[Dataloss] A thought on USG data protection capability
lyger
lyger at attrition.org
Fri Jun 16 16:24:13 EDT 2006
From: dan at geer.org
http://www.gao.gov/highlights/d06866thigh.pdf
GAO-06-866: Leadership Needed to Address Information Security
Weaknesses and Privacy Issues (Testimony)
June 14, Government Accountability Office
The recent information security breach at the Department of
Veterans Affairs (VA), in which personal data on millions of
veterans were compromised, has highlighted the importance of the
department's security weaknesses, as well as the ability of
federal agencies to protect personal information. Robust federal
security programs are critically important to properly protect
this information and the privacy of individuals. The Government
Accountability Office (GAO) was asked to testify on VA's
information security program, ways that agencies can prevent
improper disclosures of personal information, and issues
concerning notifications of privacy breaches. To ensure that
security and privacy issues are adequately addressed, GAO has
made recommendations previously to VA and other agencies on
implementing federal privacy and security laws. In addition, GAO
has previously testified that in considering security breach
notification legislation, the Congress should consider setting
specific reporting requirements for agencies.
More information about the Dataloss
mailing list