A physician's assistant allegedly downloaded patient data at the Veterans Affairs Department's Atlanta medical center, accessing as much as 18 years' worth of patient data.

"The department has not disclosed the number of patients involved in the incident, what kind of personal data was copied, or whether it plans to notify the veterans whose records were downloaded," writes Nextgov's Bob Brewin.

"The breach illustrates the need for patients, not clinicians, to control their medical records, said Dr. Deborah Peel, founder of Patient Privacy Rights, a nonprofit based in Austin, Texas, that works to ensure medical information remains restricted," Brewin writes. "She said control should include a requirement to obtain a patient's consent to send clinical information to another doctor or to use it for research."

Click here to read the Nextgov article.