Information Security: VA and Other Federal Agencies Need to Address Significant Challenges, Statement of Gregory C. Wilshusen, Director, Information Security Issues, Before the Subcommittee on Technology Modernization, Committee on Veterans' Affairs, House of Representatives [open pdf - 511KB]
From the Highlights: "In providing health care and other benefits to veterans and their dependents, VA [Department of Veterans Affairs] relies extensively on IT [information technology] systems and networks to receive, process, and maintain sensitive data, including veterans' medical records and other personally identifiable information. Accordingly, effective security controls based on federal guidance and requirements are essential to ensure that VA's systems and information are adequately protected from loss, unauthorized disclosure, inadvertent or deliberate misuse, or improper modification, and are available when needed. For this testimony, GAO [Government Accountability Office] summarized the status of information security across the federal government and particularly at VA. It also discusses the security challenges that VA faces as it modernizes and secures its information systems. To develop this statement, GAO reviewed its prior reports and relevant Office of Management and Budget, IG [inspectors general], and agency reports."
Government Accountability Office: http://www.gao.gov/