QUOTE (Rad @ May 8 2009, 08:13 PM)
Sadly, the U.S. doesn't give a damn about it's citizen's health care, and will likely be far more interested in catching and prosecuting the hacker than getting those records back.
"Back"? How do you get something back which can have infinite copies? VA still has the original copies, from my understanding. I don't know that there is a safe way to secure the data without either a) catching the hacker or b) paying off the hacker, with a being extremely difficult and possibly illegal, and b encouraging the same behavior in the future.
The only real long-term solution is to make hacking systems run a risk beyond that of legal repurcussions. Perhaps if we installed automated defenses that KILL the hacker if he trips them, the percentage chance of DEATH would make hacking less attractive. Otherwise, we're basically stuck with our thumbs up our collective hoop.