VA Hopes Data Thieves Are Stupid

from the one-way-to-protect-data dept

While there's been plenty of talk about how a VA employee brought lots of confidential personal data home with him only to have it all stolen in a burglary, some are noticing that the VA's response has been a bit odd. While they're giving the standard talk about how you should check your credit reports and watch for any suspicious activity, they're also going around and telling people they probably shouldn't worry because the thieves probably have no idea what they stole. Of course, now that they're blasting it all over the internet, perhaps the crooks will be alerted to what they stole. Either way, it seems like a pretty weak response to not protecting the data.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Not A Saint, 23 May 2006 @ 10:11pm

    Better practices are sometimes hard learned

    I'm one of those veterans on the list and I am quite concerned. I've worked very hard to ensure I have good credit and a fair, though late, start at a decent retirement. However, I also know to monitor my credit on a regular basis and communicate with the credit reporting agencies immediately if something seems out of place. I learned that the hard way already so this will just be an ongoing trial for me.

    As for the VA. This is a hard lessoned learned and it will assuredly cause them some PR problems that will be an uphill battle to remedy. I've worked with quite a few banks and insurance companies over the years that understand just how valuable their customer data is. There are certain standards and regulatory compliance requirements that they are generally very strict about maintaining. The government, in general, is supposed to follow the same strict guidelines and is usually very protective of personal data. What this tells me is that the VA allowed a breach of compliance with certain standards and that they need a very serious audit and re-vamp of their data management processes.

    The only data a developer should ever be allowed to see, let alone copy, should be dummy data provided for the purpose of testing. Never the actual data...

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown for basic formatting. (HTML is not supported.)
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.