation, preparedness, response, and recovery.

Audit Purpose

The purpose of this audit was to determine the status of state agency and local emergency management efforts to prepare for a catastrophic event, such as a Cascadia earthquake and tsunami.

Key Findings

  1. Oregon does not meet key emergency management program standards. These national baseline standards are a tool to strengthen preparedness and response, demonstrate accountability, and identify resource needs.
  2. Planning efforts across all levels of Oregon’s emergency management system are lacking. Critical continuity plans that ensure functional government services in the wake of a disaster are either missing or incomplete. Additionally, insufficient staff resources put the state at risk of losing potentially millions of dollars in federal grant funding for future disasters.
  3. Current statewide staffing is inadequate to reduce Oregon’s vulnerability to disasters. OEM in particular is understaffed, despite repeated budget requests to the Legislature, which inhibits the agency’s capacity to coordinate emergency management efforts in the state.
  4. More accountability, such as public reporting and tracking, is needed to ensure progress on long-term resilience goals and projects and to enhance public awareness.

To reach our findings, we conducted a survey of state agencies and local emergency management programs. We also interviewed staff at OEM, other executive branch agencies, and the legislative and judicial branches of state government. We researched programs in other states and assessed emergency management program standards.

Recommendations

This audit includes 11 recommendations, five to OEM and six to the Governor’s Office. These recommendations include such actions as completing, implementing, and exercising emergency and continuity plans; meeting minimum emergency management program standards; reporting on efforts to improve state resilience; defining roles and responsibilities and assessing and filling resource gaps.

OEM agreed with all the recommendations we made to them. The Governor’s Office agreed with all but one of our recommendations. That recommendation, they believe they have already implemented. Both OEM and the Governor’s Office’s responses can be found at the end of the report.

Read the full report here.

Emergency Management Framework

Featured New Audit Release Performance Audit

Methods (to our madness): Complex analysis in the public eye

The Secretary of State recently released a performance audit on the Oregon Health Authority: Oregon Health Authority Should Improve Efforts to Detect and
Prevent Improper Medicaid Payments. This audit received a lot of media exposure, in part due to an Audit Alert released in May, some months before the scheduled audit release date. Unsurprisingly, this led to more than a little pressure. How did our 4 person audit team (Ian Green, Wendy Kam, Kathy Davis, and Eli Ritchie) approach this audit, stay cool under fire and make sure their conclusions were sound? I sat down with the lead auditor, Ian Green, to find out more.

You led the OHA, Improper Medicaid Payments audit. What are your strategies when you’re faced with a complex agency and a complex topic?

When we started this audit, we knew we’d be looking at improper payments. Even that’s such a big topic, we knew we’d need to scope it down where we could. So we got as much information as we could from all levels – hundreds of interviews with officials and analysis, looking at agency documentation, research on best practices, all of that.

What methods did you use to identify improper payments?

Our primary focus was to look at process issues, but we did attempt to find some improper payments. We used audit software to analyze large data sets. We did a lot of data matching and looked for results that were outliers. For instance, we checked to see if providers were getting duplicate reimbursements. It’s a complex system, so providers and billers might make errors that should be caught before payments are set out. Another example was checking to see if there were people enrolled in the Oregon Health Plan who shouldn’t be – like if someone had moved out of state.

 What challenges did you face doing this audit, and what strategies did you use to address them?

One challenge was the sheer amount of data. We looked at over two hundred million records.  There was so much data that running tests could take a very long time. My team would run a script and leave it overnight to finish. We had to be very careful about how we set up our tests. Since we kept everything scripted out, each time we got new information, we could just update that script. That kept the testing sustainable, which is very important given all the last minute information we received.

To address the complexity of the topic, we separated our approach into three subtopics: prevention, detection, and recovery. Each person on the team focused on one area, and we’d meet to discuss weekly. That helped make sure we covered all the information while still working together closely.

Another challenge was trying to get complete data. We’d request data and be told we had it all. And then we’d find out it was incomplete. That meant we had to continue reworking our analysis constantly. Without scripting, it would have been extremely time-consuming to perform this work manually.

What was the hardest thing about completing this audit in the public eye?

It’s a very sensitive topic. We knew that we’d get a lot of scrutiny. But we did what we always do, which is to work really hard to make sure all our conclusions are accurate and well-supported, and put all our work through a thorough quality assurance process.

 Is there anything you wish non-audit folks knew about the audit process?

Generally, there’s a public perception that an audit should find everything that might be going wrong. Auditors look at a higher level to see if there are controls in place to prevent something from going wrong. If we’re concerned, we may do deeper testing to see what’s actually happening. For instance, we looked at processes to manage improper payments. Our goal wasn’t to find all of the improper payments being made. Our testing helped measure the effect of the processes that are currently in place.

Anything else?

It was a big audit. We’ve been excited to see important changes happening, even while we were still working on the audit. The Oregon Health Authority is working to address weaknesses in their processes and being more transparent. That’s a really good outcome, from our perspective.

 

Check out the audit here: http://sos.oregon.gov/audits/Documents/2017-25.pdf

Auditing and Methodology Auditors at Work Featured Performance Audit

Audit Release: DEQ Should Improve the Air Quality Permitting Process to Reduce Its Permit Backlog and Better Safeguard Oregon’s Air

Report Highlights


The Secretary of State’s Audits Division found that the Oregon Department of Environmental Quality (DEQ) should evaluate staffing and workloads among air quality permit writers and provide better guidance to both staff and businesses to help reduce the agency’s air quality permit backlog.

Background

This audit reviewed air quality permitting at the Oregon Department of Environmental Quality. Air quality permits regulate the types and amounts of air pollution businesses are allowed to emit, based on federal pollution limits set by the Clean Air Act and state limits established in state laws and DEQ rules.

Audit Purpose

The purpose of this audit was to determine how DEQ could improve its air quality permitting process to better safeguard Oregon’s air quality.

Key Findings

The Oregon Department of Environmental Quality has a significant backlog in air quality permit renewals. We found that:

  1. 43% (106 out of 246) of DEQ’s largest and most complex federal and state air quality permit renewals are overdue for renewal. Additionally, more than 40% of the most complex permits issued from 2007 to 2017 exceeded timeframes established by DEQ or the Clean Air Act, some by several years.
  2. DEQ struggles to issue timely permits and renewals due to a variety of factors, including competing priorities, vacancies, and position cuts that have created unmanageable workloads. Other factors include inconsistent support and guidance for staff; a lack of clear, accessible guidance for applicants; and increased time for the public engagement process.
  3. Untimely permits, combined with a current backlog of inspections, endanger the state’s air quality and the health of Oregonians. For example, when DEQ does not issue permit renewals on time, businesses may not provide DEQ with data showing they are complying with new or updated rules.

To reach our findings, we conducted interviews, analyzed air permit data, reviewed documents and reported practices, and researched leading practices.

Key Recommendations

Based on our review of leading practices and air quality agencies in other states, the report includes ten recommendations to the Department of Environmental Quality. Recommendations include evaluating permit writer workloads and staffing, clarifying the public engagement process, providing better guidance to permit writers and businesses, and conducting a process improvement effort.

The agency agreed with our findings and recommendations. Its response can be found at the end of the report.

Read the full report here.

Featured New Audit Release Performance Audit

Audit Release: Oregon Health Authority Should Improve Efforts to Detect and Prevent Improper Medicaid Payments

Report Highlights


Our audit found that Oregon Health Authority (OHA) recovery efforts are appropriate and reasonable, but the agency should strengthen efforts to detect and prevent improper payments in Oregon’s $9.3 billion per year Medicaid program. Prevention of improper payments is more cost-effective than attempting to recover improper payments. We also found that delays in processing eligibility for thousands of Oregon’s Medicaid recipients resulted in millions of dollars of avoidable Medicaid expenditures, a critical issue the agency failed to disclose until raised in a May 2017 Auditor Alert. Furthermore, OHA did not timely disclose relevant information, which impeded our audit work. OHA’s new management has been more proactive and transparent in addressing these issues.

Background

An improper payment is defined by the federal government as “any payment that should not have been made or was made in an incorrect amount (including overpayments and underpayments) under statutory, contractual, administrative, or other legally applicable requirements or where documentation is missing or not available.”

Purpose of Audit

The primary purpose of the audit was to determine if the Oregon Health Authority could improve processes to prevent, detect, and recover improper Medicaid payments. The secondary purpose was to follow-up on OHA’s progress to resolve issues we raised in our May 2017 Auditor Alert.

Key Findings

Within the context that Medicaid is a very complex and challenging program to administer, we found:

  1. OHA has gaps in procedures for preventing certain improper payments. Insufficient management of the agency’s processes for identifying and resolving payment and eligibility issues, prioritization of staffing resources, and efforts to address technology issues put taxpayer dollars at risk.
  2. OHA lacks well-defined, consistent, and agency-wide processes to detect certain improper payments, especially related to coordinated care. We identified approximately 31,300 questionable payments based on our review of 15 months of data. OHA needs to continue researching these claims to determine how many were improper; OHA reported that only a small percentage were improper based on preliminary research of 2,700 claims.
  3. OHA recovery efforts appear appropriate and reasonable, but may be underutilized due to OHA’s limited procedures for detecting improper payments.
  4. OHA reported completing the action plan to determine eligibility for the remaining backlog of 115,200 Medicaid recipients. Approximately 47,600 (41%) were deemed ineligible as a result, although this figure may decrease slightly through the end of November. Failure to address this issue in a timely fashion resulted in approximately $88 million in avoidable expenditures.

Recommendations

Drawing from national leading practices, our report includes eight recommendations to OHA focused on strengthening efforts to detect and prevent improper payments. Oregon Health Authority agrees with our recommendations. The agency’s response can be found at the end of the report.

Read full report here

 

Featured New Audit Release Performance Audit

DHS – Aging and People with Disabilities: Consumer-Employed Provider Program Needs Immediate Action to Ensure In-Home Care Consumers Receive Required Care and Services

Report Highlights


The Secretary of State’s Audits Division found that the Aging and People with Disabilities (APD) program should take immediate action to address gaps in program design and oversight in order to improve the safety and well-being of participants in the Consumer-Employed Provider (CEP) program.

Read full report here.

Background

Oregon is a leader in providing in-home long- term care options for older adults and people with disabilities. The most used in-home care program is the Consumer-Employed Provider program, which positions consumers as employers of their homecare worker.

Purpose

The purpose of this audit was to assess the policies and processes used by APD to ensure the needs of consumers in the CEP program are met.

Key Findings

The effectiveness of the Consumer-Employed Provider program is dependent on the consumer, the case manager, and the homecare worker. If each is capable, competent, and supported in their role, the current model can be successful. Our audit found:

1. Some consumers are not receiving the support necessary to ensure required employer duties are being performed, which adds to case managers’ and homecare workers’ responsibilities.
2. Case managers are not consistently contacting consumers, or monitoring services consumers receive due to excessive workloads.
3. Agency requirements do not ensure that homecare workers are prepared to provide the care and assistance consumers need.
4. Due to current data collection and utilization practices, it is difficult for APD to determine if consumers are safe and receiving the care and services they need.
5. Current deficiencies in the program may put consumers’ health and well-being at risk and keep the program from operating as intended.

To reach our findings, we conducted interviews and case file reviews, collected and analyzed CEP consumer data, and researched federal and state standards.

Recommendations

The report includes recommendations to improve Consumer-Employed Provider program implementation and support. Recommendations include consistently following existing monitoring policies, addressing case managers’ excessive workload and responsibilities, and providing more support to consumers and homecare workers.
The Department generally agreed with our findings and recommendations. Its response can be found at the end of the report.

Featured New Audit Release Performance Audit

Audit Release: Department of Administrative Services Should Enhance Succession Planning to Address Workforce Risks and Challenges

Report Highlights


The Secretary of State’s Audits Division found that the Department of Administrative Services (DAS) should play a stronger leadership role in addressing key workforce risks and challenges within the state executive branch, through enhanced workforce succession planning.

Read full report here

Background

This audit reviewed succession planning within the Oregon executive branch. Succession planning is an ongoing management process used to ensure workforce continuity and effectiveness, particularly in key leadership and technical functions.

Purpose

The purpose of the audit was to determine if and how the State of Oregon could better plan for future key workforce needs, including preparing state employees to fill key roles.

Key Findings

Within the context that effective succession planning is difficult, complex and is frequently not a priority within the public sector, we found:

  1. DAS has not developed or implemented a state-level succession planning framework, despite recognizing the importance of succession planning.
  2. The lack of a succession planning framework increases workforce risks, such as not developing or retaining knowledgeable and skilled employees to perform critical functions.
  3. These risks are exacerbated by demographic and economic trends, including increasing retirement rates, and a lack of formal succession planning processes within state agencies.
  4. State agencies also report challenges, including inaccessible workforce information, that may hinder strategic human capital management practices and should be addressed at a state level.

To reach our findings we conducted interviews, reviewed documents and reported practices, researched leading practices and analyzed workforce data.

Recommendations

Drawing from national leading practices and benchmarking with other states, the report includes eight recommendations to the Department of Administrative Services focused on implementing a succession planning framework in the Oregon executive branch. Recommendations include providing guidance to agencies, monitoring workforce risks, and working with agencies to identify and address barriers at a state level.

Featured New Audit Release Performance Audit