Attention A T users. To access the menus on this page please perform the following steps. 1. Please switch auto forms mode to off. 2. Hit enter to expand a main menu option (Health, Benefits, etc). 3. To enter and activate the submenu links, hit the down arrow. You will now be able to tab or arrow up or down through the submenu options to access/activate the submenu links.
Graphic for the Veterans Crisis Line. It reads Veterans Cris Lins 1 800 273 8255 press 1
 

Office of Public and Intergovernmental Affairs


VA Update on Missing Hard Drive in Birmingham, Ala.

February 10, 2007

Printable Version


Investigation Yielding Additional Information 

WASHINGTON -- The Department of Veterans Affairs (VA) today issued an update on the information potentially contained on a missing government-owned, portable hard drive used by a VA employee at a Department facility in Birmingham, Ala.

“Our investigation into this incident continues, but I believe it is important to provide the public additional details as quickly as we can,” said Jim Nicholson, Secretary of Veterans Affairs.  “I am concerned and will remain so until we have notified those potentially affected and get to the bottom of what happened.

“VA will continue working around the clock to determine every possible detail we can,” Nicholson said.  

VA and VA’s Office of Inspector General have learned that data files the employee was working with may have included sensitive VA-related information on approximately 535,000 individuals.  The investigation has also determined that information on approximately 1.3 million non-VA physicians – both living and deceased – could have been stored on the missing hard drive.  It is believed though, that most of the physician information is readily available to the public.  Some of the files, however, may contain sensitive information.

VA continues to examine data on the employee’s work computer. The employee has been placed on administrative leave pending the outcome of the investigation. VA has no information the data has been misused.

The non-VA physician data is used by VA to enhance the quality of care for veterans by analyzing and comparing information about the health care received from VA and non-VA providers.   

Next week, VA will begin making notifications to individuals whose sensitive information may have been on the hard drive.  VA is also making arrangements to provide one year of free credit monitoring to those whose information proves compromised.

“VA is unwavering in our resolve to bolster our data security measures,” Nicholson added.  “We remain focused on doing everything that can be done to protect the personal information with which we are entrusted.”

On January 22, the employee, who works at the Birmingham (Ala.) VA Medical Center, reported the external hard drive was missing.  On January 23, VA’s IG was notified.  The OIG opened a criminal investigation, sent special agents to the medical center, and notified the FBI.  VA’s Office of Information & Technology in Washington, D.C. also dispatched an incident response team to investigate. 

The OIG seized the employee’s work computer and began analyzing its contents. This analysis continues and VA IT staff has been providing technical support.

 In addition to the ongoing criminal investigation, the OIG initiated an administrative investigation to determine how such an incident could occur.

VA is operating a call center that individuals can contact to get information about this incident.  That toll-free number is 1-877-894-2600.  The call center will operate every day from 7 a.m. to 9 p.m. CST as long as it is needed.

#   #   #



People wishing to receive e-mail from VA with the latest news releases and updated fact sheets can subscribe to the
VA Office of Public Affairs Distribution List.

Back to News Releases Index



Search VA News Releases

(mm/dd/yyyy)

(mm/dd/yyyy)