First Friday Lunchtime Learning Sessions
New Requirements for Protecting VA Sensitive Information (1PDH)
Presented by Derek Kernus – DTS
Friday, May 12, 2023 | 12:00 pm – 1:00 pm EDT
MS Teams Virtual Platform | Earn 1 PDH each session
There’s a lot of buzz about protecting DoD Controlled Unclassified Information (CUI) because of CMMC, but have you heard about Veterans Affairs’ requirements for protecting its sensitive information?
VA Sensitive Information is defined in 48 CFR Part 802.101 as “All VA data, on any storage media or in any form or format, which requires protection due to the risk of harm that could result from inadvertent or deliberate disclosure, alteration, or destruction of the information and includes sensitive personal information. The term includes information where improper use or disclosure could adversely affect the ability of VA to accomplish its mission, proprietary information, records about individuals requiring protection under various confidentiality provisions such as the Privacy Act and the HIPAA Privacy Rule, and information that can be withheld under the Freedom of Information Act. Examples of VA sensitive information include the following: individually-identifiable medical, benefits, and personnel information; financial, budgetary, research, quality assurance, confidential commercial, critical infrastructure, investigatory, and law enforcement information; information that is confidential and privileged in litigation such as information protected by the deliberative process privilege, attorney work-product privilege, and the attorney-client privilege; and other information which, if released, could result in violation of law or harm or unfairness to any individual or group, or could adversely affect the national interest or the conduct of Federal programs.”