New report on recent VA breaches identifies one contractor
Tom Spoth reports:
More than 3,800 veterans had their personal information compromised last month in two data breaches that have led to renewed criticism of the Veterans Affairs Department’s data security.
On April 22, an unencrypted laptop belonging to VA contractor Heritage Health Solutions was stolen from a vehicle, compromising the records of more than 600 veterans, Rep. Harry Mitchell, chairman of the House Veterans’ Affairs subcommittee on oversight, said at a hearing Wednesday.
And on April 24, a log book vanished from a medical lab that contained the records of 3,265 veterans.[…]
Heritage Health Solutions has 69 contracts with VA, and 25 of those don’t have clauses requiring personal data to be encrypted, said Rep. Steve Buyer, R-Ind. A VA spokeswoman said 14 of Heritage’s contracts involved VA facilities affected by the theft, and 12 of those had information-security clauses.[…]
VA may terminate Heritage’s contracts as punishment, said Jan Frye, the department’s deputy assistant secretary for acquisition and logistics. Other options include: writing a negative performance review of the company and putting that into a federal database, or suing Heritage for damages in federal court, Frye said.
Read the full story in the Airforce Times.
We still do not have the name of the other contractor as of the time of this posting.