Skip to content Skip to navigation

Third-Party Vendor Causes Breach for VA Health

December 29, 2014
by Gabriel Perna
| Reprints
The Department of Veterans Affairs' (VA) disastrous year is ending on an appropriately sour note as the agency revealed a data breach that affected more than 7,000 patients.
The agency learned of the breach in November, according to Gov Info Security. It was revealed that an unnamed third-party home telehealth vendor for the VA had a security flaw that exposed the data of more than 7,000 patients. The information exposed in the breach may have included name, address, date of birth, phone number and VA patient identification number, according to
"An investigation was immediately initiated and security scans were conducted by VA, which confirmed the concern," a VA spokesperson said in a statement. "The contracted vendor has assured VA that only vendor staff and VA staff had accessed this information. The security flaw in the vendor database was immediately corrected and VA continues to closely monitor the application."
The telehealth vendor was not named by the VA. The telehealth program is popular for the VA. In 2014 alone, the agency serviced more than 700,000 veterans with more than two million telehealth visits
It has been a rough year for the VA, with the scheduling system scandal, which led to long delays for veterans waiting to get serviced, causing a shakeup at the top of the agency. Congress passed a bill that would help the VA solve these delay problems. 


ONC National Coordinator Gets Live Look at Carequality Data Exchange

Officials from Carequality have stated that there are now more than 150,000 clinicians across 11,000 clinics and 500 hospitals live on its network. These participants are also able to share health data records with one another, regardless of technology vendor.

American Red Cross, Teladoc to Provide Telehealth Services to Disaster Victims

The American Red Cross announced a partnership with Teladoc to deliver remote medical care to communities in the United States that are significantly affected by disasters.

Report: The Business of Cybercrime in Healthcare is Growing

While stolen financial data still has a higher market value than stolen medical records, as financial data can be monetized faster, there are indications that there is ongoing development of a market for stolen medical data, according to an Intel Security McAfee Labs report.

Phishing Attack at Baystate Health Potentially Exposes Data of 13K Patients

A phishing scam at Baystate Health in Springfield, Mass. has potentially exposed the personal data of 13,000 patients, according to a privacy statement from the patient care organization and a report from MassLive.

New Use Cases Driving Growth in Health Data Exchange through Direct

In an update, DirectTrust reported significant growth in Direct exchange of health information and the number of trusted Direct addressed enabled to share personal health information (PHI) in the third quarter of 2016.

Insurers to CBO: Consider Private Insurers’ Data in Evaluations of Telemedicine

Eleven private insurers, including Aetna, Humana and Anthem, are urging the Congressional Budget Office (CBO) to consider the experience of commercial insurers when evaluating the impact of telemedicine coverage in Medicare.