Policy Visualization

Bill Overview

Title: SVAC Act of 2022

Description: SVAC Act of 2022 This act requires the Department of Veterans Affairs (VA) to seek to enter into an agreement with a federally funded research and development center to provide a cybersecurity assessment of five high-impact VA information systems and the effectiveness of the VA's information security program and information security management system. The VA must submit a plan to Congress to address the findings of the assessment. The Government Accountability Office must review the assessment and the VA's response to the assessment and report its findings to Congress.

Sponsors: Rep. Mrvan, Frank J. [D-IN-1]

Target Audience

Population: People who use Veterans Affairs services and systems

Estimated Size: 15500000

The primary impact of the bill is on the Department of Veterans Affairs, specifically its information systems and cybersecurity measures.
Upon implementation, the bill affects potentially every veteran who relies on VA services, as their personal data could be better protected.
Increased cybersecurity may also impact VA employees who work with these information systems, providing them with better tools and resources to protect veteran information.
The bill mandates actions from the VA, which might include hiring or consulting cybersecurity experts and technicians, influencing this job market.

Reasoning

The primary target population for this policy consists of U.S. veterans, many of whom utilize VA services regularly. Cybersecurity is crucial for protecting their personal information and ensuring the continuity of services without breaches or data losses.
Some VA employees, particularly those in IT and administrative positions, would experience changes, including possible training on new systems or cybersecurity protocols.
Budget considerations suggest that the financial impact on individual veterans directly will be minimal, as the focus is on systemic improvements within the VA.
Given the limited budget, the policy is unlikely to have a direct material effect on individuals, but it could improve the overall security and efficiency of VA services.
The policy's effects may not be immediately perceptible in terms of day-to-day experiences for veterans using VA services, but their data will be better protected.

Simulated Interviews

Retired Veteran (Houston, TX)

Age: 65 | Gender: male

Wellbeing Before Policy: 6

Duration of Impact: 10.0 years

Commonness: 8/20

Statement of Opinion:

I appreciate any effort to improve the security of my information. I've heard about data breaches before and it's concerning.
It sounds like this will mostly help with behind-the-scenes improvements, which are needed.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	6	6
Year 2	6	6
Year 3	6	6
Year 5	7	6
Year 10	7	6
Year 20	7	6

VA Healthcare Employee (Boston, MA)

Age: 35 | Gender: female

Wellbeing Before Policy: 7

Duration of Impact: 10.0 years

Commonness: 6/20

Statement of Opinion:

I think this Act is a step in the right direction, considering how vital cybersecurity is today.
It might mean more work for us initially, but ultimately it's about ensuring veterans' data is safe.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	7	7
Year 2	7	7
Year 3	8	7
Year 5	8	7
Year 10	8	7
Year 20	7	6

Veteran Affairs Benefits Counselor (San Diego, CA)

Age: 48 | Gender: other

Wellbeing Before Policy: 5

Duration of Impact: 5.0 years

Commonness: 4/20

Statement of Opinion:

It's a tough job keeping up with all the paperwork and systems.
If this makes our systems more secure and faster, it indirectly helps me, too.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	6	5
Year 2	6	5
Year 3	6	5
Year 5	6	5
Year 10	6	5
Year 20	6	5

Cybersecurity Consultant (Seattle, WA)

Age: 29 | Gender: male

Wellbeing Before Policy: 8

Duration of Impact: 3.0 years

Commonness: 2/20

Statement of Opinion:

It's exciting to be part of a project that improves national infrastructure, especially for veterans.
This could lead to more job opportunities in cybersecurity, which is my field.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	9	8
Year 2	9	8
Year 3	9	8
Year 5	8	8
Year 10	8	8
Year 20	7	7

Veteran Affairs Administrator (Chicago, IL)

Age: 55 | Gender: female

Wellbeing Before Policy: 6

Duration of Impact: 7.0 years

Commonness: 5/20

Statement of Opinion:

This Act is necessary as we've encountered security issues before that disrupt our work.
Having a more robust system helps us focus on our services without worrying about security breaches.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	6	6
Year 2	7	6
Year 3	7	6
Year 5	7	6
Year 10	8	6
Year 20	8	5

Retired Veteran (Miami, FL)

Age: 74 | Gender: male

Wellbeing Before Policy: 5

Duration of Impact: 5.0 years

Commonness: 7/20

Statement of Opinion:

It's hard to say how this will affect me personally, but I hope they can keep my records safe.
I've always used VA and trust them to take care of my needs including my information.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	5	5
Year 2	5	5
Year 3	6	5
Year 5	6	5
Year 10	6	5
Year 20	5	5

Veteran Support Group Leader (Denver, CO)

Age: 43 | Gender: female

Wellbeing Before Policy: 6

Duration of Impact: 5.0 years

Commonness: 5/20

Statement of Opinion:

Many veterans are concerned about privacy and security so this is a welcome change.
While it doesn't directly impact my work, the safety of our data is a constant concern.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	6	6
Year 2	6	6
Year 3	6	6
Year 5	6	6
Year 10	6	6
Year 20	6	6

Veteran Affairs Policy Analyst (New York, NY)

Age: 50 | Gender: other

Wellbeing Before Policy: 7

Duration of Impact: 10.0 years

Commonness: 3/20

Statement of Opinion:

Overall, strengthening cybersecurity aligns with our goal to streamline services while safeguarding data.
This could potentially lead to more efficient processes in the long term.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	7	7
Year 2	7	7
Year 3	8	7
Year 5	8	7
Year 10	8	7
Year 20	7	6

Veteran Affairs IT Worker (Phoenix, AZ)

Age: 30 | Gender: male

Wellbeing Before Policy: 7

Duration of Impact: 5.0 years

Commonness: 4/20

Statement of Opinion:

This Act will bring much-needed updates to our systems and help establish stronger protocols.
It might require more training but that's only going to improve the way we handle things here.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	8	7
Year 2	8	7
Year 3	8	7
Year 5	8	7
Year 10	8	6
Year 20	7	5

Veteran Affairs Nurse (Atlanta, GA)

Age: 60 | Gender: female

Wellbeing Before Policy: 7

Duration of Impact: 10.0 years

Commonness: 6/20

Statement of Opinion:

I don't deal directly with IT, but any policy that ensures my patients' data is safe is a positive.
I hope this provides us with better systems for patient documentation as well.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	7	7
Year 2	7	7
Year 3	7	7
Year 5	7	7
Year 10	8	7
Year 20	7	7

Cost Estimates

Year 1: $10000000 (Low: $7000000, High: $13000000)

Year 2: $10000000 (Low: $7000000, High: $13000000)

Year 3: $0 (Low: $0, High: $0)

Year 5: $0 (Low: $0, High: $0)

Year 10: $0 (Low: $0, High: $0)

Year 100: $0 (Low: $0, High: $0)

Key Considerations

Estimate for each high-impact VA system assessment costs are based on cybersecurity market costs.
Cost and savings estimates are uncertain due to variables such as evolving technological threats and the extent of cybersecurity upgrades required.
The interplay between enhanced cybersecurity and trust in VA services could indirectly influence the efficiency and effectiveness of VA operations.