Baker conceded that the network links investigated by the IG's office were not using encryption but insisted the data was not traversing the public Internet.
When the complaint reached the VA last year, the agency's IT team inspected the communications circuits that were involved, reviewed all associated network equipment and interviewed network administrators, Baker said. "All of the findings conclusively substantiated that traffic is traversing only VA's private network," he said
Even so, the VA's IT organization has initiated a comprehensive review to ensure that sensitive data is being routed in a secure manner, he noted.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about government it in Computerworld's Government IT Topic Center.