The Department of Veterans Affairs (VA) has begun posting reports about data breaches on its website, once again showcasing its transparent policies.

Since VA is the largest healthcare organization on the planet and has thousands of contractors, it experiences a variety of data breach incidents each month. It must notify Congress monthly about both routine and major data breaches, a requirement imposed in the aftermath of several security break-downs during the past year.

For example, a report (PDF) from July 5 to August 1 shows the agency lost two PCs, 13 BlackBerry devices and six laptops. It also reported 103 of so-called “mis-mailed” incidents, and 90 “mis-handling” incidents. The report said, all of the lost laptops were encrypted. Now, the public can see those reports for themselves, as VA has begun to post them online since August 11.

“We gain a lot with transparency,” VA chief information Roger Baker said about making the report public. “When you see what normally happens and how they are handled, it lends a bit of confidence what we’re going to do when more serious ones occur,” he added.

“For example, losing smart phones is a common security problem at VA, as it is elsewhere. However, it’s difficult to impose consequences for the losses. There isn’t a cost benefit to denying the issuance of another smart phone to physicians and other professionals who lose them because the devices are inexpensive relative to the productivity gains they provide,” Baker said.

“I don’t take losing a couple of hundred dollars of taxpayer money lightly,” he said. “But compared with a doctor that we may be paying $300,000 a year, I don’t want them spending time trying to figure how to get a new Blackberry. I want them to have a new Blackberry in their hands so they can be certain of providing patient services.”

VA also has a policy of encrypting mobile devices in order to reduce the potential for the misuse of personal or confidential information by making the device unusable when it it lost or stolen.

Since taking his position, Baker has made a conscious effort to streamline the IT operations at the VA, with data security being a priority. The posting of the reports also shows how far the agency has come in terms of transparency and accountability for its IT operations, which has been criticized for serious in-efficiency in the past.

Also, Baker has put into place an accountability program that flags IT projects behind schedule or over budget. This program saved the agency $54 million in its fiscal-year 2010 budget.

Want to prevent breach?

Have you been affected by data breach? Do you think that your organization is susceptible to a potential security breach? For further information visit our website where you will learn about our encryption software and other security protection methods.

A trusted way to protect information stored on a PC or laptop is by using encryption. Alertsec Xpress offers full disk encryption and is therefore superior to other encryption methods when comparing security, performance, robustness and ease-of-use for both administrators and users. To find out more, see Tech Specs.