This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Legislation to protect veterans' personal information passes House

Share this article:

The U.S. House of Representatives approved on Tuesday night language that expands the scope of a law that would protect veterans from identity theft by mandating all federal agencies alert the public when they suffer breaches of sensitive information.

The language, introduced by Rep. Tom Davis, R-Va., is part of larger legislation, the Veterans Identity and Credit Security Act of 2006. That law was drawn up in July as a response to the laptop theft of a U.S. Department of Veteran Affairs (VA) employee in May, in which the personal information of some 26.5 million veterans and active military personnel was breached.

The bill, drafted by the House Committee on Veterans' Affairs and now awaiting Senate approval after passing the House on Tuesday, offers remediation services - including credit monitoring and fraud resolution - to any veteran whose sensitive data is compromised by the VA. In addition, the law would create a VA undersecretary of information services.

"Congress has acted to protect our veterans," Rep. Steve Buyer, R-Ind., Veterans' Affairs Committee chairman, said in July. "This legislation works to correct the mismanagement that led to the data theft in May."

The contribution made by Davis, who heads up the House Committee on Government Reform, amends the Federal Information Security Management Act of 2002 by requiring federal agencies establish policies to follow if personal information is lost or stolen.

In his testimony Tuesday night on the House floor, Davis referred to the approximate two-week lapse between the time the VA laptop was stolen and the time the agency reported the breach.

"Secure information is the lifeblood of effective government policy and management, yet federal agencies continue to hemorrhage vital data," he said. "Recent losses of personal information compel us to ask: What is being done to protect the sensitive digital identities of millions of Americans, and how can we limit the damage when personal data does go astray?"

Davis' testimony came less than a week after the U.S. Department of Commerce announced in a statement that 1,138 agency laptops have either been lost or stolen since 2001. Of the computers, 249 contained personally identifiable information, although encryption software likely would have limited access to the systems.

The agency, which said it is not aware of any laptops being illegally accessed, conducted the review "in response to broad, government-wide congressional and public inquiries," according to a Thursday statement.

Click here to email Dan Kaplan.

Share this article:

Next Article in News

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

VC cyber security funding tops £850 million

VC cyber security funding tops £850 million

A new study from US-based research firm CBI Insights reveals that corporate cyber security investments have risen five-fold since 2009, with 30 percent growth in the last year alone.

Russian/Chinese cyber-security pact raises concerns

Russian/Chinese cyber-security pact raises concerns

News that Russia and China are set to sign a cyber-security treaty next month have left Western cyber experts unsure whether it is a threat or a promising development.

UK police arrest trio over £1.6 million cyber theft from cash machines

UK police arrest trio over £1.6 million cyber ...

London Police have arrested three suspected members of an Eastern European cyber-crime gang who installed malware on more than 50 bank ATM machines across the UK to steal £1.6 million.