Eric Chabrow reports:
The Department of Veterans Affairs’ inspector general substantiated allegations left on a departmental hotline last summer that IT contractors without appropriate security clearances improperly gained access to the VA’s electronic health record system.
Belinda Finn, assistant inspector general for audits and evaluations, wrote in an audit dated July 27, that contractor personnel improperly shared user accounts when accessing VA networks and the Veterans Health Information System and Technology Architecture systems, known as VistA, which handles sensitive electronic healthcare records. Employees at the contracting company told the IG they were not well aware of VA’s IT security requirements, which the inspector general said is spelled out in their contract.
Read more on GovInfoSecurity.com
h/t, @kanguru_news