Posted on 06/08/2006 5:34:32 PM PDT by SandRat
WASHINGTON, June 8, 2006 – The Department of Veterans Affairs is revamping its data security procedures following last month's theft of a VA laptop computer that contained personal information of veterans and military personnel still in uniform, the secretary of the VA told a congressional committee today. "We will stay focused on these problems until they are fixed," said R. James Nicholson during hearings before the House Committee on Government Reform. "We will take direct and immediate action to address and alleviate affected people's concerns. We are accountable to our nations veterans and servicemembers."
On May 3, the Montgomery County, Md., home of a 34-year VA employee was burglarized and a laptop and hard drive containing personal data of 26.5 million veterans and more than 2 million active-duty, Guard and Reserve members, was stolen. The laptop also contained some spousal and dependent information. The data included birth dates and Social Security numbers, VA officials said.
The stolen laptop did not contain any health records, Nicholson said.
Clay Johnson, the White House's Office of Management and Budget deputy director for management, referred to the incident as an "unprecedented security breach."
The concern is that the information could be used for nefarious acts such as identity theft. There have been no reports of ill-use thus far.
The area where the robbery occurred has witnessed a recent spate of home burglaries and officials do not think the data on the laptop was the target. "We remain hopeful that this was a common, random theft and that no use will be made of this data," Nicholson said.
The VA employee, who worked as a data analyst, was not authorized to bring the information home.
"I am totally outraged at the loss of this data and the fact that an employee would put so many people at risk by taking it home in violation of existing VA policies," Nicholson said. "I've never been so disappointed and angry at people."
Nicholson outlined various ways the VA is working to prevent such an incident from happening again.
"I have initiated several actions to strengthen our privacy and data security programs," he said. "On May 24, we launched the data security, assessment and strengthening program, a high-priority focus plan to strengthen our data privacy and security procedures."
Also, all VA employees must complete privacy and cyber security training by June 30. A task force of senior VA leadership was put together to review all aspects of information security and assess which employees need access to certain data, and the agency has suspended the practice of allowing veterans benefits employees from removing claimant files from agency work areas.
During the week of June 26, VA facilities across the country and in Guam and Puerto Rico will take part in security awareness training. "Every hospital, clinic, regional office, national cemetery, field office, and our central office will stand down for security awareness week," Nicholson said.
The VA is also going through a security review to make sure its anti-virus software is updated and current, and will remove all unauthorized programs and software from employee computers.
Another issue raised by Nicholson during today's hearing was the difficulty in punishing misconduct.
"I believe the policies we have and the legislation under which they are promulgated is generally adequate. But it is too hard in my opinion to discipline people in the civil service," he said. "I think we should consider putting ... teeth into an enforcement mechanism for careless and negligent handling of personal information."
Another issue he raised was the lack of repeated background checks. He said the employee who had his laptop stolen had not had a background check in 32 years.
"This has been a painful lesson for us as the VA," Nicholson said. "Ultimately our success in changing this is going to depend on changing the culture. And that depends on our ability to change the attitudes of our people. It's our duty to do this."
The VA has set up a manned call center that veterans and active-duty personnel can call to get information about the situation and learn more about consumer identity protections. The toll-free number is 1-800-FED-INFO (333-4636).
Latest on the VA records theft.
Meanwhile, back at the ranch, the horses have departed for the next county. I guess it still doesn't hurt to close the corral gate though. What the heck.
Yep there's still all those records from before '74 that didn't get stolen.
Apparently, providing adequate security of the personal data of 26 million veterans wasn't much of a concern before. Our government is so freaking stupid.
Cross linking bump thread:
http://www.freerepublic.com/focus/news/1636391/posts
Key Data on Millions of Veterans Stolen!
I wish I fell in that bracket. I just hope the morons who stole this stuff are too stupid to figure out what they've got. Hopefully, English is their "second language" and they just took whatever they took so they could hawk it at some pawn shop.
I still want to know is that DUMB BASTARD still working at the VA. How can some one that has worked for the govt. that long puyll something so stupid. Five will get you ten they will show up being used by ILLEGALS.
That should already be a daily practice. The Director of IT should be fired. However, that never happens in the government. The only way to get him out is to promote him .
No, he was fired. His manager quit.
I feel the same way. What is the number? 26 million? I'm sure some government guy really needed to take information on 26 million vets home at night. Right after this stuff was made public, I read somewhere that his house had been broken into previously. I wonder what the guy's I.Q. is. This really ticks me off.
BTTT
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.