Noteboom The Law Firm

Contractors Given Access To Private VA Health Records

Last summer, allegations emerged that contractors working on the Department of Veterans Affairs (VA) information technology (IT) system were able to access the VA's electronic health records (EHRs) despite not having proper security clearances. The VA's Office of the Inspector General (OIG) confirmed the allegation, which leaves some veterans questioning the security of their personal records, such as those related to their veterans disability claims. 

The controversy involves both the VA network and the Veterans Health Information System and Technology Architecture (VistA) system, which is responsible for handling EHRs. According to an audit written in late July this year, contractor employees inappropriately shared accounts while they accessed the VA's network and their EHRs. Despite the VA's IT security protocols being clearly explained in their contracts, contractors claim they had no idea of the security requirements by which they were bound.

The OIG did not easily accept that explanation and continued to place blame on the VA for their "inaction." Ultimately, the VA is still responsible for preventing "unauthorized access" through its own internal controls. Failure to implement such controls not only leaves the VA's system vulnerable, but increases the possibility others can "conceal malicious activity."

The OIG suggested the VA immediately put procedures in place giving them the ability to monitor the accounts contractors are given while working on VA systems. Additionally, the VA must ensure every contractor is given the appropriate security clearance for the work they are performing.

If you are a disabled veteran who has been denied disability compensation or have not yet applied for benefits from the VA, a South Florida disability attorney from LaVan & Neidenberg is ready to help. To learn if you are entitled to certain programs and benefits contact our veterans disability rights firm today - 1-888-234-5758.