Stony Brook University Hospital’s Health Information Management Department repeatedly failed to comply with state guidelines and university policies related to contracting, vendor monitoring, and hiring or promotions, possibly costing taxpayers nearly $1 million, according to an audit released today by New York State Comptroller Thomas P. DiNapoli.
“This Stony Brook department awarded a contract to a higher bidder, which may have cost taxpayers an extra $955,000,” DiNapoli said. “We also found improper hiring and pay raises for staff and poor contractor monitoring that could put patient privacy at risk. Stony Brook managers need to follow state guidelines and safeguards to protect the community and stop wasting public funds.”
Stony Brook University Hospital is a major public academic and regional medical center on Long Island. As part of Stony Brook University, it is governed by certain federal, state, and State University of New York (SUNY) policies and regulations related to procurement, electronic patient medical records and hiring and promotion practices.
DiNapoli’s auditors found the department repeatedly engaged in inappropriate hiring and promotions. In one instance, an employee hired at an annual salary of $43,000 was promoted twice in a year with a 70 percent salary increase without meeting the position’s minimum qualifications. Six of 24 employees audited had questionable hirings, raises or promotions that were not in compliance with SUNY’s Affirmative Action and Equal Employment Opportunity requirements.
DiNapoli’s audit also found inadequate evidence to support Stony Brook's rejection of the lowest contract bidder for medical records storage and awarding of the contract to SK Inc. at a higher cost of $955,000. The department also failed to properly monitor SK Inc.’s contract payments, leading to overcharges.
In addition, the department failed to properly monitor vendor outsourcing of medical record transcriptions for compliance with the “no off-shore outsourcing” contract clause, which is intended to safeguard patient privacy. Since April 2013, compliance information was provided to Stony Brook by the vendor’s parent company. In essence, the department relied on the vendor to monitor its own contract compliance.
DiNapoli recommended that the department:
- Ensure that employees involved in the procurement process adhere to federal, state and SUNY guidelines;
- Establish a control environment to cultivate fair and competitive hiring and promotional practices and to comply with hospital policies; and
- Properly monitor the SK Inc. contract to ensure that payments are made only for necessary services that are actually rendered, without duplicate billings
Stony Brook’s department agreed to some of the recommendations to improve contract monitoring and add training on hiring and promotion procedures. Its full response is included in the audit.
For a copy of the audit, visit: http://www.osc.state.ny.us/audits/allaudits/093014/12s38.pdf