Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: security curmudgeon (jerichoattrition.org)
Date: Thu Mar 11 2010 - 15:13:16 CST
[Given the date and description, this sounds like a new / different VA
incident - jericho]
VA investigating security breach of veterans' medical data
By Bob Brewin 03/09/2010
The Veterans Affairs Department's inspector general has launched a
criminal investigation into a physician assistant's alleged downloading of
veterans' clinical data at its Atlanta medical center, sources have told
The assistant allegedly recorded two sets of patient data on to a personal
laptop for research purposes. One set included three years' worth of
patient data and another held 18 years of medical information, according
to a source familiar with the incident and who asked not to identified.
Roger Baker, VA's chief information officer, commented on an item about
the incident that was posted Monday evening on a Nextgov blog that the
physician assistant's laptop was never connected to the VA network and any
data she recorded on her laptop was "hand entered."
But the source told Nextgov the VA inspector general is investigating
whether the assistant used two thumb drives to transfer the data to the
The department has not disclosed the number of patients involved in the
incident, what kind of personal data was copied, or whether it plans to
notify the veterans whose records were downloaded.
VA spokeswoman Katie Roberts said she cannot comment in detail on the
Atlanta breach because it is under investigation. But in an e-mail, she
stated, "VA is committed to protecting the privacy of veterans who have
used our health care facilities. VA's Office of Inspector General is
currently investigating a report that a former VA physician assistant
stored unauthorized clinical data about patients at the Atlanta [VA
medical center] on a personal laptop computer.
Dataloss Mailing List (datalossdatalossdb.org)
Archived at http://seclists.org/dataloss/
Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.