Why are HIPAA Laws Not Enforced at the Department of Veterans Affairs?

0 have signed. Let’s get to 100!

Jamie Fox
Jamie Fox signed this petition

Veterans and the American public want to know why HIPAA laws are not being enforced at the Department of Veterans Affairs, given that:

The prevalence of privacy violations at the Department of Veterans Affairs (VA) has become an epidemic system wide. Veteran medical records and sensitive personal information data sit at the root of all privacy and security user training and access controls not being properly implemented nor adequately monitored. A clear violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its’ enforcement. Even though the VA is one of the top Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy offenders, the Office of Civil Rights, an arm of the Department of Health and Human Services (HHS), that enforces HIPAA, has largely ignored the VA’s problem. The VA is required by several regulations (e.g., Federal Information Processing Standards Publication) to develop, sustain, and retain audit records to supervise, analyze, and report on inappropriate access of information systems.  The VA’s own VA Handbook states that information systems are required to create detailed audit logs that can help recreate a data security incident. 

It is unacceptable that our Nation's Heroes do not have the same rights as civilians simply because some government bureaucrats have chosen to ignore the rule of law. The Office of Civil Rights must be given the resources and enough teeth to make the VA and all government agencies compliant with existing privacy laws. All privacy laws and regulations must be enforced and the people who violated them held accountable.