Stolen VA Laptop Contains Veterans' Personal Data
A laptop belonging to a contractor working for the Veterans Affairs Department was stolen earlier this year and the personal data on hundreds of veterans stored on the computer was not encrypted, a violation of a VA information technology policy, said the top-ranking Republican on the House Veterans Affairs Committee.
Nextgov.com reported the VA reported the theft of the laptop from an unidentified contractor to the committee on April 28 and informed members the computer contained personally identifiable information on 644 veterans, including data from some VA medical centers' records, according to a letter Rep. Steve Buyer, R-Ind., sent to VA Secretary Eric Shenseki.
The data was not encrypted, which would have prevented a thief from accessing the information, a requirement Congress and VA issued to all department contractors in 2006 after a laptop containing health data on more than 26 million veterans and their spouses was stolen from a VA employee's home. That laptop later was recovered.
After learning about the unencrypted laptop, Buyer investigated how many VA contractors might not be complying with the encryption requirement and learned that 578 vendors had refused to sign new contract clauses that required them to encrypt veteran data on their computers, an apparent violation of rules.
Buyer told Shinseki that his staff also had uncovered another recent theft of an unencrypted laptop from a separate contractor that he did not identify. This vendor had 69 contracts in more than half of the department's 21 regional medical networks operated by the Veterans Health Administration, and 25 of those contracts, more than a third, did not have a clause that required data be encrypted. To read more, click here.
Join the Discussion
The National Journal Group has the right (but not the obligation) to monitor the comments and to remove any materials it deems inappropriate.
Comments powered by Disqus