The Legal Examiner Mark The Legal Examiner Mark The Legal Examiner Mark search twitter facebook feed linkedin instagram google-plus avvo phone envelope checkmark mail-reply spinner error close
Skip to main content

The Veterans Administration has begun to take privacy and security more seriously these days. Over the past few weeks, it has installed encryption software onto more than 15,000 laptop computers in an effort to prevent future exposure of sensitive data to possible identity thieves. In May, 2006 a laptop computer containing sensitive personal information about over 26.5 million veterans was stolen from an adminstration employee’s personal residence.

Since that time period, the Veterans Administration appointed a new supervisor of technology and information, Robert Howard, shortly after the laptop theft incident. The Veterans Administration then conducted an agency data risk assessment analysis and determined among other required tasks, that laptop computers need encryption technology to prevent access to sensitive data in the event of theft. The Veterans Administration also offered a checklist of protections and safety steps to minimize risk of future problems:

The encryption measures are only part of the new technology controls being implemented to protect sensitive data at the VA following the May breach, which resulted in the exposure of sensitive data of more than 26.5 million veterans.

Another technology measure already being rolled out at the VA is aimed at managing and restricting the use of Universal Serial Bus storage devices such as memory sticks on department systems, Howard said. The tools allow administrators to control the use of USB devices by simply shutting down the port so that people are not able to “plug in a thumb drive and pull out information,” he said.

The VA is also looking into other tools that will help it “visualize what’s happening with respect to the passing of information” on its networks, Howard said, without elaborating. And it has undertaken several “management” activities such as updating its policy directives for how sensitive data is to be handled by all employees, he said.

Sounds like the Veterans Administration has taken several positive steps to minimize or prevent future problems.

Comments are closed.

Of Interest