GovernmentExecutive.com

The Veterans Affairs Department is prepared to shift up to $25 million of its fiscal 2006 funding to handle initial costs associated with the theft of as many as 26.5 million veterans' personal data from an employee's suburban Maryland home. The overall price tag could climb.

Lawmakers on Wednesday granted VA authority to reprogram up to $25 million to pay for the call center supporting the toll-free number it has set up in the wake of its Monday announcement that personal information, including Social Security numbers, of possibly every living U.S. veteran discharged since 1975 was stolen from the employee's house. Data on veterans discharged before 1975 but with claims filed at the agency since, as well as on some veterans' spouses, also is at risk.

The department had received 84,309 calls as of 10 p.m. Tuesday, spokesman Matthew Burns said. Call volume more than doubled on the second day, according to figures he supplied.

Under the authority granted, money to pay for the call center could be taken from four information technology programs, according to a congressional source. VA management is uncertain whether all $25 million will be needed to support the call center. But the department must also shoulder other expenses, including the cost of printing and mailing notification letters.

About $12 million could be culled from a Veterans Health Administration program for computer infrastructure and network management. An additional $1.5 million could come from a Veterans Benefit Administration project on IT program integrity and data management. Also, an effort called One VA Eligibility and Registration could end up losing $4.5 million. The initiative was designed to ensure that veterans only have to register once with the department in order to receive all the benefits for which they are eligible.

Lastly, a program to create a common VHA electronic repository for health records could lose $7 million. The House Appropriations Committee instructed VA to touch those funds only if the other reprogrammed funds have been depleted, a congressional source said. The fiscal 2006 budget for the health record project is only $16 million, so the $7 million would amount almost a 50 percent cut.

The $25 million price tag could prove just the beginning of the department's expenses associated with the theft, however.

Sen. John Kerry, D-Mass., on Wednesday introduced a bill that would provide free credit monitoring for all veterans affected by the data theft. When the Alpharetta, Ga.-based data broker ChoicePoint disclosed in 2005 that personal information for about 145,000 people had been sold to criminals posing as a legitimate businessman, the incident ended up costing the company $11.4 million through June 30, 2005, according to company records. Two million of that was just for credit reports and credit monitoring for victims.

Both the House and Senate committees on veterans' affairs will hold hearings on the theft on Thursday morning. Among the topics staffers say will be discussed is the more than two-week lag time between when the theft occurred -- May 3 -- and the day the department notified potential victims.

In a statement released Wednesday, department Secretary R. James Nicholson said he is "concerned about the timing of the department's response once the burglary became known." The department is conducting "a very extensive review of individuals up and down the chain of command," he said.

COMMENTS

• One more time of the government building systems that cannot be protected. This moving of resources is a big mistake! It’s time that the government gets its act together. This lack of efficiency has been occurring now for about 35 years. Why can’t the IRS, Social Security, VA, DoD and other agencies get on the same sheet of music by sharing data, protecting personal data … Once more the government gets to let the veterans take the hit because the pot of money will take away from medical benefits and services that veterans need desperately. Wake up Congress -- do your job right! GovExec.com reader Posted May 31, 2006 2:28 PM
• OK, according to the article the VA is going to move money from the IT budgets to pay for the 800 call center! So the VA had an IT-related security incident, and now we are taking money that could have been used to plug the holes that caused the incident, but they are putting that money into the call center. It is really obvious that VA senior management has no idea what from an IT Security standpoint is working or not working. From talking with a few friends within VA’s OCIS they do not even know which organization (VHA, VBA, NCA) the records came from. Another disturbing point is that all three of these organizations as well as the VA’s main office have different information security policies and the VA has not even established a baseline. RoyalWulff Posted May 25, 2006 8:18 AM
• This is so typical for the government. They allocate millions of dollars to handle the problem but they won't spend one penny to actually help us. I dialed the special toll-free hotline, 1-800-333-4636. All the people tell you is what the newspaper stories state. I called to find out if my info was lost so I can freeze my account but they don't know. Why don't they ask the person who lost the info what files he/she took home? You can't copy files without knowing which ones you need. The computer used in the employee's office also keeps track of all transactions (files copied, files erased, etc.). I mentioned all this to the person at the 1-800 number and they had no clue. They spend money to set-up a 1-800 number that tells me nothing!!! They allocate millions but offer no help!! I need to know whether or not to spend my hard-earned money on freezing my account ... I don't need to know if my medical info was lost. I need to know if the government is going to pay for freezing my account and if they are going to pay to keep my account frozen for at least 20 years. I need to know if the government will pay for more frequent credit reports so I don't have to spend my money because of the government's inadequacies! Un-Civil Servant GovExec.com reader Posted May 25, 2006 8:58 AM