MHBE Compliance Program THIRD QUARTER FY 2019 REPORT TO MHBE BOARD OF TRUSTEES May 20, 2019 Presented by: Caterina Pañgilinan
Audit Status Report Total Audit Findings Open Findings OLA (0) Independent External Audit Finance FY18 Medicaid Recipient Income Verification processes (0) Recruitment and Evaluation FY18 Board PPP - IDIQ Task Orders ≥ $200k (2) SMART PY17 Board PPP - Minimum Solicitation Periods (0) Independent External Audit Programmatic PY18 (7) IRS 1075 Safeguards FY17 (8) OLA Fiscal Compliance Audit FY14 - FY17 Corrective Actions Implemented OLA Fiscal Compliance SMART and Independent Audit IRS Safeguards Create New User Roles Hierarchy of Denial Reasons Physical Security Revamp Privileging Process Employer Sponsored Coverage Access Log Validate Changes to Applications Periodic Data Matching FTI Tape Labeling Enhance Code Tracking System Accrual Process Exhibit 7 Language Increase Layered Security Incarceration Status FTI Training Quantify IDIQ Technical Evaluations QHP Enrollment Error Disclosure Awareness Backup Documentation from Vendors VLP STEP 3 IRS Background Checks Enhance Competitive Bid Controls Require SOC 2 Type 2 Audits *Bold indicates newly implemented 2
Privacy Program Highlights 26% Increase in Reported Privacy Incidents • Support MDH Privacy Incident Investigative Process 30 25 • Update Non-Exchange Entity Agreements (NEEA) & 20 Create Template Repository 15 • Publish & Implement Annual Privacy Training 10 • Revise NEE Audit Tool and Develop Audit Schedule 5 0 • Require and Monitor Vendors’ SOC 2 Type 2 Audits Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr FY18 FY19 N = 139 N = 175 • Develop SalesForce Privacy and Compliance Application 10% Decrease in Rate of CSR Errors 23% Increase in Rate of Misloads Effective Privacy Incident Mitigation FY18-Apr FY19-Apr FY18-Apr FY19-Apr 1.4 15% 1.20 8 1.40 2.50 1.39 1.35 2.26 2.00 1.84 29 7.7 1.30 36% 1.24 1.50 1.25 1.00 1.24 % of Rate of Days to Send Average 1.20 0.50 Misloads Parties Breach Days to requiring Affected per Letter Delete 1.15 0.00 Notice to Misload Misload Per 100,000 calls Per 10,000 uploads Consumer 3
Assessment and Audit Timeline JAN FEB MARCH APRIL MAY JUNE JULY & SEPT → DEC AUGUST 01/01/19 to PERM Audit 01/01/19 to 12/31/19 12/31/19 Ind. Ext. Financial Onsite Audit 02/01/19 to 3/05/19 and Report PY19 Privacy Impact 2/1/19 to 3/22/19; 2 nd PIA may be due with MARSE Assessment and MARSE review 6/28/19 Ind. Ext. Programmatic Onsite 2/15/19 to 5/30/19 Audit and Report System Security Report 3/1/18 to 05/30/18 PY18 SMART 3/15/19 to 5/30/19 Independent Security and 03/29/19- 05/12/19 Privacy Assessment Review ATC Packet Due 5/12/19 RED Audit 9/1/19 to 12/31/19 4
Compliance Hotline and Fraud, Waste and Abuse 3 rd QTR FY19 Compliance Hotline Calls Department # Of Calls % of Calls Civil Rights Officer 2 3% 3% Constituent Services 77 97% Grand Total 79 100% Civil Rights Officer Constituent Services 97% 3 rd QTR FY19 Fraud, Waste & Abuse Allegations o 13 - Allegations o 6 - Referred to MDH o 6 - Closed/Not Founded o 1 - Closed/ No Response 5
QUESTIONS? THANK YOU! 6
Recommend
More recommend
