CINDY GONZALEZ
Nebraska Examiner
LINCOLN — A Nebraska state official responsible for overseeing state data security and privacy allegedly submitted duplicate travel reimbursement claims on two occasions for his own financial benefit, according to a new report from the state auditor.
Auditor Mike Foley this week made public his office’s review of reimbursements sought by the state’s “chief information security and privacy officer,” a man whose state employment has since ended.
Identified as Patrick Wright, he worked under the Department of Administrative Services’ Office of the Chief Information Officer. The state information office said it alerted Foley’s office and the Nebraska Attorney General’s Office in December, when it found alleged improprieties.
The Auditor’s Office issued a 24-page report, largely copies of reimbursement forms, and recommendations for improvement to Wright’s supervisors, who said Wright at first was placed on administrative leave and then resigned during the investigation.
Contacted by the Nebraska Examiner, Wright and his lawyer said they were reviewing the auditor’s report and would make a statement at a later date.
Foley said his team did not reach out to Wright for comment or explanation, given that the Attorney General’s Office already was involved. The AG’s Office did not immediately respond for comment.
The auditing team noted that Wright was employed by the state from July 2020 through this February, and was paid about $120,000 when he left.
Foley called the situation concerning.
“That these allegations of financial impropriety are leveled at someone to whom the state’s data security and privacy was entrusted should give everyone pause,” Foley said.
‘Misunderstanding’
According to the auditor’s report, Wright during his tenure and on two separate occasions submitted reimbursement requests to both the state and third-party organizations for the same expenses, using “identical documentation.”
Wright allegedly received about $500 of undue duplicative payments, Foley said. Those were related to an August 2024 work-related trip to Milwaukee.
Foley said the overall amount of alleged undue reimbursements might have been higher, but that it appears Wright sought to rectify a double payment situation a few months later related to a Washington D.C. trip, after officials questioned “suspicious” reimbursement requests.
Wright in January returned a $2,266 check to a third-party organization, explaining in an accompanying letter that there was a “misunderstanding” and the check related to the D.C. trip should be issued to the State of Nebraska rather than to him personally. The letter was included in the auditor’s report.
“In addition to giving rise to concerns regarding possible theft, forgery and even abuse of public records, the putative double-dealing by the former Security and Privacy Officer could implicate him in having violated Nebraska law forbidding use of public office or resources for unauthorized personal gain,” Foley said in a news release.
He said the auditing team’s findings were turned over to the Attorney General’s Office, the Nebraska State Patrol, the Nebraska Accountability and Disclosure Commission and the Lancaster County Attorney’s Office for review.
While employed by the state, Wright also served on the executive committee of the Center for Internet Security’s Multi-State Information Sharing and Analysis Center. The auditor’s report notes that he currently directs Cyber Strong Nebraska, a nonprofit dedicated to enhancing cybersecurity awareness, education and resources within the state.
Recoup funds
Foley said the state information office, directed by Chief Information Officer Matthew McCarville under Administrative Services, cooperated and pledged to take safeguards against similar situations.
The information office’s response included in the auditor’s letter said the agency would try to recoup any funds determined to have been improperly paid and said it would cooperate with any further investigations.
McCarville, in a statement to the Examiner, said his office is dedicated to being a good steward of taxpayer dollars and that prevention of fraud and misuse of public funds remains a top priority.
He said the review led the information office to amend internal policies and to enhance procedures for approving travel expense reimbursement forms.
“Our agency acted quickly to ensure that proper and immediate reporting occurred to the State Auditor and the Attorney General’s Office when this situation came to light,” said McCarville.
