"The lack of individual accountability over user accounts provides ample opportunities to conceal malicious activity such as theft or misuse of veteran data," VA Assistant Inspector General Belinda Finn says.
There was good news and bad news in the reporting of major health information breaches in the past month. The good news: Only four incidents were added to the official federal tally. The bad news: One of those incidents affected 400,000 individuals.
Beth Israel Deaconess Medical Center in Boston is notifying more than 2,000 of its patients about an unusual potential health information breach incident involving a computer virus that transmitted data to an unknown location.
A Georgia hospital has informed 7,500 patients that they may have been affected by a breach incident involving the theft of personal information that could have been used to commit federal income tax fraud.
In one of the largest health information breaches reported so far this year, Spartanburg Regional Healthcare System in South Carolina has notified 400,000 of an incident involving the theft of a desktop computer from an employee's car.
The U.S. Department of Health and Human Services' Office for Civil Rights entered into a resolution agreement with the University of California at Los Angeles Health System to settle violations of the HIPAA Privacy and Security Rules.
An unencrypted laptop computer that's missing from the United Kingdom's National Health Service North Central London health authority contained information on 8.63 million people, according to a report on The Sun newspaper's website.