Federal Times reports on Veterans Affairs (VA) facilities found in violation of the department's policy that no patient information be stored on systems outside its firewalls. The most recent incident involved personal information on 878 patients--including patients' full names, dates and types of surgery and last four digits of their Social Security numbers. The data had been shared between VA employees via an online calendar since 2007, and the breach was detailed in a November report to the U.S. Congress. The VA is looking at ways to bring such online tools inside its firewall, the report states, as part of ongoing steps to improve security and privacy.
If you want to comment on this post, you need to login.