Third-Party Vendor Causes Breach for VA Health | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Third-Party Vendor Causes Breach for VA Health

December 29, 2014
by Gabriel Perna
| Reprints
The Department of Veterans Affairs' (VA) disastrous year is ending on an appropriately sour note as the agency revealed a data breach that affected more than 7,000 patients.
The agency learned of the breach in November, according to Gov Info Security. It was revealed that an unnamed third-party home telehealth vendor for the VA had a security flaw that exposed the data of more than 7,000 patients. The information exposed in the breach may have included name, address, date of birth, phone number and VA patient identification number, according to
"An investigation was immediately initiated and security scans were conducted by VA, which confirmed the concern," a VA spokesperson said in a statement. "The contracted vendor has assured VA that only vendor staff and VA staff had accessed this information. The security flaw in the vendor database was immediately corrected and VA continues to closely monitor the application."
The telehealth vendor was not named by the VA. The telehealth program is popular for the VA. In 2014 alone, the agency serviced more than 700,000 veterans with more than two million telehealth visits
It has been a rough year for the VA, with the scheduling system scandal, which led to long delays for veterans waiting to get serviced, causing a shakeup at the top of the agency. Congress passed a bill that would help the VA solve these delay problems. 


Former Health IT Head in San Diego County Charged with Defrauding Provider out of $800K

The ex-health IT director at North County Health Services, a San Diego County-based healthcare service provider, has been charged with spearheading fraudulent operations that cost the organization $800,000.

Allscripts Touts 1 Billion API Shares in 2017

Officials from Chicago-based health IT vendor Allscripts have attested that the company has reached a new milestone— one billion application programming interface (API) data exchange transactions in 2017.

Dignity Health, CHI Merging to Form New Catholic Health System

Catholic Health Initiatives (CHI), based in Englewood, Colorado, and San Francisco-based Dignity Health officially announced they are merging and have signed a definitive agreement to combine ministries and create a new, nonprofit Catholic health system.

HHS Announces Winning Solutions in Opioid Code-a-Thon

The U.S. Department of Health and Human Services (HHS) hosted this week a first-of-its-kind two-day Code-a-Thon to use data and technology to develop new solutions to address the opioid epidemic.

In GAO Report, More Concern over VA VistA Modernization Project

A recent Government Accountability Office (GAO) report is calling into question the more than $1 billion that has been spent to modernize the Department of Veterans Affairs' (VA) health IT system.

Lawmakers Introduce Legislation Aimed at Improving Medicare ACO Program

U.S. Representatives Peter Welch (D-VT) and Rep. Diane Black (R-TN) have introduced H.R. 4580, the ACO Improvement Act of 2017 that makes changes to the Medicare accountable care organization (ACO) program.