- Contact the Committee

House Committee on Veterans Affairs
Hearing: “Cyber Security bill”
July 18, 2006
Testimony Submitted by Congressman Marsha Blackburn

Mr. Chairman, I want to thank you for holding these hearings and for inviting me to testify today regarding legislation I introduced with Representative Rob Simmons.

We drafted our Veterans Identity Protection Act this May in the days after Congress learned that the personal information of millions of the nation's veterans had been stolen from a Department of Veterans Affairs employee.

As Representative to a large military Post and a district with tens of thousands of veterans, this issue has clearly been a source of concern. I know that Representative Simmons who is a veteran himself has also heard the same thing from his constituents.

The idea that your identity could be stolen, your credit ruined, and your life impacted in such a negative way is absolutely unsettling and it's our responsibility to bring as mush reassurance and assistance as possible to those veterans who've been touched by this theft.

The situation is very similar to the information breaches that have occurred with data brokers over the past year. Those instances led to Energy and Commerce Committee hearings that exposed just how easy it is to steal a person's identity by acquiring their financial information.

After the data breaches occurred, brokers addressed the situation by sending a notice to affected customers informing them that they could request a free credit report and free credit monitoring. Approximately, 10% of the affected people chose this option.

The bill Representative Simmons and I introduced follows a similar course of action. Instead of mandating a costly 100% coverage of free monitoring and reports, veterans would be provided a notice from which they could opt for these items. This keeps the cost down to millions, instead of billions of taxpayer dollars.

This legislation would also allow the VA to contract with credit agencies for reports and monitoring, which further keeps costs down. It would provide a free credit report every three months for the next year. This would maximize funds -- The VA would only have to buy one report out of its budget since current law allows a person to obtain a free credit from each of the three credit agencies each year.

It has been reported the stolen laptop containing these veterans' information was not accessed or compromised. While that may be so, now is the time for the VA to coordinate with credit agencies for future data thefts -- which we hope will not occur, but as we've seen are increasingly a fact of life.

A recent report by VA's inspector general shows many shortcomings with the department and its security practices and vulnerabilities. We would be wise to remain concerned about the ability of the VA to secure the personal information of our veterans and it's my hope every step will be taken to prevent future thefts, and prepare contingency plans should a breach occur.

I will end by requesting that the committee consider including a provision to tie salaries and expenses at the department to the implementation of the IG recommendations.

I believe these steps are necessary to focus the department on this critical concern and ensure the appropriate steps are taken to protect veterans' personal information.

Mr. Chairman, this concludes my statement, and I am available to answer questions from the committee.