Who We Are
The VA Data Breach Response Service (DBRS) is responsible for handling all Privacy and Security related events that are entered into the Privacy and Security Events Tracking System (PSETS) on a first come first serve basis. The Data Breach Response Service (DBRS) team consists of individuals that have extensive experience in the Information Security and Privacy within the VA and VA HealthCare field. The DBRS reviews each incident and decisions are based on Federal and VA-specific data breach response requirements. The DBRS works to ensure that all decisions on Privacy and Security related incidents are dealt with in a timely manner and in accordance with Federal and VA-specific incident resolution guidelines. Complex breaches are referred to the National Data Breach Core Team (DBCT). The DBCT is chaired by the Director, Data Breach Response Service and membership consists of the entire DBRS staff and representatives of the Office of General Counsel, VHA Privacy Service, OIT Privacy Service, Field Security Service, Office of Congressional and Legislative Affairs, Office of Public and Intergovernmental Affairs, Board of Veterans Appeals, Veterans Health Administration, National Cemetery Administration, Human Resources Information Service, and Office of Acquisition and Logistics. Those incidents that require input from the DBCT are discussed on a weekly basis.
What We Do
The mission of the Data Breach Response Service is to handle all Privacy and Security related events on a national level that are entered into the Privacy and Security Events Tracking System on a first come first serve basis and to interact with the Privacy Officers and Information Security Officers in the field and the National Data Breach Core Team. The DBRS determines along with the DBCT on complex issue whether Veterans, dependents, employees and other get offers for credit protection services and or notification that their information may have been compromised. The DBRS is required by Public Law 109-461 to report monthly to Congress on data breaches with in the VA. The DBRS is also responsible for submitting any Protected Health Information (PHI) breach information to U.S. Department of Health and Human Services (HHS) as required by law.