Nextgov reports that the inspector general at the Veterans Affairs Department has launched an investigation into a physician assistant, who allegedly downloaded patient data.
The assistant allegedly recorded two sets of patient data on to a personal laptop for research purposes. One set included three years' worth of patient data and another held 18 years of medical information, according to a source familiar with the incident and who asked not to identified.
There are conflicting reports on how the data was obtained:
Roger Baker, VA's chief information officer, commented on an item about the incident that was posted Monday evening on a Nextgov blog that the physician assistant's laptop was never connected to the VA network and any data she recorded on her laptop was "hand entered."
But the source told Nextgov the VA inspector general is investigating whether the assistant used two thumb drives to transfer the data to the laptop.
No word on how many patients were involved or whether or not they would be contacted. Hopefully, the VA's IT department has an detailed user audit trail to work with to shed some light on this incident.
Sources: Nextgov, Open Security Foundation (OSF)
Comments