Bob Brewin alerts us to another new resource on data breaches:
Today the Veterans Affairs Department started posting online its monthly data breach reports as part of its ongoing transparency thing, VA Chief Information Officer Roger Baker told a press briefing this morning. He said the latest report (for July) might not make it to the Web until Thursday
Read more on NextGov.
The reports make for interesting reading. Most of the incidents are relatively minor as far as numbers go and many do not include PHI, but the VA has meticulously documented them and aggregated them by type of incident.
The ITRC has kept up with the HHS list and unfortunately, despite explaining the rise in numbers to the press, some people still believe there has been a significant increase in health/medical breaches. It is impossible to know if this is true. We only received information early this year and posted everything we found on the HHS list. Since they have mandatory reporting, it is possible that the list is longer than those industries that do not have mandatory posting. With this additional database going public and the transparency it will create, again numbers are going to be higher that other categories. ITRC urges the press and public to not draw conclusions as to the number of breaches per category for 2010. Until all categories are on an even playing field, we will not know the true numbers.