- The Washington Times - Wednesday, January 1, 2003


The Defense Department is computerizing the medical records of all military personnel and their families, but just as the project gets past the experimental phase, officials are grappling with the theft of thousands of records from a Pentagon health care contractor.

The theft from an Arizona company last month of computer hard drives containing more than 500,000 records with Social Security numbers, medical-claims histories and other private information could become one of the largest identity thefts on record if the information is misused, the Federal Trade Commission said.

"I am not aware of a larger case, but at this point we don't know if any people have experienced identity theft," said Betsy Broader, assistant director of the FTC's division of planning and information.

The U.S. Attorney's Office in Phoenix planned to announce a reward yesterday to help capture the culprits, said TriWest Healthcare Alliance.

Authorities said thieves took computer equipment and files with the sensitive information during a break-in on Dec. 14 at TriWest, a defense contractor based in Phoenix that provides managed health care for military personnel in 16 states.

With a person's name, birth date and Social Security number, someone easily could open credit accounts and create fake documents such as driver's licenses, Miss Broader said. Officials say they do not know the motives or skill levels of the thieves.

David McIntyre, TriWest president and chief executive, said health care service would not be disrupted because of the theft.

The breach comes as the Pentagon builds a network to computerize the military health care system, including the patient records of 8.7 million service members, retirees and their families who receive medical care under its programs.

The Pentagon is planning to roll out the project at up to seven military hospitals across the nation after successfully testing the concept at four locations. The system eventually will be expanded worldwide.

The Defense Department hailed the Composite Health Care System II, or CHCS II, as a potential "data gold mine" for military physicians and other health care professionals that will provide quick and easy access to military-patient records worldwide.

Though the TriWest computers had no connection to the larger project, they did include information gathered for military health care, including names, addresses, medical-claim histories and a small number of credit-card numbers.

Pentagon officials, nonetheless, are taking the breach "very seriously" and are "going to learn from this issue and do what's necessary" to better guard such information, spokesman Jim Turner said.

When the computerization of military health records is completed, the bigger threat won't be a physical removal of computer hard drives but rather the potential theft of records from hackers who try to break into military computer networks, officials said.

Privacy analysts are on the lookout for potential security lapses or unnecessary intrusions into personal details as the Pentagon puts more such information in digital form.

"This makes it easier to find the information but also makes it easier for criminals" to access it, Ari Schwartz, associate director at the Center for Democracy and Technology, said of CHCS.

The Pentagon has received an "F" grade for computer security from the House Government Reform subcommittee on government efficiency, financial management and intergovernmental relations.

Sign up for Daily Newsletters

Copyright © 2019 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times welcomes your comments on Spot.im, our third-party provider. Please read our Comment Policy before commenting.


Click to Read More and View Comments

Click to Hide