A Desktop is Missing

The trials of the Veterans Administration (VA) continue as one of its contractors, Unisys, had a desktop computer stolen from its Reston Virginia offices . The computer which did have password protection included the unencrypted protected health information of 38,000 veterans who received healthcare services from the VA in Pennsylvania. Unisys was collecting VA healthcare fees from third party payers. Can anyone identify the HIPAA violation?

The VA is taking remedial action by contracting with ID Analytics to “conduct a computerized analysis across multiple industries to detect patterns of misuse and determine whether or not there is any suspicious activity specifically related to the May 3, 2006, laptop theft which threaten the personal records of 26 million veterans.”