Subcommittee: Privacy Risks Continue Despite VA Investment in Information Technology

Secretary Principi Vows 'Highest Priority' Commitment

To Improving and Integrating VA IT



Apr 04, 2001, 01:00 ET from House Committee on Veterans' Affairs

    WASHINGTON, April 4 /PRNewswire/ -- Veterans' Affairs Subcommittee on
 Oversight and Investigations Chairman Steve Buyer (R-IN) praised the "stern
 but welcome" vow of VA Secretary Anthony J. Principi to resolve the agency's
 computer security leaks endangering the privacy of veterans.
     At the first Subcommittee hearing of the 107th Congress, Chairman Buyer
 and Subcommittee Ranking Democrat Member Vic Snyder (D-AR) wanted to know what
 the VA had to show for its costly upgrade in information technology (IT).
 Buyer gave the VA six months to supply an answer.
     The VA has invested $1 billion dollars on IT enhancements in each of the
 last five years and expects the expenditure to increase to $2.1 billion in the
 year 2005.  But since 1998 the U.S. General Accounting Office (GAO) has
 reported continued agency-wide information security weaknesses and lack of IT
 coordination among VA's various administrations.
     Buyer said information technology weaknesses revealed by GAO and VA's
 Inspector General affected such areas as financial management, health care
 delivery, benefits payments, life insurance services, home mortgage loan
 guarantees, and the assets associated with those operations.  Buyer's concerns
 are shared by full Committee Chairman Chris Smith (R-NJ), House Majority
 Leader Dick Armey (R-TX), and the Bush Administration.  Armey has expressed
 concern that VA still cannot guarantee veterans applying for benefits that
 such personal information as disabilities and mental testing won't be exposed.
     "This privacy issue is not going to go away," Buyer warned.
     "Mr. Secretary, I realize you have inherited a weak hand, but I have hope
 that under your leadership, there will be swift improvement in your IT shop,"
 said Buyer, who called for continued scrutiny of VA's IT system by the GAO and
 the VA's own IG.
     Buyer and several witnesses agreed that the VA might consider an
 "information czar," a chief information officer (CIO) strong enough to solve
 the problem without being dictatorial.  Secretary Principi introduced Bruce A.
 Brody, the new Associate Deputy Assistant Secretary for Cybersecurity, who
 will work for the CIO.  He also repeated a prior pledge that he would not
 "spend one dime" on new technology until the VA implemented an integrated
 information system.
     "I will convene a panel of world-renowned experts in systems architecture
 to team with our key business unit decision makers in each of VA's
 Administration and Staff offices to develop a comprehensive Integrated
 Enterprise Architecture Plan," Principi said.  "Developing this plan has my
 highest priority."
     VA Inspector General Richard J. Griffin said the agency needed to shorten
 its timelines for addressing "security vulnerabilities" such as unauthorized
 access and misuse of sensitive automated information.  Griffin's
 recommendations included more centralized information security oversight and
 minimum acceptable security standards for VA's desktop computers.
     The Subcommittee also heard from Michael Schlacta, Jr., VA's Assistant
 Inspector General for Auditing; Dr. David L. McClure, Director of the GAO's
 Information Technology Management Issues; Karl Ware, Executive Vice President
 of Operations, BioNetrix Systems Corporation; Ken Brandt, Management Director
 of Tiger Testing; and Scott C. Sherman, Director of Advanced Technology
 Architecture for EMC2 Corporation.
 
 

SOURCE House Committee on Veterans' Affairs
    WASHINGTON, April 4 /PRNewswire/ -- Veterans' Affairs Subcommittee on
 Oversight and Investigations Chairman Steve Buyer (R-IN) praised the "stern
 but welcome" vow of VA Secretary Anthony J. Principi to resolve the agency's
 computer security leaks endangering the privacy of veterans.
     At the first Subcommittee hearing of the 107th Congress, Chairman Buyer
 and Subcommittee Ranking Democrat Member Vic Snyder (D-AR) wanted to know what
 the VA had to show for its costly upgrade in information technology (IT).
 Buyer gave the VA six months to supply an answer.
     The VA has invested $1 billion dollars on IT enhancements in each of the
 last five years and expects the expenditure to increase to $2.1 billion in the
 year 2005.  But since 1998 the U.S. General Accounting Office (GAO) has
 reported continued agency-wide information security weaknesses and lack of IT
 coordination among VA's various administrations.
     Buyer said information technology weaknesses revealed by GAO and VA's
 Inspector General affected such areas as financial management, health care
 delivery, benefits payments, life insurance services, home mortgage loan
 guarantees, and the assets associated with those operations.  Buyer's concerns
 are shared by full Committee Chairman Chris Smith (R-NJ), House Majority
 Leader Dick Armey (R-TX), and the Bush Administration.  Armey has expressed
 concern that VA still cannot guarantee veterans applying for benefits that
 such personal information as disabilities and mental testing won't be exposed.
     "This privacy issue is not going to go away," Buyer warned.
     "Mr. Secretary, I realize you have inherited a weak hand, but I have hope
 that under your leadership, there will be swift improvement in your IT shop,"
 said Buyer, who called for continued scrutiny of VA's IT system by the GAO and
 the VA's own IG.
     Buyer and several witnesses agreed that the VA might consider an
 "information czar," a chief information officer (CIO) strong enough to solve
 the problem without being dictatorial.  Secretary Principi introduced Bruce A.
 Brody, the new Associate Deputy Assistant Secretary for Cybersecurity, who
 will work for the CIO.  He also repeated a prior pledge that he would not
 "spend one dime" on new technology until the VA implemented an integrated
 information system.
     "I will convene a panel of world-renowned experts in systems architecture
 to team with our key business unit decision makers in each of VA's
 Administration and Staff offices to develop a comprehensive Integrated
 Enterprise Architecture Plan," Principi said.  "Developing this plan has my
 highest priority."
     VA Inspector General Richard J. Griffin said the agency needed to shorten
 its timelines for addressing "security vulnerabilities" such as unauthorized
 access and misuse of sensitive automated information.  Griffin's
 recommendations included more centralized information security oversight and
 minimum acceptable security standards for VA's desktop computers.
     The Subcommittee also heard from Michael Schlacta, Jr., VA's Assistant
 Inspector General for Auditing; Dr. David L. McClure, Director of the GAO's
 Information Technology Management Issues; Karl Ware, Executive Vice President
 of Operations, BioNetrix Systems Corporation; Ken Brandt, Management Director
 of Tiger Testing; and Scott C. Sherman, Director of Advanced Technology
 Architecture for EMC2 Corporation.
 
 SOURCE  House Committee on Veterans' Affairs