What a fine job our Veterans' Administration is doing, yes? $185,500,000 worth of a fine job, at your expense.
With all the brouhaha over the stolen laptop & hard drive, will the hatchet fall, at all?
Even if you are not are not now and have never been a member of the military, this is of concern to you. And the director of the VA actually had the nerve to LIE to Congress during the initial stages of the investigation.
Here's a few facts: the employee who had taken the equipment home reported the theft within hours, to local police. The director (Nicholson) was not notified for WEEKS. The affected veterans had to wait even longer to find out that their information was compromised. During the investigation, Nicholson testified (under oath? not really clear) to Congress that the information was minimal, involved only a small percentage of veterans, and contained only name & SSN; and that the employee was not authorized, and had been fired. After the numbers and the stories and testimonies and excuses have been juggled about and changed numerous times over the last few weeks, it turns out that:
The information, in fact, had all VA information on EVERY service member since 1975 EXCEPT the actual medical record. That includes some very sensitive, personally identifying information. The service members affected included approximately 24.3 million veterans, 1.1 million active duty personnel, 430 thousand national guard, and 645 thousand reservists. Three documents have been obtained, showing that the employee did, in fact, have authorization to take the computer equipment and the database home with him... since 2002. Nicholson claims he has not seen these documents, but ya know, if I was director of the VA, that's the FIRST thing I would have done before I testified before Congress... ask questions and get documents. He willfully lied, as did some of his subordinates. The guy in charge of IT security for the VA has resigned.
The cost? This is where you come in, dear taxpayers... so far, $185.5 million dollars allocated to unfuck the situation. $160.5 million for credit monitoring for affected persons, and $25 million to operate a call center.
So far, it seems that everyone involved is just wiping their collective brows, and saying "whew, that was a close one. everything is just fine, now that we have the computer & hard drive back." Uh, excuse me, but that's not nearly enough. Don't some heads need to roll, including Nicholson for lying to congress, the employee's supervisor for illegally authorizing him to have that information & equipment outside the office, the IT security supervisor for not putting a stop to it in 2002? His claims were that he was so overworked. How's this for a tidbit of wisdom? With that $185.5 million dollars, they could have hired more personnel if needed, rather than overworking some to the point of exhaustion and requiring others to do at-home overtime with such sensitive data? If they didn't have the money to hire more personnel when they couldn't get the job done with what they had, what makes anyone think that the money will suddenly appear, now, with the damage already done? It is always so much easier to prevent a problem like this than to fix it.
Ok, enough rant, I guess I should do as everyone else will do, and say "well, it happened, we can't do anything now. let's just leave everything as it is, maybe if we close our eyes and cross our fingers, it won't happen again."
With all the brouhaha over the stolen laptop & hard drive, will the hatchet fall, at all?
Even if you are not are not now and have never been a member of the military, this is of concern to you. And the director of the VA actually had the nerve to LIE to Congress during the initial stages of the investigation.
Here's a few facts: the employee who had taken the equipment home reported the theft within hours, to local police. The director (Nicholson) was not notified for WEEKS. The affected veterans had to wait even longer to find out that their information was compromised. During the investigation, Nicholson testified (under oath? not really clear) to Congress that the information was minimal, involved only a small percentage of veterans, and contained only name & SSN; and that the employee was not authorized, and had been fired. After the numbers and the stories and testimonies and excuses have been juggled about and changed numerous times over the last few weeks, it turns out that:
The information, in fact, had all VA information on EVERY service member since 1975 EXCEPT the actual medical record. That includes some very sensitive, personally identifying information. The service members affected included approximately 24.3 million veterans, 1.1 million active duty personnel, 430 thousand national guard, and 645 thousand reservists. Three documents have been obtained, showing that the employee did, in fact, have authorization to take the computer equipment and the database home with him... since 2002. Nicholson claims he has not seen these documents, but ya know, if I was director of the VA, that's the FIRST thing I would have done before I testified before Congress... ask questions and get documents. He willfully lied, as did some of his subordinates. The guy in charge of IT security for the VA has resigned.
The cost? This is where you come in, dear taxpayers... so far, $185.5 million dollars allocated to unfuck the situation. $160.5 million for credit monitoring for affected persons, and $25 million to operate a call center.
So far, it seems that everyone involved is just wiping their collective brows, and saying "whew, that was a close one. everything is just fine, now that we have the computer & hard drive back." Uh, excuse me, but that's not nearly enough. Don't some heads need to roll, including Nicholson for lying to congress, the employee's supervisor for illegally authorizing him to have that information & equipment outside the office, the IT security supervisor for not putting a stop to it in 2002? His claims were that he was so overworked. How's this for a tidbit of wisdom? With that $185.5 million dollars, they could have hired more personnel if needed, rather than overworking some to the point of exhaustion and requiring others to do at-home overtime with such sensitive data? If they didn't have the money to hire more personnel when they couldn't get the job done with what they had, what makes anyone think that the money will suddenly appear, now, with the damage already done? It is always so much easier to prevent a problem like this than to fix it.
Ok, enough rant, I guess I should do as everyone else will do, and say "well, it happened, we can't do anything now. let's just leave everything as it is, maybe if we close our eyes and cross our fingers, it won't happen again."
