VA could spend $20M on data breach response

It looks like a recent data breach suffered by the Department of Veterans Affairs could be very pricey. Officials continue to deal with the recent loss of a hard drive, which disappeared from a VA medical center in Birmingham, AL in January of this year. The disk contained confidential data on any U.S. doctor billed Medicaid or Medicare through 2004, as well as more than 500,000 VA patients. To date, the hard drive has not been found, despite a $25,000 reward for information on its whereabouts. According to VA officials, security weaknesses at the heart of the VA's VistA health information system played a role in the breach. While the VA is working to update VistA security, the process could take until 2015. In the mean time, the agency has gotten hammered by members of Congress over this incident, as well as a lapse last year which exposed 26.5 million records. That breach cost the agency $160.5 million just for credit counseling and related services for affected patients.

To learn more about the VA's reaction to the security breach:
- read this iHealthBeat article