Thursday, October 23, 2008

Data Loss Jeopardizes Prosecutions

Posted by Mark Brousseau

An interesting article from today's Dallas Morning News:

Computer crash hinders Texas Attorney General's Medicaid fraud case

Thursday, October 23, 2008
By EMILY RAMSHAW and ROBERT T. GARRETT
The Dallas Morning News

AUSTIN – A massive computer crash that destroyed hundreds of the state attorney general's confidential documents may prevent scores of Medicaid fraud prosecutions and has revealed serious problems with a newly expanded state outsourcing of computer services.

As much as 50 percent of the Tyler Medicaid fraud division's files were destroyed in July when a server being repaired by a state vendor wouldn't restart. The scope of the damage is in dispute.

In an apparent oversight, the documents lost were not backed up – meaning that evidence crucial to convicting dishonest health-care providers who ripped off the state's health insurance program for the poor may never be recovered. E-mails and other records obtained by The Dallas Morning News indicate some Tyler investigators lost up to 90 percent of their open case files.

"In spite of earlier assurances, the destruction of critical data has, in fact, occurred," First Assistant Attorney General Kent Sullivan wrote Monday in an e-mail to Brian Rawson, chief of the Department of Information Resources. Attorney General Greg Abbott's office "cannot afford to risk a reoccurrence of this event."

Lost: 8 months of work
In all, 81 criminal cases and eight months of work in the attorney general's 13-person Tyler Medicaid fraud office were completely lost, according to an attorney general's report on the security breach – records that are being painstakingly recovered by the vendor.

IBM, which leads a vendor group selected by the information resources department in the $863 million, seven-year outsourcing deal, said it still is investigating the matter.

"We do take this incident seriously, and we're taking appropriate steps to ensure that it doesn't occur again," company spokesman Jeff Tieszen said.

Mr. Tieszen said IBM-hired data recovery specialists have reassembled 24 of 27 lost gigabytes of information – 88 percent of the lost data.

State officials said that they couldn't confirm that figure and that their latest estimates remain at 50 percent.

The Medicaid fraud data loss is the worst problem to surface in the first 18 months of the state's deal with the IBM-led group – and further blemishes a privatization push throughout state government that grew rapidly after Republicans gained control of the Legislature six years ago.

In April 2007, Mr. Abbott's office was forced to switch to the outsourced system. It gave "Team for Texas," the vendor group, lead responsibility for the attorney general's information technology system, including its servers and backup tapes.

The change was supposed to provide better service and save money. But early this year, the attorney general's office and the IBM-led group had a series of communications breakdowns over whether data was actually being backed up.

In a May e-mail, Sean Peterson, Mr. Abbott's director of network operations, appeared to have a premonition, raising doubts about whether remote office servers were being properly maintained. He also asked for a list of all the backups that had failed in the last three weeks.

"I am concerned that these are not being backed up properly," he wrote.

Lag in reporting
On July 21, the Tyler server wouldn't restart. Alarms weren't raised immediately; memos in the attorney general's office say the vendor didn't notify Mr. Abbott's office of the problem until 10 p.m. on July 22.

But as initial efforts to retrieve the records failed – and attorney general's office employees realized that IBM had "not routinely backed up the server as required by contract" – memos show that both the state and the contractor realized the gravity of the situation.

By late July, IBM had to call in a special forensics team from California to try to recover documents. And the data losses were so severe that employees in Mr. Abbott's office questioned in e-mails to each other whether they should resign for failing to properly oversee IBM, according to records obtained by The News.

Shortly after the Tyler office's data loss, documents indicate the attorney general's office determined that servers for three other field offices were not being backed up, either.

In Monday's e-mail, Mr. Sullivan wrote that he needed a guarantee "that no state agency will again be faced with the situation of having data destroyed and functionally irretrievable."

There have been other highly publicized problems with big outsourcing pushes by the Health and Human Services Commission – one that created privately run call centers and maintained software to support eligibility screening for public assistance, and another that privatized payroll and hiring at 12 social services agencies.

In 2005, the Legislature and Gov. Rick Perry, building on an earlier outsourcing of state computer services and data backups, approved a measure forcing at least 15 state agencies to join a dozen that already were using an earlier vendor, Northrop Grumman Corp.

A new, expanded outsourcing deal with Team for Texas – the current provider – was struck in November 2006 and took effect in April 2007.

The deal, expected to save the state $153 million by 2013, has attracted little public attention because even though more than 500 state employees lost their jobs, about 40 percent found other state positions and the rest were guaranteed spots with IBM or its subcontractors Unisys, Xerox and Pitney Bowes.

In July, though, state Auditor John Keel criticized the information department for not riding herd on major state agencies. Though agencies were supposed to hand over to IBM their most knowledgeable and experienced computer technicians, many kept those workers by using them to fill other vacancies, Mr. Keel's audit said.

No comments: