Free Newsletter
HOT TOPICS >> Cloud computing | Cybersecurity | Gov 2.0 | Fiscal 2013 | Mobile | Transparency | GAO reports
AGENCY NEWS >> Defense | NASA | Homeland Security | NIST | OMB | Veterans Affairs | NARA | GSA
Latest News
Media Partner
Free Newsletter
FierceGovernmentIT tracks the latest technological developments in the U.S. government. Join more than 17,000 federal/state decision makers and IT executives who get FierceGovernmentIT via email. Sign up today!
About | View Sample | Privacy
Whitepapers
- Cloud Computing: Threat or opportunity for VARs and MSPs? Special focus on cloud collaboration and messaging
- Innovative Solutions for Database and DBA Management
- The Top 4 Reasons Your Telecom Expense Management Provider Shouldn't Manage Your Wireless
- Storage Consolidation: Best of Both Worlds
- Efficiency On Demand
- Virtual Game Changer
VA reviews FOIA process after veteran record breach on Ancestry.com
The Veterans Affairs Department mistakenly exposed more than 2,200 veteran records containing names, birthdates and social security numbers when it responded to a Freedom of Information Act request from family history website Ancestry.com.
The website requested a deceased veterans database containing information on 14.7 million individuals, said VA Chief Information Officer Roger Baker during a Jan. 25 press call. The massive database, which is managed by the Veterans Benefits Administration, pulls from a variety of sources and occasionally living veterans are accidentally added to the file due to an erroneous report.
According to Baker, VBA was aware of inconsistencies in the database and made a practice of cross-checking information; Veterans Health Administration, however, fielded the FOIA request and was unaware of the databases' weaknesses.
The personally-identifiable information of living vets were accessible through Ancestry.com for 8 months, before it was discovered by the daughter of a living vet, said Baker. Ancestry.com immediately removed all 14.7 M records and VA has since identified the living vets for removal from the database and sent letters offering credit monitoring to the affected individuals.
"This is a case of the information necessary to avoid this was known in the organization but [not to those who] processed and released [it]," Baker said.
Baker said VA will promote broader internal communications for large-scale FOIA requests.
"We have put in place, as part of our internal notification--our daily notification on issues--that any significant FOIA disclosures will be included in that notification to try to make certain it gets out fairly broadly and everyone has a chance to raise a hand if there's a reason not to do that," said Baker.
While he hopes better communication will prevent such breaches from recurring, he also said he does not want this event to create a closed environment at VA.
"The last thing I want to do is start second guessing our folks that we're asking to be as disclosive and transparent as possible, and start pushing them back in the other direction," Baker added.
For more:
- listen to the press call
- see the VA press release on the breach
Related Articles:
State health departments using Social Security numbers as identifiers, finds audit
DHS defends passenger data collection amid E.U. privacy concerns
5.4 million affected by health data breaches in 2010, says HHS
SHARE WITH:
Home
| Subscribe | Advertise | Mobile Edition | RSS |
Privacy
| Site Map
| EditorsTHE FIERCEMARKETS NETWORKFierceEnergy | FierceSmartGrid | FierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceHealthPayer | FiercePracticeManagement | FierceEMR | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceGovernment | FierceHomelandSecurity | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceMedicalDevices | FierceDrugDelivery | FierceCRO | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceEnterpriseCommunications | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe | FierceCable© 2012 FierceMarkets. All rights reserved. |
 |
