IG Report: Veterans Administration Lax in Implementing Database Security Measures
The issue of data secuity at the VA has a direct bearing on the ability of troops to work past the stigma of coming forward for mental health care. If a vet worries about the possibility of his confidential files being breached, they may not be nearly as open to seeking the help they need for worry that their privacy may be invaded. And so, the latest news out of the VA is not heartening.
From the Associated Press:
Veterans Affairs officials wasted millions on a $100 million computer security contract that became a virtual "open checkbook" because of poor oversight and sloppy management, an internal review says. The audit by the VA inspector general brings renewed attention to problems of data security and contract management after the department sustained blistering criticism for its loss of nearly 26.5 million veterans' sensitive personal information last May. ...
In recent weeks, VA officials have faced a fresh round of bipartisan criticism over data security, with auditors telling Congress that gaping holes persist and that most VA data remains unencrypted. At a hearing last month, Maureen Regan, counselor to the VA inspector general, said the department still hasn't fully implemented any of its recommendations from reports dating back to 2001.
The department also hasn't adopted five key recommendations issued shortly after the massive data breach last May involving veterans.
Click on 'Article Link' below tags for more...
Specifics:
According to the findings, the VA:
—Spent more than $35 million for equipment and supplies under the contract that it cannot account for.
—Hastily increased the scope of the contract several times, bringing the total value of the contract from $102.8 million to $250 million with little thought or oversight. "This made the contract an open checkbook ... with little assurance of price reasonableness and no planned funding."
—Did not ensure that the joint venture, VAST, met requirements to qualify as a small business.
—Made overpayments on the contract as high as $8.5 million.
—Did not conduct required background investigations on the contract employees.
 Related Posts