Fort Belvoir, Va. –
HealthNet Federal Services, Inc. (HNFS) and its corporate parent, Centene Corporation, has agreed to pay over $11 million to settle False Claims Act violations. Claims alleged HNFS falsely certified compliance with cybersecurity requirements under its contract with the DoD. The contract required strict adherence to cybersecurity requirements, including timely vulnerability scanning, remediation of security flaws and adherence to access controls and firewall protections for the Defense Health Agency’s (DHA) TRICARE program for service members and their families. From 2015 to 2018, HNFS allegedly failed to meet these requirements and continued certifying compliance with the contract in reports to DHA despite internal and third-party audit reports flagging these risks.
DCAA Operations Investigative Support Division (OIS) auditors played a crucial role in the investigation providing expertise examining contract terms, modifications and compliance history. OIS auditors uncovered discrepancies in audit files, procurement records and other key documents during their examination. OIS auditors supported the Defense Criminal Investigative Service (DCIS) Cyber Field Office, the DoD Inspector General’s Cyberspace Operations Directorate and the Defense Industrial Base Cybersecurity Assessment Center to hold HNFS accountable and protect the government from fraud, waste and abuse.
DCAA plays a pivotal role providing audit and financial oversight to protect the DoD and stretch finite resources to ensure the warfighter has the necessary resources to achieve their mission.
Read the press release for more information.