Scathing inspector general’s report on an FEHBP insurer’s refusal to submit to an IT audit imperils the company’s contract.
Thousands of federal employees in California could find themselves shopping for health insurance in the coming months, as the Office of Personnel Management’s inspector general deemed an insurer in the state to be in breach of its contract with the federal government under the Federal Employees Health Benefits Program.
According to a report from the OPM Office of the Inspector General released earlier this month, Health Net of California balked at an audit of its information technology systems, arguing that inspectors should rely on self-administered scans rather than conduct their own. The company has provided OPM with a limited list of employees and user IDs that have access to systems related to federal employees insured by Health Net, but the inspector general said that data is not sufficient.
“Health Net’s actions are in direct violation of the company’s contract with OPM, and also disregard the statutory authority of the OIG,” the agency wrote. “Of greater concern, however, is that the auditors cannot evaluate Health Net’s IT security controls . . . As a result, we are unable to attest whether Health Net is acting as a responsible custodian of critically sensitive [protected health information] and [personally identifiable information] of FEHBP members.”
If Health Net continues to block OPM’s access to its systems, the agency could deem the insurer in breach of its contract with the federal government and remove it from FEHBP. An OPM spokesperson said in an email that around 4,000 federal employees in California are insured by Health Net. The company has plans available in other regions, but those are not implicated in the inspector general’s report.
“Failure to meet OPM standards for Health Benefits Carriers may be cause for OPM’s withdrawal of an approval of a health benefits carrier and termination of a contract in accordance with [federal law],” the spokesman wrote.
If the agency moves forward with removing Health Net of California from its list of approved insurers, affected feds would be given an opportunity to enroll with a different insurance carrier. OPM would help federal Health Net customers if it comes to light that their health or personal information was compromised.
“Our focus is on preventing security incidences and breaches,” an OPM spokesperson said. “If a breach were to occur, OPM would work with the affected contractor and FEHB enrollees to mitigate damage and protect the enrollees’ data to the largest extent possible.”