Health Care for Veterans: Answers to Frequently Asked Questions

The Veterans Health Administration (VHA), within the Department of Veterans Affairs (VA), operates the nation’s largest integrated direct health care delivery system, provides care to approximately 6.6 million unique veteran patients, and employs more than 287,000 full-time equivalent employees. While Medicare, Medicaid, and the Children’s Health Insurance Program (CHIP) are also publicly funded programs, most health care services under these programs are delivered by private providers in private facilities. In contrast, the VA health care system could be categorized as a veteran-specific national health care system, in the sense that the federal government owns the medical facilities, employs the health care providers, and directly provides the majority of health care services to veterans. It should be noted that VA health care is not a health insurance plan similar to what many individuals or employers purchase in the private health insurance market and does not have the same health insurance plan characteristics, such as coinsurances, deductibles, and premiums. This report provides responses to frequently asked questions about health care provided to veterans through the VHA. It is intended to serve as a quick reference to provide easy access to information. Where applicable, it provides the legislative background pertaining to the question

Children's Databases - Safety and Privacy

This report describes in detail the policy background, the systems that are being built, the problems with them, and the legal situation in the UK. An appendix looks at Europe, and examines in particular detail how France and Germany have dealt with these issues. Our report concludes with three suggested regulatory action strategies for the Commissioner: one minimal strategy in which he tackles only the clear breaches of the law, one moderate strategy in which he seeks to educate departments and agencies and guide them towards best practice, and finally a vigorous option in which he would seek to bring UK data protection practice in these areas more in line with normal practice in Europe, and indeed with our obligations under European law

Large emergency-response exercises: qualitative characteristics - a survey

Exercises, drills, or simulations are widely used, by governments, agencies and commercial organizations, to simulate serious incidents and train staff how to respond to them. International cooperation has led to increasingly large-scale exercises, often involving hundreds or even thousands of participants in many locations. The difference between ‘large’ and ‘small’ exercises is more than one of size: (a) Large exercises are more ‘experiential’ and more likely to undermine any model of reality that single organizations may create; (b) they create a ‘play space’ in which organizations and individuals act out their own needs and identifications, and a ritual with strong social implications; (c) group-analytic psychotherapy suggests that the emotions aroused in a large group may be stronger and more difficult to control. Feelings are an unacknowledged major factor in the success or failure of exercises; (d) successful large exercises help improve the nature of trust between individuals and the organizations they represent, changing it from a situational trust to a personal trust; (e) it is more difficult to learn from large exercises or to apply the lessons identified; (f) however, large exercises can help develop organizations and individuals. Exercises (and simulation in general) need to be approached from a broader multidisciplinary direction if their full potential is to be realized

A Worst Practices Guide to Insider Threats: Lessons from Past Mistakes

Insider threats are perhaps the most serious challenges that nuclear security systems face. All of the cases of theft of nuclear materials where the circumstances of the theft are known were perpetrated either by insiders or with the help of insiders; given that the other cases involve bulk material stolen covertly without anyone being aware the material was missing, there is every reason to believe that they were perpetrated by insiders as well. Similarly, disgruntled workers from inside nuclear facilities have perpetrated many of the known incidents of nuclear sabotage. The most recent example of which we are aware is the apparent insider sabotage of a diesel generator at the San Onofre nuclear plant in the United States in 2012; the most spectacular was an incident three decades ago in which an insider placed explosives directly on the steel pressure vessel head of a nuclear reactor and then detonated them.While many such incidents, including the two just mentioned, appear to have been intended to send a message to management, not to spread radioactivity, they highlight the immense dangers that could arise from insiders with more malevolent intent. As it turns out, insiders perpetrate a large fraction of thefts from heavily guarded non-nuclear facilities as well. Yet organizations often find it difficult to understandand protect against insider threats. Why is this the case?Part of the answer is that there are deep organizational and cognitive biases that lead managers to downplay the threats insiders pose to their nuclear facilities and operations. But another part of the answer is that those managing nuclear security often have limited information about incidents that have happened in other countries or in other industries, and the lessons that might be learned from them.The IAEA and the World Institute for Nuclear Security (WINS) produce"best practices" guides as a way of disseminating ideas and procedures that have been identified as leading to improved security. Both have produced guides on protecting against insider threats.5 But sometimes mistakes are even moreinstructive than successes.Here, we are presenting a kind of "worst practices" guide of serious mistakes made in the past regarding insider threats. While each situation is unique, and serious insider problems are relatively rare, the incidents we describe reflect issues that exist in many contexts and that every nuclear security manager should consider. Common organizational practices -- such as prioritizing production over security, failure to share information across subunits, inadequate rules or inappropriate waiving of rules, exaggerated faith in group loyalty, and excessive focus on external threats -- can be seen in many past failures to protect against insider threats