- Membership Conference Call on SAS 112
- Selected June 18 ORD Hotline Call Items
- New On the NAVREF Web Site
- NPC Statute Revisions
- 2007 NAVREF Annual Conference
- Excellent Resources with Free Newsletters
Please plan to
participate in a NAVREF membership conference call on SAS 112 and
internal controls over financial reporting. NAVREF encourages NPCs to
invite their auditors to join them for the call and then to discuss the
implications of SAS 112 for your organization.
Date:
Thursday, June 28, 2007
Time:
12:00 noon East Coast time
Duration:
60-90 minutes
Dial Up:
973-935-2013
Passcode:
586-668 followed by the # sign
Coordination:
If more than one person from your NPC will participate, please make an
effort to coordinate calling in on one line.
Slides and helpful SAS 112 links: Please
go to
http://navref.org/development/Conference_Calls/SAS_112/SAS_112.htm
to download Mr. Prather’s slides. Links to helpful web sites and
materials about SAS 112 are also posted on this page.
Topic: New
internal control standards established in “Statement on Auditing
Standards (SAS) 112, Communicating
Internal Control Related Matters Identified in an Audit” are
catching many organizations by surprise, including some NPCs. The
changes SAS 112 implements are causing an increase in reporting of
internal control deficiencies. This is of particular concern to NPC
executive directors because NPC deficiencies are reported to your board
and to VA, and are reflected in VA’s annual NPC report to Congress.
Learn how SAS 112 now affects interactions with your auditor and make
note of our speaker’s “Top Ten” triggers. With a better understanding
of SAS 112, you will be able to increase your internal controls over
financial reporting and prevent adverse reporting in management
letters.
Speaker:
Andrew Prather, CPA, Principal, Not-for-Profit Services Group, Clark
Nuber P.S.
http://www.clarknuber.com/people/prather-andrew.php
As a Clark Nuber
principal, Mr. Prather works extensively with not-for-profit
organizations and growing businesses. His experience in public
accounting and in the private sector have given him a strong background
in the financial, tax and systems issues that affect these
organizations.
VA
Publishes “Key Points” on Data Security -
On June 4, ORD
replaced its data security FAQs with “Key Points Related to Privacy and
IT Security.” NPCs are encouraged to review the entire document even
though the only item specific to NPCs is the third bullet in Section 7.
This restates longstanding policy:
A VA NPC must follow
all VA and VHA requirements on privacy, IT security, and educational
requirements when it has possession of VA sensitive information or its
employees are engaged in research. Note:
If research subject information goes to the NPCs, the NPC needs a BAA
with VHA unless the informed consent and HIPAA authorization
specifically state that the NPC will receive the information.
VA’s Key Points may be
found at
http://www.research.va.gov/resources/data-security/docs/Key_Points.pdf
SSN
and Case Report Forms
– Statement by Brenda Cuccherini, PhD, MPH (Questions –
Brenda.Cuccherini@va.gov): Normally, veterans’ names and SSNs
should not be sent to pharmaceutical industry sponsors. The case report
forms should instead use a code that would not identify the individual
study subject.
-
If the study
sponsor indicates that there is a specific regulatory requirement
for including names and SSNs, this must be clearly explained by the
sponsor and the regulatory requirement must be verified by either
Regional Counsel OR the VHA Privacy Office.
-
If there are
reasons based on the scientific protocol for including names and
SSNs (e.g., studies that may utilize the National Death Index,
Medicare claims, or other databases requiring name and SSN for data
linkage) then the IRB and the R&D Committee must carefully weigh
this request and consider the benefits that may be derived by the
research subjects and the risks that are inherent in sending this
information outside VA. The protocol must be scientifically sound
and there should be evidence of adequate provisions to protect
subject identifiers.
-
If the IRB does
approve a protocol that would allow the names and SSNs to be sent to
the sponsor, the informed consent and the HIPAA authorization must
clearly state that the individual’s medical information includes
name and SSN. These items must also be worded to convey the risks
and the benefits to the subject, as well as the measures that will
be taken to protect the security of the data. Additionally, the
informed consent should specify that neither the VA investigator nor
the Veterans Health Administration will have any control over how
that information will be used after the case report forms are
transferred to the study sponsor.
DOD
Research Funding -
Statement by Dr. Kupersmith: Public Law 110-28, passed last month by
Congress, provided Emergency Supplemental Funding to the Department of
Defense and the Department of Veterans Affairs for FY 2007 and beyond.
The `Defense Health
Program' portion of the law included $331,700,000 for research,
development, test and evaluation, to remain available until September
30, 2008, specifically focused on the treatment of traumatic brain
injury and post-traumatic stress disorder.
VA investigators may
have an interest in applying for funding from this emergency
appropriation, either individually or in collaboration with others. ORD
expects further information including a pre-solicitation announcement to
be issued in the next week or two. Please check the web site for the
DoD’s Congressionally Directed Medical Research Program,
http://cdmrp.army.mil
During recent months, the NAVREF board and staff, as well
as members of the Government Affairs Committee, have been devoting
considerable effort to developing a proposal to revise the NPC
authorizing statute. As discussed briefly during the 2006 Annual
Membership Meeting, the primary objective is to update and clarify the
NPCs’ authorities.
The Office of Research and Development has commented on two versions and
NAVREF recently submitted the latest version and supporting
documentation to the Office of General Counsel for informal review.
NAVREF board members and staff will meet with OGC attorneys in late July
to discuss the proposal. Further updates will be provided as the
proposal evolves.
Please
plan to join your colleagues for the 2007 NAVREF annual conference.
Program Co-Chairs Peggy Hannon and Gayle Lee are working with NAVREF
staff to fine-tune the program which will encompass timely guidance on
NPC management and a workshop on internal controls and fraud prevention.
In early September, conference registration materials will be mailed to
all NAVREF members and 2006 conference attendees. Details follow for
those who wish to make their travel plans early.
Hotel Accommodations and Meeting Sessions:
Marriott Crystal City
at Reagan National Airport (http://marriott.com/property/propertypage/WASCC)
1999 Jefferson Davis
Highway, Arlington, VA 22202
For reservations and
the main switchboard, dial 703-413-5500
For reservations only:
1-800-228-9290. Identify yourself as a “NAVREF 2007 Annual Conference”
attendee when making reservations.
Rate: $199 + tax
(10.25%) $20.40 = $219.40 (based on hotel availability, this rate also
applies two days before and after the conference dates)
Sunday, November 4
3:30 p.m. -
Registration Opens
4:30 p.m. - Special
Session for New NPC Executive Directors Only
6:30 p.m. - Annual
Membership Meeting
7:30 p.m. - Welcome
Dinner
Monday, November 5
7:00 a.m. -
Registration and Continental Breakfast
8:00 a.m. to 5:00 p.m.
- General and Breakout Sessions
5:30 p.m. to 7:00 p.m.
- Networking Reception
Tuesday, November 6
7:00 a.m. -
Continental Breakfast
8:00 a.m. to 5:00 p.m.
– General and Breakout Sessions
Wednesday, November 7
7:00 a.m. -
Continental Breakfast
8:00 a.m. to 1:00 p.m.
– General and Breakout Sessions
1:00 p.m. - Program
Concludes
