UPDATED: House drafts bill to improve VA's data security

Editor's note: This story was updated at 4:35 p.m. July 20, 2006, to correct the name of the bill from the Veterans Identity and Credit Protection Act of 2006 to the Veterans Identity and Credit Security Act of 2006.

The House Committee on Veterans’ Affairs has drafted the Veterans Identity and Credit Security Act of 2006 in response to the May 3 theft of a laptop computer and hard drive containing personal information on more than 26 million service personnel.

The committee heard comments on the proposed legislation today and plans to mark up the bill July 20. Lawmakers hope to get the bill to the floor next week.

The act calls for the creation of a new undersecretary for information services at the VA, who would also serve as its chief information officer. The Office of the Undersecretary for Information Services would include three deputy undersecretaries: one for security, who would also serve as the department's senior information security officer; one for operations and management; and one for policy and planning, according to the draft bill summary.

“The bill makes much needed changes to the VA culture of indifference, which we heard so much about during our oversight hearings," said Rep. John Salazar (D-Colo.). "By ensuring that VA officials have both resources and authority to implement IT security, it is my hope we can prevent future breaches of data, especially those on the magnitude of the one we saw this year."

“The idea that your identity could be stolen, your credit ruined and your life impacted in such a negative way is absolutely unsettling," said Rep. Marsha Blackburn (R-Tenn.). "It's our responsibility to bring as much reassurance and assistance as possible to those veterans who have been touched by this theft.”