Report Summary

Title: Review of Alleged Adverse Effect on Patient Care Due to Removal of a Computer-Assisted Survey Instrument
Report Number: 16-00838-348 Download
Issue Date: 9/29/2017
City/State: Mather, CA
VA Office: Office of Information and Technology (OIT)
Report Author: Office of Audits and Evaluations
Report Type:
Release Type: Unrestricted

In September 2015, OIG received an allegation that the Office of Information and Technology (OI&T) removed the Prescription Opioid Documentation and Surveillance (PODS) application from a VA server at the Northern California Health Care System (NCHCS) Pain Management Clinic. The complainant alleged the removal was potentially harmful to veterans who were put at increased risk of accidental overdose. We substantiated the allegation that OI&T removed PODS. PODS used medical and mental health questionnaires to obtain patient information from patients prior to face-to-face evaluations with clinicians. According to the NCHCS Chief of Staff, PODS was “not a standard of care.” In addition, clinicians told us PODS was not necessary for prescribing and tracking opioids. Clinicians reported they clinically evaluated and assessed patients’ to determine the required level of monitoring and long-term opioid therapy. Because PODS was not needed to meet an appropriate standard of care, and clinicians reported they could provide requisite care without PODS, we concluded its removal did not put veterans at increased risk of accidental overdose. Although not part of the allegation, we found OI&T failed to protect the integrity of VA’s enterprise and the security of the information it stored by allowing PODS’ use. PODS was started as a research project in 2006. After the research ended in 2012, clinicians continued to use PODS until it was removed in July 2015. However, PODS was an unsupported Class III software that did not meet system requirements, which created an unnecessary risk that veterans’ sensitive information could be accessed. These security concerns existed because OI&T Region 1 staff failed to follow their standard operating procedures for the assessment and removal of Class III software.