Veterans

VA Scandal: 'Medical records of whistleblowers have been accessed and…used to attempt to discredit the whistleblowers'

When they accumulate and store all of our sensitive information, officials are also arming themselves against us

|

Mark Sardella

If you really need further evidence of why it's dangerous to let government officials demand sensitive information from us, look no further than the ongoing scandal at the U.S. Department of Veterans Affairs. Once focused on the apparently lethal mistreatment of military veterans by a system created to provide them with (usually crappy) medical care, the story now also encompasses retaliation by officials against VA employees who raise concerns about such mistreatment.

Perhaps most disturbing: "In several cases, the medical records of whistleblowers have been accessed and information in those records has apparently been used to attempt to discredit the whistleblowers," commented Carolyn Lerner from the Office of Special Counsel at a congressional hearing yesterday.

The hearing held by the House Committee on Veterans' Affairs, Subcommittee on Oversight and Investigation, was part of an ongoing saga that includes testimony from multiple participants, though Lerner's presence was an understandable repeat performance, given the Office of Special Counsel's role in protecting whistleblowers. Last September, Lerner told another congressional committee that her office "received over 80 new VA whistleblower retaliation cases related to patient health and safety just since June 1, 2014."

Among the VA cases Lerner's office had addressed at that point, it "for the first time obtained a stay on behalf of an employee who faced retaliation for refusing to obey an order that would have violated the law." That employee had been ordered to enter classified information into an unsecured computer network, which you would think government agencies would be getting just a bit more sensitive about. Well…OK. That's a vain hope.

The flood (the VA is now the biggest source of these complaints and rated over 30 OSC attorneys by itself as of last July) of whistleblower retaliation cases from the VA has mostly involved punishments that you would expect from an arrogant, insular government agency against employees who go against the grain. But Lerner told the committee that many VA employees, who are often veterans themselves, find that their health records have been accessed by officials looking for fodder.

According to TheBlaze:

One example of a veteran who believes his medical records were inappropriately accessed is Brandon Coleman, a Marine Corps veteran who sustained injuries to his right foot while he served. Coleman works at the VA system in Phoenix, and told TheBlaze he became a whistleblower after it became clear that someone illegally went into his medical records.

He said after he started publicizing the failures of his own office to properly treat veterans with suicidal tendencies, his own mental health was questioned by his superiors. As of this year, the VA has threatened to reduce his disability rating.

More than a few government agencies have access to sensitive information—medical, financial, criminal, sexual… The IRS and Census Bureau compel disclosure, law enforcement agencies gather it through legal filings and court records, and intelligence operations just hoover it up. Much of it gets stored away indefinitely for reasons even officials couldn't tell you, except that they have the storage space. But it makes sense that officials capable of gaming health care waiting lists to the point that people die from delayed treatment are perfectly willing to mine records for weaponizable information for use against dissident employees—or anybody else.

Yeah, the government is inefficient and unreliable with the information it gathers. But those aren't the only concerns. When they accumulate and store all of our sensitive information, officials may also be arming themselves against us.

Just look at the VA.

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

50 responses to “VA Scandal: 'Medical records of whistleblowers have been accessed and…used to attempt to discredit the whistleblowers'

  1. And this is the reason why Obama wanted “all medical records to be electronic”. It totally destroys privacy. You can’t hack a paper record. You have to physically break in and steal it. Or if you are one of the powers that be, crudely walk in and look at it. An electronic record is of course vulnerable to hacking. Worse still, it can be accessed in the privacy of one’s own office without any pesky innocent bystanders being there to object.

    1. IDK, John, being a bit of a Luddite here.

      Burying the FedGov under a mountain of paperwork I could understand, but any hack (even a bad one) will tell you to leave the original/make duplicates of everything/save early, save often…

      If we’re talking about stealing/perusing everyone’s health information, you’re right. But, if you’re a whistleblower, or one of a handful, unless the info’s in your safe or safe-deposit box, it’s hardly more secure than if it’s on a hard drive.

      1. Rather, I should say, if the issue is internal social compromise, physical or electronic security/storage is pretty irrelevant.

      2. It is more secure for the simple reason that someone has to walk in and copy it or look at it. And that is harder to do and takes more brazenness than you think. If they are electronic, it only takes a click of a button in the privacy of your own office.

        1. Yes, but it’s harder to prove. The reason we know this happened is more than likely due to electronic auditing.

          There was no audit trail on a piece of paper.

          1. This here.

            You cannot access an electronic medical record without leaving an audit trail. The systems are designed to make this impossible. I don’t think even a top-level sysadmin can do it without leaving a trail, at least in hospital systems.

            That said, as electronic medical information propagates through the payment system or through various mandatory reporting systems, it leaves the high intensity security of the hospital system and becomes much more vulnerable. That’s the real danger.

            1. You cannot access an electronic medical record without leaving an audit trail. The systems are designed to make this impossible.

              Yeah, right. All that means is that people going through the regular user interface are supposed to leave a trail, and even that’s not guaranteed since the testing and validation of such systems is atrocious. But in addition to the regular user interface, the data can be accessed in the database, on the disk drive, and on backup.

        2. And that is harder to do and takes more brazenness than you think.

          Of all the things people willing to blackmail whistle-blower veterans for their disability compensation are running short on, I don’t think brazenness is it.

    2. A lot of the EPM/EMR systems Obamacare paid to put in a pre-internet systems that had been rejected previously by doctors and clinics.

      So doctor’s office, etc., have a lot of trouble sharing information because there are few common formats. What they end up doing is printing the records out and faxing or mailing them over to other clinics.

      What this means for thieves is that, if they steal files, they have to have the software to read it or manual comb through the files/databases to figure out what records goes with which patient. So at this point in time, the best thing a would-be EMR thief could do is the same thing that they’d do for a doctor’s office run on paper — corrupt an employee to supply paper copies of the records or steal an employee’s keys (in this case a password and a MFA token) to gain access to the software to print out the records.

      1. What they end up doing is printing the records out and faxing or mailing them over to other clinics.

        If they still fax, I’m nearly 100% positive they don’t do it any secure fashion. Mail would be harder, but not much. Either would be loads easier than turning/recruiting.

        But, as you point out, the proper clearances were in hand and no amount of physical or electronic encryption would prevent access.

    3. Of course, in this instance, the people who accessed the information probably had the “proper” access, so it wouldn’t have mattered if the records were paper or electronic.

    4. I’ve made $64,000 so far this year working online and I’m a full time student. I’m using an online business opportunity I heard about and I’ve made such great money. It’s really user friendly and I’m just so happy that I found out about it. Heres what I’ve been doing
      http://www.work-mill.com

    5. I’ve made $64,000 so far this year working online and I’m a full time student. I’m using an online business opportunity I heard about and I’ve made such great money. It’s really user friendly and I’m just so happy that I found out about it. Heres what I’ve been doing
      http://www.work-mill.com

    6. EMR requirements were passed as part of HIPAA and have nothing to do with Obama or Obamacare. There are many issues with the push to digitize medical records, but an Obama related conspiracy is not one of them.

      1. There is very little incentive for run of the mill hackers to go after electronic records (monetizable info in the records is accessed in other forms easier) however you guys shouldnt mistake software “security” features for actual security. Few EMR platforms use secure encryption, fewer doctors offices have the staff or resources to secure the servers the platforms run on.

  2. “In several cases, the medical records of whistleblowers have been accessed and information in those records has apparently been used to attempt to discredit the whistleblowers,”

    What’s with this passive voice bullshit?

    Start squeezing low-level weenies and work your way up until the big fish are in fucking prison.

  3. In regards to the post-Viet Nam vets, learning the hard way sucks but my sympathy for enablers only goes so far.

    1. How are they ALL enablers? And since when does the right to privacy only extend to those who hold appropriate political views?

      1. Since the government took over their medical care.

        Nice medical condition you got here. Be a shame if you couldn’t get care for it.

  4. all your base are belong to us

  5. Government functionaries breaking the law to discredit whistleblowers and conceal their own malfeasance?

    No
    fucking
    way.

  6. Obviously the solution is to remove the stigma from all, um, afflictions.

  7. Rest assured, the NSA spying and the FCC’s new massive powers over the internet have nothing to do with each other. There is a magical firewall between the agencies which are bad and the ones that are good.

    1. Wait – what are these “good” agencies of which you speak? I am not familiar with…any.

      1. If famous “anarchist” Noam Chomsky could identify them, then they exist, Q.E.D.

  8. Wait, didn’t Obama fix this already?

    1. If only Comrade Obama knew of these things! Surely he would put a stop to them.

    2. Yes, by trading a bunch of higher ups from the Taliban for a deserter who’s on trial IIRC.

      *This administration has had so many scandals I really can’t keep up anymore, so that may be inaccurate.

      1. This administration has had so many scandals I really can’t keep up anymore, so that may be inaccurate.

        In all fairness, more than once in recent history, I’ve recalled the history incorrectly, portraying the government in a bad light, only to have facts come to light or my teaching corrected such that the government factually lived down to my worst (false) expectations.

        The system and it’s administration is beyond parody.

  9. So this is what was meant by ‘the most transparent administration in history?’

    1. Despite the administration’s strenuous efforts, yes.

    2. I think we settled that: it is the administration with the most transparent lies. Heck, even Bush’s lies were less transparent than Obama’s.

  10. So which member of the administration is going down for HIPAA violations?

    1. The answer is likely none.

  11. These attempts to dig into their past to discredit what hey are saying is an outrage (so long as the dirt doesn’t have anything to do with owning slaves).

    1. NPR will be the judge of that.

  12. Is Carolyn any relation to Lois?

    1. My client has no comment!

      /Lerner’s counsel

  13. Hi

    1. What, forgot the sales pitch already? YOU ARE FIRED!

  14. My last pay check was $9500 working 12 hours a week online. My neighbors sister has been averaging 15k for months now and she works about 20 hours a week. I can’t believe how easy it was once I tried it out.
    =============================
    try this site ????? http://www.jobsfish.com
    =============================

    1. TOO LATE! Pack your e-bags and hit the bricks, bot.

      1. Maybe it can hire Lerner’s lawyer.

  15. But I’m sure the progs will stick stubbornly to their belief that anybody who doesn’t trust the government is crazy.

    1. Veterans vote mostly Republican, so they are evil racist war mongers and should be mistreated by government as punishment. /progressive

  16. I’m making $86 an hour working from home. I was shocked when my neighbour told me she was averaging $95 but I see how it works now.I feel so much freedom now that I’m my own boss.go to this site home tab for more detail…. http://www.navjob.com

  17. I’m making $86 an hour working from home. I was shocked when my neighbour told me she was averaging $95 but I see how it works now.I feel so much freedom now that I’m my own boss.go to this site home tab for more detail…. http://www.navjob.com

  18. Google pay 97$ per hour my last pay check was $8500 working 1o hours a week online. My younger brother friend has been averaging 12k for months now and he works about 22 hours a week. I cant believe how easy it was once I tried it out.
    This is wha- I do…… ?????? http://www.netjob80.com

Please to post comments

Comments are closed.