Deja vu all over again at Veterans Administration
Another breach for an agency that's prone to them
Computerworld - In what's become a fairly familiar routine for them of late, the U.S. Department of Veterans Affairs is investigating a potential data breach -- the theft of three computers containing personal data on potentially 12,000 individuals.
Two desktop PCs and one laptop containing that data were stolen from a VA medical facility in Indianapolis -- ironically enough, on Veterans Day. The records belong to patients who were treated at the hospital and include Social Security numbers and other personally identifiable information.
"It appears from this most recent breach that there are still some in the VA, even some responsible for the security of such data, who don't realize the importance of the security of the names and data of our veterans," U.S. Rep. Steve Buyer (R-Ind.) said in a prepared statement.
According to Buyer, the VA notified his office of the breach on Thursday and is working to ascertain the names and data of the people who might have been affected by the theft.
Buyer was the chairman of the House Committee on Veterans' Affairs until the Democrats took control of Congress last year. As chairman, he held 16 hearings on IT issues at the VA, eight of which were specifically on security. The hearings were designed to identity the issues that led to the loss of a laptop and hard disk containing personal data on more than 26.5 million veterans in May 2006.
That incident led to a sweeping overhaul of the VA's IT organization and more direct power being bestowed on the office of the CIO to make needed security changes.
"It is inexcusable that the VA repeatedly fails to comply with its own policy to safeguard veterans' personal information," Buyer said in his statement. He added that the agency needs to provide full credit monitoring to all those affected by the latest breach.
The theft at the Richard L. Roudebush VA Medical Center in Indianapolis is the latest in a string of similar incidents that have occurred at the VA before and after the massive data breach brought the agency's security shortcomings to light.
Last January, an IT specialist at a VA medical center in Birmingham, Alabama, reported as missing (download PDF) a hard disk containing personal data on more than 250,000 veterans and an additional 1.3 million medical providers.
In August of last year, at the height of the uproar over the May breach, the VA disclosed that Unisys Corp., a subcontractor hired to assist in insurance collections for VA medical centers in Pittsburgh, had reported a missing computer containing personal data on over 16,000 veterans.
- Troubleshooting Common Issues in VoIP Learn more about Voice over Internet Protocol (VoIP), including common VoIP metrics used, best practices in VoIP management and tips and tricks for...
- 2013 Network Management Software (NMS) Buyers Guide This white paper contains an independent comparison study of six different network management solutions and provides guidance on how you can choose the...
- Rightsizing Your Network Performance Management Solution: 4 Case Studies This white paper discusses challenges encountered as organizations search for the most cost-effective network performance management solution.
- Global Growing Pains: Tapping into B2B Integration Services to Overcome Global Expansion Challenges A recent survey by IDG Research explored both the challenges and pain points companies face when growing globally, as well as the capabilities...
- E-Signature RFP Checklist Webcast If your organization is looking to adopt e-signatures, you may be overwhelmed by the number of providers that offer seemingly similar solutions. How...
- Cloud and Collaboration: Driving Your Business Value Mission Critical Cloud from Peer 1 Hosting is enterprise-grade. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!