“The Department of Veterans Affairs (VA) put millions of people, including medical professionals, at risk of identity theft by disclosing their social security numbers in copies of veterans’ benefits claims, an agency audit found.”
“When responding to veterans’ requests for copies of their medical benefits claims, the VA failed to redact personally identifiable information of other service members and doctors treating the veteran, according to a report from the VA Office of Inspector General (OIG). That information included names and social security numbers.”
“The failure to delete other people’s personal information on those records goes back to a policy put in place in May 2016, the OIG report said.”
“‘The May 2016 policy change did not require third parties to be notified when their information was released, meaning individuals at risk of identity theft might not be aware of that risk,’ the VA OIG report said…”
“Before May 2016, VBA’s policy required staff to limit disclosure to information that pertained only to the requester, and staff were required to redact third-party information. To do this, staff conducted a page-by-page review of requested records and used software to block out the third-party information, according to the audit.”
“Three years ago, the Veterans Benefits Administration changed its policy to stop redacting that information because the process was slowing down the department’s ability to respond to records’ requests. In less than two years, the VBA’s backlog of records requests grew from 10,000 to 70,000 with the average response time almost doubling to 150 days. That also resulted in a growing number of appeals and litigation…” Read the full article here.
Source: VA put millions of people, including doctors, at risk of identity theft, agency audit finds – By Heather Landi, November 22, 2019. Fierce Healthcare.
