VA To Improve Computer Security

Following a series of data security breaches, the Department of Veterans Affairs said Monday it would upgrade the agency's computers with new encryption technology.

"A systemwide encryption program will be a tremendous step forward in improving the safety and security of sensitive veteran information," said VA Secretary Jim Nicholson.

Encryption is a process by which confidential information on a computer is scrambled and made unreadable until a user decrypts it, usually with a password.

The encryption, to begin on the agency's laptops within a month, follows the award of a $3.7 million contract to Syracuse, N.Y.-based SMS Inc. The VA will be using GuardianEdge and Trust Digital products. The agency said final testing of the software is under way, with actual encryption set to begin Aug. 18.

The agency said it expects to have all of its laptop computers fully encrypted within four weeks, followed by encryption of desktop computers.

The agency has been struggling to restore credibility to its handling of sensitive data following the theft in May of a laptop and external drive containing the personal information of 26.5 million veterans. The computer was taken from a VA employee's home in Maryland.

The laptop theft was followed by revelations earlier this month that Unisys Corp., a VA subcontractor, had lost a desktop computer containing personal data for as many as 38,000 veterans who received care at VA medical centers in Philadelphia and Pittsburgh. The computer was located at Unisys' offices in Reston, Va.