An Audit Report on the Department of State Health Services' Public Health Laboratories
September 2010
Report Number 11-001
Overall Conclusion
The Department of State Health Services (Department) did not provide adequate fiscal and operational oversight over its three public health laboratories. This lack of oversight has resulted in significant weaknesses in the laboratories' financial, inventory control, and information technology environments. Specifically:
- The Department does not ensure that it consistently issues bills and collects revenue in a timely manner for the services the laboratories provide. The Department had not billed customers for most of the billable tests conducted at the South Texas Laboratory since July 2008, and it has not ensured that it billed for all billable tests conducted at the Austin Laboratory. According to Department records, the unbilled amount for the tests conducted at the South Texas Laboratory from July 2008 until February 2010 is approximately $440,000. The Department did not have sufficient documentation to support its current fee schedules and did not have a reasonable cost allocation methodology on which to base its fee schedules for tests that its laboratories conduct. Statute prohibits the Department from charging more for a laboratory service than the cost to the Department for providing the service. However, the Department does not regularly update the laboratories' fee schedules.
- The Department has procedures in place to ensure that its laboratories' revenues and expenditures, as well as Medicaid allocations, comply with specific riders in the General Appropriations Act. However, the Department did not accurately report financial information related to the laboratories' operations in its fiscal year 2009 annual financial report. Auditors identified more than $9.1 million in accounts receivable that the Department should have reported, but did not report, in its fiscal year 2009 annual financial report.
- While the laboratories have detailed standard operating procedures that outline acceptable ranges for the amount of time it takes to process a specimen once it is received, the Department cannot provide assurance that the laboratories adhered to those procedures because of the significant control weaknesses over the applications that track the testing information.
- The Department lacks an adequate process for tracking and safeguarding the inventory of supplies used in laboratory tests and has not completed a plan to protect inventory in the event of an emergency. As a result, the Department faces increased risk that supplies needed by its laboratories will not be available during testing, will expire before use, and/or may be stolen or wasted without detection.
- The Department did not ensure that it always inspected hazardous materials as required. - The Department did not ensure that the laboratories' information management applications would provide system functionality and usability, or that identified problems were addressed in a timely manner.
- The Department did not require its laboratories to comply with the Department's documented security standards and guidelines, which include detailed policies and procedures for information technology security, acceptable use, access controls, and change management. Auditors identified significant weaknesses in the Department's controls over the information management applications used to track testing and billing information for its laboratories.
As a result of the information technology weaknesses identified, auditors cannot provide assurance that the information in the Department's testing and billing applications is complete or accurate, or that the Department adequately limits access to confidential information to only those individuals who require that access.
Contact the SAO about this report.
Download the Acrobat version of this report. (.pdf)
If you prefer an HTML version, follow this link to an Adobe site which converts PDF files to HTML.