Title: False Statements and Concealment of Material Information by VA Information Technology Staff
| Report Number: | 17-01980-201 |
Download
|
|---|---|---|
| Issue Date: | 1/28/2021 | |
| City/State: | ||
| VA Office: | Office of Information and Technology (OIT) | |
| Report Author: | Office of Special Review | |
| Report Type: | Investigative Review |
|
| Release Type: | Unrestricted | |
| Summary: | The VA Office of Inspector General (OIG) conducted an administrative investigation in response to a referral from VA officials about the potential for a conflict of interest involving VA employees’ establishment of a cooperative research and development agreement (CRADA) between VA and a private company in 2016. The CRADA contemplated VA sharing with the private company the health data of all veterans who had ever received health care from VA. The CRADA was canceled prior to the release of any health data. The OIG did not substantiate the existence of any conflict of interest; however, investigators found that two VA employees involved in creating the CRADA made false representations to and concealed material information from VA’s approving official for the agreement.
Before the CRADA was executed, VA privacy experts informed the two VA employees that the terms of the proposed CRADA raised regulatory concerns that needed to be addressed before approval. Despite the privacy experts’ objections, the two VA employees intentionally failed to disclose the unresolved privacy issues to the approving official. They also falsely represented that all reviews, including privacy, information security, and legal, had been completed—implying that any identified issues had been addressed and resolved. The OIG concluded that the approving official relied on the information received from the two VA employees and was led to approve the CRADA under false pretenses. As a result of the two VA employees’ actions, the health data of tens of millions of veterans would have been placed at risk of disclosure if VA officials had not detected a problem and cancelled the CRADA before information was shared with the private company. The matter was declined for prosecution. The OIG made two recommendations related to determining what administrative action, if any, VA should take with respect to the two employees’ conduct. |
|
Source: Department of Veterans Affairs, Office of Inspector General
h/t, Law360