Veterans Affairs control of property and personal data (this is stuff they have been required to secure for years, but never seemed to get a handle on it, and seem to be getting worse.)
http://www.gao.gov/htext/d071100t.html
The VA: still not doing its job for those
who did their job of keeping America safe.
Not a new problem - headline from two years ago:
Weaknesses Persist at Federal Agencies Despite Progress
Made in Implementing Related Statutory Requirements
http://www.gao.gov/htext/d05552.html
And they are not alone. The two year old document states:
Pervasive weaknesses in the 24 major agencies' information security policies and practices threaten the integrity, confidentiality, and availability of federal information and information systems.
And this document says:
http://www.gao.gov/htext/d07935t.html
Federal agencies have recently reported a spate of security incidents that put sensitive data at risk. Personally identifiable information about millions of Americans has been lost, stolen, or improperly disclosed, thereby exposing those individuals to loss of privacy, identity theft, and financial crimes. The wide range of incidents involving data loss or theft, computer intrusions, and privacy breaches underscore the need for improved security practices.
Well, this stuff has been going on for some time now. Five years since the Federal Information Security Management Act of 2002 was passed, and 33 years since the Privacy Act of 1974 began to require protection (among other things) of personal data. http://www.epic.org/privacy/hew1973report/c4.htm
No comments:
Post a Comment