From problems with managing its case load to falsifying documents related to patient care, the U.S. Department of Veterans Affairs doesn't seem to be taking security seriously, Federal Nws Radio reports. The VA failed its Federal Information Security Management Act Audit for Fiscal Year 2014, but the news agency has reported that the VA is in the wake of taking action to fix its cybersecurity vulnerabilities and deficiencies.

Oh, the surprise. This marks the 16th consecutive year the VA has failed the cybersecurity audit. In the age of the cyberattack, are we not in dangerous territory? While the audit found that the agency has made progress in creating security policies and procedures, it also determined that problems remain in implementing its security risk management program.

"Weaknesses in access and configuration management controls resulted from VA not fully implementing security standards on all servers, databases and network devices," the report reads. "VA also has not effectively implemented procedures to identify and remediate system security vulnerabilities on network devices, database and server platforms VA-wide."

According to the Washington Free Beacon, two years after a major security breach compromised the personal information of more than 4,000 veterans, the VA continues to suffer from security weaknesses.

"While the Department of Veterans Affairs (VA) has taken actions to mitigate previously identified vulnerabilities, it has not fully addressed these weaknesses," according to a new report from the Government Accountability Office (GAO). "Until the VA fully addresses previously identified security weaknesses, its information is at heightened risk of unauthorized access, modification, and disclosure and its systems at risk of disruption."

The GAO has leveled tough criticism on the government agency for their apparent lack of security. Among the problems cited in a report in April, the VA's Office of Inspector General reported that two VA contractors had improperly accessed the VA network from foreign countries using personally owned equipment, to say nothing of the recent news in which experts suggest that former secretary of state and presidential candidate Hillary Clinton's own servers may have been hacked.

That's in addition to a report GAO previously had released in November saying that while the VA had taken action to address previously identified IT vulnerabilities, it did not do enough to prevent future problems.

The GOA reports that the VA is bringing up its security management role to oversee info security officers at VA facilities, as well as the security operations center. However, it is worth nothing that despite the negative attention that continues to be levied on the VA, FierceHealthIT reports that fewer veterans are being impacted by data breaches, falling by 65 percent in March, compared to February.