PRESS RELEASE
FROM THE OFFICE OF
Congressman Artur Davis
7th Congressional District of Alabama
208 Cannon House Office Building
Washington, DC 20515-0107 		image of U.S. Congress seal with capitol dome in the background
FOR IMMEDIATE RELEASE
February 11, 2007
 

VA RESPONDS TO CONGRESSMAN ARTUR DAVIS CALL

FOR FULL DISCLOSURE IN BIRMINGHAM DATA BREACH CASE
 
BIRMINGHAM - Today the Department of Veterans Affairs released more detailed information concerning the data breach issue at the Birmingham facility.  These details were provided to U.S. Representative Artur Davis (D-Ala.) during a briefing Friday at which time he called on the VA secretary to release these findings to the general public and to begin immediate notification of individuals whose information may have been compromised.

 

“I am pleased that Secretary Nicholson heeded my request that more information be released to the public regarding the security breach at the Birmingham VA center,” Congressman Davis said.  “The near three-week delay in publicizing this information underscores the need for stronger legal protections for veterans whose confidential information has been compromised.”

 

The VA offered in a press release that sensitive data for more than 535,000 patients and 1.3 million physicians was contained on the portable hard drive that has been missing from the VA facility in Birmingham since January 22nd.  Upon hearing this during the briefing provided by the VA Office of Inspector General on Friday, one week after the VA first notified the public of this incident, Congressman Davis called for immediate revelation to the public and impacted individuals.

 

“It is my strong belief that upon receiving notice from the Office of Inspector General, it is incumbent on your Department to issue a public notice on the scope of the breach and possible ramifications no later than Monday, February 12, 2007,” Davis said in a letter to Secretary Nicholson dated February 9, 2007.  “At that point the Department should begin the process of immediately, individually notifying all affected Veterans and Physicians.”

 

The VA first notified the Alabama delegation of the data breach Friday, February 2nd in an after-hours call prompted by the possible airing of the story by a broadcast media outlet.  Congressman Davis offered a statement at that time saying the lack of disclosure was “unacceptable and violates the confidence that thousands of Americans who serve their country have placed in their government.” 

 

[This correspondence was sent to VA Secretary Jim Nicholson immediately following a briefing to Congressman Davis concerning the data breach at the Birmingham VA facility.]

 

 

 

February 9, 2007

 

 

The Honorable Jim Nicholson

Secretary

U.S. Department of Veterans Affairs

810 Vermont Avenue NW

Washington, DC  20420

 

Dear Secretary Nicholson,

 

I write concerning the recent security breach that occurred in my congressional district at the Veterans Affairs Department facility in Birmingham, AL. This morning, the Deputy Inspector General from the Department of Veterans Affairs, briefed me and representatives from Congressman Spencer Bachus’ (AL-06) House Financial Services Committee and personal staff on the progress of the ongoing investigation. It is my understanding that the Inspector General’s office is also in the process of briefing the relevant authorizing and appropriating committees.

 

At this morning’s briefing, it became apparent that previous reports drastically minimized the scope of the breach. I have been informed of the following details:

 

  • On January 22, 2007, a term limited employee at the Department facility reported the disappearance of a hard drive that contained confidential information about some of the facility’s patients.

 

  • Upon further investigation, the Office of Inspector General learned that the employees’ hard drive contained data matching the names and Social Security numbers of 9,993 individuals.

 

 

  • In addition, the file contained a list of 1.3 million physicians cross referenced from the Department of Health and Human Services Centers for Medicare & Medicaid Services. The relevant data included physicians’ billing information and codes for Medicare services, which could potentially be utilized for Medicare billing fraud.

 

 

  • The Inspector General’s Office will be advising the Department’s General Counsel that its ongoing criminal investigation can no longer be used as a rationale to delay the release of information to the public.

It is my strong belief that upon receiving notice from the Office of Inspector General, it is incumbent on your Department to issue a public notice on the scope of the breach and possible ramifications no later than Monday, February 12, 2007. At that point the Department should begin the process of immediately, individually notifying all affected Veterans and Physicians.

 

I have relayed my thoughts to the Office of Inspector General and to the VA's Office of Congressional and Legislative Affairs.

 

I appreciate your prompt response regarding this serious matter.

 

 

Sincerely,

 

 

 

Artur Davis

Member of Congress

 

 

 

 

cc:        The Honorable Bob Filner, Chairman, House Committee on Veterans Affairs

 

-###-