Government Computer News
VA may need to create claims process: Buyer
Digg
De.licio.us
Slashdot
TechnoratiMore on this topic from GCN
VA data files on millions of veterans stolen
OMB to agencies: review personal data protections
VA outlines data security upgrades
VA changes staff over data theft
When data walks
VA loss renews calls to update Privacy Act
How do you defend yourself against 'good' employees?
Active-duty personnel at risk from VA data breach
VA may need to create claims process: Buyer
House panel delves into VA data breach
Subcontractor put VA health records at risk: IG
"The government has breached a fiduciary responsibility. We were the custodians of the information that was lost and we now need to mitigate this loss, protect veterans and right the wrongs of the VA IT system," said House Veterans Affairs Committee Chairman Steve Buyer (R-Ind.). VA has to prepare to mitigate any damage to veterans if their information is sold, he added.
“That means I might have to create a claims adjudication process, similar to what the military does,” Buyer told reporters today after a closed roundtable discussion with industry, VA and Government Accountability Office IT representatives about VA’s data security.
VA would have to gain authority for a claims process from Buyer’s committee, which also would help shepherd the request for appropriations for it.
Major industry organizations—including Citigroup, Visa, the American Bankers Association and EMC Corp.—advised about how to handle security braches and mitigate the damage, “and equally important, what is the architecture of your IT,” Buyer said.
All of the companies centralize their IT architecture, Buyer said. They have lines of authority, and the CIO has responsibility over personnel, hardware and software development. They talked about the importance of policies for the internal controls, which allow access but prevent information from being exportable.
VA has begun reorganizing its IT structure around a modified centralized model, called a federated model. The department CIO has budget and management authority over personnel and hardware, but not software development. That remains with VA’s benefit, health care and burial administrations.
“The problems over the years in VA have been on the software development side,” he said.
His committee will hold four hearings this month on the VA data theft and security:
- June 14, with the VA IG and GAO to review previous cyber security recommendations
- June 22, with academic and industry experts to speak on operational aspects f IT security and the VA general counsel invited to testify on legal implications
- June 28, to consider the role of VA’s CIO and the department’s Office of Information and Technology
- June 29, VA Secretary Jim Nicholson to testify.
| |||
| Latest News |  WashingtonTechnology.com |
FCW.com |
|
GCN.com
The latest technology news from GCN.com
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
 |
![1105 Government Information Group [valor]](/images/1105logo_website.gif "Government Computer News [valor]")
© 1996-2008 1105 Media, Inc. All Rights Reserved.
