Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/outsourc/public_html/connection.php on line 2
GAO report targets data breach guidelines:: :: Articles News Information

Offshore Outsourcing will help you to reduce cost and enhance your productivity

Home About Us Services Partners Articles Classifieds Directory Contact Us
   
Offshoring
Outsourcing
BPO
Computers Networks
Internet
Operating Systems
Data Storage
Telecommunications
Programming
Software Engineering
Information Technology
Online Rights - Law
Business
E-Commerce
IT Outsourcing
Business Consulting
Finance & Accounting
Graphic Design
Web Services
Search Engine Optimization
Open Source
Hardware
Security
Others
Games

GAO report targets data breach guidelines

A U.S. Government Accountability Office (GAO) report issued Monday in response to a May 2006 data breach at the Department of Veterans Affairs says federal agencies should have uniform guidelines governing when to offer credit monitoring to individuals whose personal information is exposed.

Veterans were denied the opportunity to take prompt steps to protect themselves against identity theft last year because internal delays kept key VA officials, including the agency’s secretary, in the dark for up to two weeks, the report states. One lesson learned after the breach is that federal agencies must have rapid internal notification of key officials, the GAO said.

“Because of these delays, the department’s decision about how to respond was also delayed,” the GAO said in its report today. “Prompt internal notification would help ensure that future data breaches are addressed promptly, maximizing the opportunity for affected individuals to effectively take precautions.”

A VA laptop and computer storage device containing the names, Social Security Numbers and dates of birth of all veterans discharged since 1975 were stolen from a VA employee’s home last year, exposing data from 26.5 million veterans and determining whether to offer credit monitoring and other services that may reduce the risk of identity theft.2.1 million active and reserve service members.

Today’s report urges the Office of Management and Budget, which oversees security and privacy for the federal government, to develop guidance agencies can use when determining whether to offer credit monitoring and other services that may reduce the risk of identity theft. Without such guidance, the GAO said, agencies may make inconsistent decisions that leave some people more vulnerable than others.

The Office of Management and Budget addressed many of the concerns raised by the data breach in guidance it issued last year, but so far has not assisted agency officials “in making consistent risk-based determinations about when to offer credit monitoring or other protection services,” the GAO says.

Veterans were denied the opportunity to take prompt steps to protect themselves against identity theft last year because internal delays kept key VA officials, including the agency’s secretary, in the dark for up to two weeks, the report states. One lesson learned after the breach is that federal agencies must have rapid internal notification of key officials, the GAO said.

“Because of these delays, the department’s decision about how to respond was also delayed,” the GAO said in its report today. “Prompt internal notification would help ensure that future data breaches are addressed promptly, maximizing the opportunity for affected individuals to effectively take precautions.”

A VA laptop and computer storage device containing the names, Social Security Numbers and dates of birth of all veterans discharged since 1975 were stolen from a VA employee’s home last year, exposing data from 26.5 million veterans and determining whether to offer credit monitoring and other services that may reduce the risk of identity theft.2.1 million active and reserve service members.

Today’s report urges the Office of Management and Budget, which oversees security and privacy for the federal government, to develop guidance agencies can use when determining whether to offer credit monitoring and other services that may reduce the risk of identity theft. Without such guidance, the GAO said, agencies may make inconsistent decisions that leave some people more vulnerable than others.

The Office of Management and Budget addressed many of the concerns raised by the data breach in guidance it issued last year, but so far has not assisted agency officials “in making consistent risk-based determinations about when to offer credit monitoring or other protection services,” the GAO says.

To ensure consistency, the GAO says each agency should have a core group of senior officials that meets after every breach and determines the agency’s response, and have mechanisms in place to obtain contact information for individuals in danger of identity theft.

Internal training and awareness must be in place to ensure timely responses to breaches, and public interaction after such incidents require careful coordination and can be costly, the report also says.