Major issues at Indian Health Service (IHS) hospitals have led to unsafe conditions for patients, risky opioid prescribing practices, and information technology (IT) vulnerabilities, according to two reports released Monday by HHS' Office of Inspector General (OIG).
Report identifies care issues, staffing shortages, and more at IHS hospital
One report released Monday focused on the closure and reopening of an IHS-operated hospital's emergency department (ED) on the Rosebud Sioux reservation in South Dakota. According to the report, IHS closed Rosebud Hospital's ED in December 2015 for more than seven months. For the report, HHS' OIG examined:
- How IHS managed the closure and reopening of Rosebud Hospital's ED;
- What factors led IHS to close the ED;
- What actions IHS took to address issues at the hospital and reopen the hospital's ED; and
- Why the ED continues to have issues after reopening in July 2016.
Auditors reviewed both public and internal documents from IHS and stakeholders, and interviewed officials from CMS, IHS, IHS' Great Plains Area Office, Rosebud Hospital, and the Rosebud Sioux Tribe.
HHS' OIG found a number of factors had prompted IHS to temporarily close Rosebud Hospital's ED, but auditors determined IHS mainly had decided to shut down the ED because of concerns CMS had raised over the ED's quality of care, as well as longstanding issues with staffing shortages.
According to the report, CMS in November 2015 had identified problems related to quality of care that spanned various hospital departments, but pinpointed particularly severe issues in the hospital's ED. CMS cited the ED for failing to comply with one or more of the agency's requirements to participate in Medicare, and noted that the issues it found put patients at immediate risk of experiencing serious harm, including impairment or death.
IHS officials attributed the ED's shortcomings to "longstanding problems with insufficient staffing, rotating leadership, and equipment issues," according to the report. However, HHS' OIG found other factors had contributed to the ED's issues, including:
- IHS' limited oversight of Rosebud Hospital;
- The ED's increased use of contract providers who rotated in and out of the facility; and
- Rosebud Hospital's lack of an adequate infrastructure—including policies, procedures, staff training, and working equipment—to ensure patients received basic quality care.
CMS in December 2015 issued a letter terminating Rosebud Hospital's ED from Medicare, and IHS subsequently announced it would temporarily close the ED. According to HHS' OIG, IHS submitted a plan to CMS to operate Rosebud Hospital without an ED. However, auditors found that when the ED closed and the hospital began transferring patients, Rosebud Hospital had failed to notify its own staff and nearby hospitals about the transfers, which complicated the process and overwhelmed hospitals, according to the report.
To address the hospital's issues and reopen the ED, IHS entered a Systems Improvement Agreement (SIA) with CMS and implemented a number of changes, including:
- Bringing in a team of clinical and management leaders who had experience with regulatory compliance, problem-solving, and staff accountability;
- Conducting assessments and training to ensure staff were prepared to treat patients;
- Developing and revising the hospital's procedures and staff responsibilities;
- Identifying systemic issues and implementing solutions to address the widespread problems; and
- Improving communication with HHS, IHS, and Rosebud Hospital officials.
According to HHS' OIG, CMS in September 2017 concluded that IHS had completed the SIA. However, CMS in July 2018 again cited Rosebud Hospital's ED for issues that put patients at risk of serious harm or injuries.
To address the latest issues and prevent them from occurring at other IHS hospitals, HHS' OIG recommended that IHS:
- Continue taking steps to identify problems at IHS hospitals and intervene early with effective measures;
- Develop and implement a staffing program to recruit, retain, and transition staff and leadership to hospitals in remote locations;
- Develop procedures for temporary ED closures and communicate those procedures with hospitals and other emergency medical care providers to ensure they are prepared to accept patients who are transferred; and
- Improve training and orientation procedures for new hospital leaders to ensure they follow hospital policies and IHS directives aimed at maintaining high-quality care.
IHS concurred with the recommendations, and Petra Nealy, HHS' deputy regional inspector general, said IHS has committed to create a comprehensive leadership and staffing recruitment plan, as well as requiring hospital leaders to adequately train their replacements. "They are taking this seriously," Nealy said, adding, "Both IHS and CMS leaders are on the upswing in thinking about quality, safety, and management, (more) than we've seen before."
Report finds IHS hospitals failed to follow opioid prescribing guidelines, notes IT vulnerabilities
The second report released Monday focused on the opioid prescribing and dispensing practices and IT system controls at five IHS-operated hospitals. For the report, HHS' OIG examined whether:
- IHS' decentralized IT management structure affected the agency's ability to deliver IT and information security services at IHS hospitals in accordance with federal requirements; and
- IHS hospitals dispensed and prescribed opioids in accordance with IHS' policies and procedures.
Auditors reviewed a sample of 150 patient records and conducted penetration tests at each of the five IHS hospitals reviewed for the report.
HHS' OIG found that the five IHS hospitals failed to follow guidelines for prescribing and dispensing opioids under IHS' Indian Health Manual. Specifically, auditors found the hospitals did not always:
- Perform required urine drug screenings within recommended timeframes;
- Maintain pain management records to show providers fulfilled their responsibilities;
- Review a patient's course of treatment or causes of pain within the required timeframes;
- Review patient health records before filling prescriptions from non-IHS providers; and
- Use prescription drug monitoring programs.
In addition, HHS' OIG found decentralized IT management structures across the five hospitals resulted in vulnerabilities. According to the report, the decentralized structures had weakened the hospitals' abilities to implement effective security controls to prevent or detect cyberattacks.
HHS' OIG also found the hospitals inconsistently implemented IT security controls, which meant certain cyberattacks might be remediated at one IHS hospital, but not others. HHS OIG' said the vulnerabilities could have significantly affected the hospitals' operations and delivery of care.
HHS' OIG made several recommendations to address the issues it flagged in the report. For example, HHS' OIG recommended that IHS:
- Collaborate with hospitals to ensure pain management and related documentation is completed in accordance with IHS policies and procedures; and
- Revise the Indian Health Manual to describe what actions providers should take to comply with opioid prescribing and distribution guidelines.
HHS' OIG also recommended that IHS:
- Assess whether IHS should adopt a cloud computing policy to centralize its IT systems; and
- Increase oversight of IHS hospitals' management of IT systems.
IHS concurred with the recommendations, and Rear Adm. Michael Weahkee, IHS' acting director, said the agency already has begun working on standardizing how it tracks opioid prescriptions at its facilities (Meyer, Modern Healthcare, 7/22; Baker, "Vitals," Axios, 7/23; Frosch/Weaver, Wall Street Journal, 7/22; Fonseca, AP/KOMO News, 7/22; HHS' OIG report , 7/21; HHS' OIG report , 7/22).