OFFICIALS LEGISLATION INTEREST GROUPS PUBLIC STATEMENTS COMMITTEES VETOES

Veterans Identity and Credit Securiy Act of 2006

Date: Sept. 26, 2006
Location: Washington, DC
Issues: Veterans


VETERANS IDENTITY AND CREDIT SECURITY ACT OF 2006 -- (House of Representatives - September 26, 2006)

BREAK IN TRANSCRIPT

Mr. WAXMAN. Mr. Speaker, I support the goal of H.R. 5835 to strengthen security of personal data held by the Government, but believe that more should be done. For the Department of Veterans Affairs, this bill provides more training for employees on privacy issues, independent risk analysis of data breaches, credit freezes for persons whose data has been compromised, and more. This is an important step in light of recent data losses at the VA.

But the detailed requirements in this bill only apply to the Department of Veterans Affairs. For the rest of the Government, none of this is required, even though our committee's inquiries have uncovered serious breaches in other Federal agencies. For example, the Department of Commerce recently reported the loss of more than 1,000 laptop computers, some containing census information. To protect the privacy of personal information, we should require increased training, accountability, and reporting in all Federal agencies, not just the VA.

I am also concerned about the procedures under which this bill has come to the floor. Although primarily a VA bill, this bill also includes amendments to the Federal Information Security Management Act, FISMA, a government-wide law, in the jurisdiction of the Committee on Government Reform. Some of these provisions were in the reported version of this bill, and some were just added by amendment today from a bill introduced yesterday. None of these government-wide provisions were considered in the Committee of Government Reform.

H.R. 5835 now includes 2 different definitions of ``sensitive personal information''--one applying to the entire government under FISMA, and another applying to the Department of Veterans Affairs. Had this bill proceeded through the regular committee process, inconsistencies like this could have been resolved and a clearer, more comprehensive bill reported to the floor. I hope that Congress will consider additional legislation to clarify the patchwork of laws and regulations currently in place and extend stronger data security requirements to the entire Federal Government.

BREAK IN TRANSCRIPT

http://thomas.loc.gov

arrow_upward