| Organization: | Office of the State Auditor |
|---|---|
| Date published: | April 25, 2023 |
Executive Summary
In accordance with Section 12 of Chapter 11 of the Massachusetts General Laws, the Office of the State Auditor has conducted a performance audit of the Executive Office of Elder Affairs’ (EOEA’s) Protective Services Program for the period July 1, 2019 through June 30, 2021.
In this performance audit, we examined whether EOEA implemented recommendations from our prior audit report (No. 2018-0004-3S), issued October 9, 2018. Specifically, we did the following:
- We determined whether EOEA developed a guidance manual addressing case record documentation practices for referring elder1 abuse reports to district attorneys’ (DAs’) offices to reflect the requirements of Sections 5.18(2)(e) and 5.19 of Title 651 of the Code of Massachusetts Regulations.
- We determined whether EOEA established monitoring controls to ensure that the DA referral process complies with its policies and procedures for reporting incidents of alleged abuse to DAs’ offices.
- We examined whether EOEA had monitored the effectiveness of the Interview for Decisional Abilities (IDA) tool, which is a standardized screening form, when it was implemented in assisting protective service agencies’ (PSAs’) assessments of elders’ decisional capability
- We determined whether EOEA updated its internal control plan (ICP) to address 2019 coronavirus (COVID-19) protocols and whether its employees who had access to COVID-19 funds completed annual cybersecurity awareness training.
Below is a summary of our findings and recommendations, with links to each page listed.
|
Finding 1 |
EOEA did not establish monitoring controls to ensure that all applicable incidents of alleged elder abuse are reported to DAs’ offices. |
|
Recommendation |
While EOEA works to establish a different automated method for monthly queries, it should establish manual monitoring controls to ensure that each person involved in the DA referral process complies with its policies and procedures for reporting incidents of alleged elder abuse. |
|
Finding 2 |
EOEA did not monitor the use of the IDA tool to ensure that its PSAs properly assessed the decisional capacity of elders. |
|
Recommendation |
EOEA should establish a manual review process of the data from the IDA tool forms while it works on enhancements to its system to ensure that its PSAs are properly assessing the decisional capacity of elders. |
|
Finding 3 |
EOEA’s ICP was not updated with a COVID-19 component. |
|
Recommendation |
EOEA should establish policies and procedures, including a monitoring component, to ensure that its ICP is updated when significant changes occur. |
|
Finding 4 |
EOEA did not always ensure that its employees who had access to COVID-19 funds completed cybersecurity awareness training. |
|
Recommendation |
EOEA should develop and implement policies, procedures, and controls to ensure that its employees with access to COVID-19 funds complete EOTSS-compliant cybersecurity awareness training. |
1. Persons who are 60 years old or older are considered elders.
Table of Contents
- Abbreviations
- Overview of the Audited Entity
- Audit Objectives, Scope, and Methodology
-
- The Executive Office of Elder Affairs Did Not Establish Monitoring Controls To Ensure That All Applicable Incidents of Alleged Elder Abuse Are Reported to District Attorneys’ Offices
- EOEA Did Not Monitor the Use of the Interview for Decisional Abilities Tool To Ensure That Its PSAs Properly Assessed Whether a Healthcare Professional Should Evaluate the Decisional Capacity of Elders
- EOEA’s Internal Control Plan Was Not Updated With a 2019 Coronavirus Component
- EOEA Did Not Always Ensure That Its Employees Who Had Access to COVID 19 Funds Completed Cybersecurity Awareness Training