Department of Justice (DOJ) Inspector General Michael E. Horowitz announced today the release of a report examining the Drug Enforcement Administration’s (DEA) Laboratory Information Management System (LIMS) support contracts. From 2010 to 2019, DEA’s LIMS was supported by contracts with Abbott Informatics (Abbott) totaling over $35 million. DEA sought to use Abbott’s commercial, off-the-shelf LIMS software to create a seamless, paperless environment for its forensic laboratories and consolidate several legacy systems and processes. In 2018, DEA reassessed its future use of and reliance on Abbott’s LIMS product. The DOJ Office of the Inspector General (OIG) reviewed the administration of a sole-source “bridge” contract extension awarded to Abbott in 2019, as well as the DEA’s acquisition planning for a $6.4 million follow-on contract awarded to a different contractor in 2020.
The OIG’s audit found that DEA’s acquisition planning process for the 2020 software solicitation was marked by repeated delays that contributed to the DEA having to award the bridge contract to Abbott, and then having to extend it from 6 months to 1 year, at a total cost of $1.97 million. Missed opportunities for process improvements from prior acquisitions, scattered planning documents, inattention to lead times, and inconsistent communication between member offices of the LIMS acquisition planning team significantly contributed to the delays and additional expenses for the software purchases.
The report also details additional concerns, including:
- Safeguarding Forensically-Derived Information. Not all DEA laboratory workflows were LIMS-integrated, and updates and customizations to the baseline LIMS software largely focused on only one of three laboratory end user groups. Consequently, some of these laboratory personnel reported using external storage devices, such as flash drives and CDs, to transfer sensitive data from scientific instruments and computers to LIMS via DEA’s Intranet, and in some cases provided agents unencrypted working copies of the evidence for court testimony. Some of these laboratory personnel also purchased and used the flash drives without their supervisors or Headquarters knowledge and approval, which we believe leaves the DEA’s network vulnerable to data loss, insider threats, and malware.
- Contract Administration. Although the DEA’s Contracting Officer (CO) delegated the responsibility of overseeing day-to-day contract activities to the Contracting Officer’s Representative (COR), DEA Information Systems Division officials assigned the responsibility of monitoring contract technical performance to “product owners” without the CO’s knowledge. These product owners were not trained on their authority and responsibilities, as required by both DEA and DOJ internal policies. DEA contracting officials’ lines of communication were affected by the improper delegations, which created a weak oversight environment characterized by inaccurate billing and payments, insufficient performance monitoring, and untimely and distorted performance evaluation and reporting. The OIG alerted the DOJ of concerns related to contract administration in a Management Advisory Memorandum issued in July 2020.
- Noncompliance with Whistleblower Protections. DEA did not ensure that Abbott informed contract workers of their whistleblower rights, conceivably undermining the contract workers’ ability to make timely disclosures to the DEA about multiple data anomalies encountered in 2018 after a lengthy system migration, ultimately contributing to the DEA’s need to award the 2019 bridge contract to Abbott. The OIG alerted the DOJ of concerns related to noncompliance with whistleblower protections in a Management Advisory Memorandum issued in February 2021.
Today’s report made eight recommendations to assist the DEA in improving its contract planning, administration, and oversight practices. The DEA agreed with all eight recommendations. Abbott elected not to provide a written response to the report.