Loading...

Attention A T users. To access the menus on this page please perform the following steps. 1. Please switch auto forms mode to off. 2. Hit enter to expand a main menu option (Health, Benefits, etc). 3. To enter and activate the submenu links, hit the down arrow. You will now be able to tab or arrow up or down through the submenu options to access/activate the submenu links.

Data Breach Response Service

Menu
 

Who We Are

The VA Data Breach Response Service (DBRS) is responsible for handling all Privacy and Security related events that are entered into the Privacy and Security Events Tracking System (PSETS) on a first come first serve basis. The Data Breach Response Service (DBRS) team consists of individuals that have extensive experience in the Information Security and Privacy within the VA and VA HealthCare field. The DBRS reviews each incident and decisions are based on Federal and VA-specific data breach response requirements. The DBRS works to ensure that all decisions on Privacy and Security related incidents are dealt with in a timely manner and in accordance with Federal and VA-specific incident resolution guidelines. Complex breaches are referred to the National Data Breach Core Team (DBCT). The DBCT is chaired by the Director, Data Breach Response Service and membership consists of the entire DBRS staff and representatives of the Office of General Counsel, VHA Privacy Service, OIT Privacy Service, Field Security Service, Office of Congressional and Legislative Affairs, Office of Public and Intergovernmental Affairs, Board of Veterans Appeals, Veterans Health Administration, National Cemetery Administration, Human Resources Information Service, and Office of Acquisition and Logistics. Those incidents that require input from the DBCT are discussed on a weekly basis.

What We Do

The mission of the Data Breach Response Service is to handle all Privacy and Security related events on a national level that are entered into the Privacy and Security Events Tracking System on a first come first serve basis and to interact with the Privacy Officers and Information Security Officers in the field and the National Data Breach Core Team. The DBRS determines along with the DBCT on complex issue whether Veterans, dependents, employees and other get offers for credit protection services and or notification that their information may have been compromised. The DBRS is required by Public Law 109-461 to report monthly to Congress on data breaches with in the VA. The DBRS is also responsible for submitting any Protected Health Information (PHI) breach information to U.S. Department of Health and Human Services (HHS) as required by law.