Recent Press Releases

Washington, DC —  Today Senator John Thune joined members of the Senate Committees on Veterans' Affairs, Homeland Security and Governmental Affairs at a joint hearing on the recent ID theft of more than twenty-six million veterans. Senator Thune is a member of the Senate Committee on Veterans' Affairs. Please find below Senator Thune's opening statement from today's hearing:

Mr. Chairman, thank you for holding this emergency hearing to review the theft of the personal information of millions of our veterans earlier this month. I would also like to thank Secretary Nicholson for appearing today to answer questions about this very serious breach of security. Mr. Chairman, I share your commitment to understanding all the facts of this case before taking action, and I hope this hearing will generate more light than heat. Having said that, this breach of information security at the VA is causing a lot of anxiety among our veterans, and they are rightfully demanding that we act quickly on this issue. I have many veterans in my state who are justifiably concerned about identity theft, and they deserve to have peace of mind about their privacy. That's why we must work quickly to learn all the relevant facts and then take appropriate action.

In the short term, we must learn the exact proportions of this problem, and then develop a proportionate remedy. However, as policymakers, we are also responsible for looking at the bigger picture, and analyzing what can be done to prevent this sort of thing from happening again. We must search for a long-term solution to ensure the security of information at the VA, and I believe this can be achieved by adopting a centralized information technology management system at the VA.

As our panelists today no doubt are aware, the VA's Office of Inspector General's most recent strategic plan indicated that one of its strategic goals was in the area of information management. The strategic plan noted that one of the many challenges the VA faces is the privacy of and security of the information it manages. The strategic plan further states that "information systems security has been identified as a material weakness as early as 1998" within the VA. Then there is this key passage found on page 58 of the Inspector General's Strategic Plan for fiscal years 2005-2010:

"The potential vulnerability of Federal information systems cannot be overestimated. Presently, VA systems are not protected from unauthorized access. Risks of potential disclosure or loss of sensitive data, fraudulent claims, and disruption of critical activities remain. Security over VA IT resources needs to assure that only authorized users access VA resources and only authorized use is made of VA resources. Legal requirements such as the Privacy Act, the Federal Information Security Management Act of 2002 (FISMA), and the Health Information Portability and Accountability Act of 1996 (HIPAA), impose detailed duties on VA to protect sensitive medical and personal information it maintains on veterans, their families, and its employees."

Clearly, what the Inspector General was worried about in terms of information security has now become a reality that we must deal with. I believe that this event occurred at least in part because many of the VA's IT systems are compartmentalized within the VA's three administrations (Health, Benefits, and Cemeteries), and there is not a uniform policy in terms of information security across the entire VA. That is why I introduced a bill last fall to improve the management of information technology within the VA. My bill would provide for the VA's Chief Information Officer (CIO) to have authority over resources, budget, and personnel related to the support function of information technology. An identical version of this bill passed the House of Representatives by a vote of 408 to 0.

As we search for long-term solutions, I hope my colleagues will consider my bill, S. 2001, the VA Information Technology Management Improvement Act, as a reform measure that will help prevent this kind of security breach from ever happening again.

In conclusion, Mr. Chairman, we are here to understand the entire context of the situation we are faced with, and then to work on short-term and long-term solutions. We must do all we can to ensure the privacy of our veterans, who have sacrificed so much for all of us. Thank you again, Mr. Chairman, for holding this important hearing.

The VA has set up a manned call center that veterans can call to get information about this situation and learn more about consumer identity protections. The toll-free number is 1-800-FED INFO.