The House Veterans’ Affairs Committee will hold a hearing tomorrow to discuss the agency’s data security issues that allowed VA employees to change electronic records to cover-up the long patient wait times that were linked to veteran deaths earlier this year. 

In a report released Monday, the Government Accountability Office (GAO) said the VA failed to fully address previously identified security weaknesses. As of May, the report said the 10 most critical vulnerabilities were found in employee laptops in need of software updates.   

The VA said Monday it had failed its annual cyber security audit for the 16th year in a row.  

In prepared remarks, Stephen Warren, VA’s chief information officer and executive in charge of the Office of Information and Technology, said the VA is planning to issue a request for proposals to obtain a new scheduling software system in 2015.   

“Empowering employees with the most useful and effective technology is key to transforming the Veterans Health Administration,” he said.  

In it’s report, GAO recommended, the VA keep evidence from security incidents for three years, set deadlines for responding to security incidents and patch its security software programs.