BreachExchange mailing list archives
VA investigating security breach of veterans' medical data
From: security curmudgeon <jericho () attrition org>
Date: Thu, 11 Mar 2010 21:13:16 +0000 (UTC)
[Given the date and description, this sounds like a new / different VA incident - jericho] http://www.nextgov.com/nextgov/ng_20100309_9888.php VA investigating security breach of veterans' medical data By Bob Brewin 03/09/2010 The Veterans Affairs Department's inspector general has launched a criminal investigation into a physician assistant's alleged downloading of veterans' clinical data at its Atlanta medical center, sources have told Nextgov. The assistant allegedly recorded two sets of patient data on to a personal laptop for research purposes. One set included three years' worth of patient data and another held 18 years of medical information, according to a source familiar with the incident and who asked not to identified. Roger Baker, VA's chief information officer, commented on an item about the incident that was posted Monday evening on a Nextgov blog that the physician assistant's laptop was never connected to the VA network and any data she recorded on her laptop was "hand entered." But the source told Nextgov the VA inspector general is investigating whether the assistant used two thumb drives to transfer the data to the laptop. The department has not disclosed the number of patients involved in the incident, what kind of personal data was copied, or whether it plans to notify the veterans whose records were downloaded. VA spokeswoman Katie Roberts said she cannot comment in detail on the Atlanta breach because it is under investigation. But in an e-mail, she stated, "VA is committed to protecting the privacy of veterans who have used our health care facilities. VA's Office of Inspector General is currently investigating a report that a former VA physician assistant stored unauthorized clinical data about patients at the Atlanta [VA medical center] on a personal laptop computer. [..] _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- VA investigating security breach of veterans' medical data security curmudgeon (Mar 11)