TMCnet News
New Hampshire Dems: The Scandal Walt Havenstein doesn't Want New Hampshire Veterans to Know About(Targeted News Service Via Acquire Media NewsEdge) CONCORD, N.H., Sept. 18 -- The New Hampshire Democratic Party issued the following news: As Walt Havenstein tries to get to know New Hampshire veterans, they should be aware that his record of mismanagement as the CEO of SAIC included overseeing a massive data breach, which threatened the privacy of nearly 5 million TRICARE beneficiaries. The Washington Post called the incident "one of the largest health-data breaches ever reported" (Washington Post, November 24, 2011) and according to reports in the Boston Globe, the breach affected "70,000 military personnel, retirees, and their families across New England" including 7,984 Granite Staters (Boston Globe, May 5, 2012). The company even admitted that it failed to follow federal guidelines for property encrypting personal information (NextGov, September 30, 2011). "My wife and son made so many sacrifices to keep our family running smoothly while I was away, and the last thing any military family should have to cope with is a breach of their personal health data as a result of the carelessness of a defense contractor,"said Jeff Ballard of Brookfield, who served in Afghanistan with the New Hampshire Army National Guard. "Walt Havenstein not only failed to ensure proper procedures for securing the personal health information of veterans and their families, but he also failed to compensate those hurt by his company's negligence, and that's simply unacceptable." "Under Walt Havenstein's failed leadership and mismanagement at SAIC, the company not only shed thousands of jobs as its stock value nose-dived, but the company also put at risk the personal information of thousands of service members, veterans and their families," said New Hampshire Democratic Party Chair Ray Buckley. "Now Havenstein wants New Hampshire veterans to believe that he will look out for their interests, despite never compensating those hurt by SAIC's massive data breach. Havenstein has proven time and again that he puts his own interests first, no matter who gets hurt, and as the full record of Havenstein's failures as CEO of SAIC begins to emerge, it's become even more clear that he should not be allowed to run our state." In September 2011, nearly 5 million TRICARE beneficiaries' records were stolen from the car of an SAIC employee (NextGov, September 29, 2011). Despite having experienced another major data security breach under Havenstein's watch a year earlier, the company failed to ensure it was complying with federal security standards in order to protect TRICARE beneficiaries' data (Letter, May 7, 2012). A spokesman for SAIC later admitted, "most of the [TRICARE beneficiaries'] data was not encrypted," putting at risk sensitive personally identifiable and personal health information (PII/PHI) including Social Security numbers, addresses, birth dates, phone numbers, laboratory tests, clinical notes and prescriptions. (Washington Post, November 24,2011; Nextgov, September 29, 2011). In a letter expressing "deep concerns" over the breach, five members of Congress from both sides of the aisle wrote the incident "represents an extremely serious and substantial lapse in security." Adding, "SAIC has had at least six prior security incidents due to malware infections, stolen computers, and, last year, stolen computer backup tapes" (Letter, December 2, 2011). A second letter from bipartisan members of Congress noted, "With SAIC's history of serious security failures, it is disturbing that TRICARE engaged this contractor for such sensitive work" (Letter, May 7, 2012). SAIC offered no compensation to the TRICARE beneficiaries whose information was compromised, and only under the Pentagon's orders provided one free year of credit monitoring services to all affected patients (Department of Defense, November 4, 2011). BACKGROUND TRICARE Scandal: SAIC Reported Theft of Backup Computer Records Containing Information of 4.9 Million People in the TRICARE Military Health Care system on September 14, 2011 An article from NextGov reported that "Science Applications International Corp. said backup computer tapes containing sensitive health information of 4.9 million Military Health Care System TRICARE beneficiaries treated in the San Antonio, Texas, area since 1992 were stolen from an employee's car Sept. 14. . . . the employee was transporting the tapes from one federal facility to another in the San Antonio area and reported the theft the same day to TRICARE and the San Antonio Police Department." (NextGov, September 29, 2011) TRICARE Backup Computer Tapes Included "Wealth of Information on Patients Treated in San Antonio Clinics and Hospitals" "TRICARE, in its statement, said the backup tapes contained a wealth of information on patients treated in San Antonio clinics and hospitals, including 'clinical notes, laboratory tests and prescriptions' from 1992 through this Sept. 7. Military hospitals in San Antonio include Brooke Army Medical Center and the Air Force Wilford Hall Medical Center. Other health care information contained on the tapes also included diagnoses, treatment information, provider names, provider locations and other patient data, such as lab tests run in San Antonio, even though the patients were being treated elsewhere. The data on the tapes, backups for the military electronic health record system, also could include Social Security numbers, addresses and phone numbers, the TRICARE statement said." (NextGov, September 29, 2011) TRICARE Backup Tapes Theft: "One of the Largest Health-Data Breaches Ever Reported" The Washington Post, in an article reporting the theft of the tapes noted that the backup tapes which held information on "4.9 million Tricare military beneficiaries" was "one of the largest health-data breaches ever reported." (WashingtonPost, November 24,2011) Tapes "Were not Encrypted in Compliance with Federal Standards" According to Nextgov, "Computer tapes containing health care information on 4.9 million TRICARE beneficiaries stolen from the car of a Science Applications International Corp. employee in San Antonio, Texas, earlier this month were not encrypted in compliance with federal standards, SAIC said. . . . Vernon Guidry, an SAIC spokesman, said in a statement that 'some personal information was encrypted prior to being backed up on the tapes.'" (NextGov, September 30, 2011) "Key Issue in the Theft of Health Care Data, 'the Most Sensitive Information About an Individual' Such as Prescriptions and Diagnoses, which Can Cause Far More Harm to a Person than Financial Data" "Harley Geiger, a policy counsel who specializes in health care at the Center for Democracy and Technology, a Washington nonprofit, said . . . the key issue in the theft of health care data, 'the most sensitive information about an individual' such as prescriptions and diagnoses, which can cause far more harm to a person than financial data." (NextGov, September 29, 2011) November 2011: SAIC Directed to Provide One Free Year of Credit Monitoring Services for Patients Whose Information was Stolen A press release from the Department of Defense stated, "The Department of Defense announced today that the TRICARE Management Activity (TMA) has directed Science Applications International Corp. (SAIC) to provide one year of credit monitoring and restoration services to patients who express concern about their credit as a result of a data breach that occurred in Texas and was reported to TMA on Sept. 14, 2011. Approximately 4.9 million patients treated at military hospitals and clinics during the last 20 years may have been affected by the breach." (Department of Defense, November 4, 2011) TRICARE Military Beneficiaries Being Informed of Stolen Personal Data "When [veteran] MacLean's wife, Adrianne, called SAIC and Tricare for more information, she said that everyone she spoke to offered reassurance. "They all told me it was encrypted and I had nothing to worry about," she said. "You're crazy if you think I'm not worried." In fact, "most of the data was not encrypted," SAIC spokesman Vernon Guidry said this week. [ ] Said Adrianne MacLean: "It's not fair for veterans to have to deal with this on top of everything else they're facing." (WashingtonPost, November 24,2011). CC AutoTriage10PkS-140919-30FurigayJane-4865950 30FurigayJane (c) 2014 Targeted News Service |