Hezekiah Green, Jr. v. Robert A. McDonald

ORDER

PER CURIAM.

Pending before the Court is Mr. Green’s May 13, 2016, motion, which seeks an order compelling the Secretary to grant his attorney “read-only access” to Mr. Green’s Veterans Benefits Management System (VBMS) file.1 Because there is no statutory *283or regulatory right to remote2 read-only access to VBMS, including a claimant’s electronic claims file, and the Court finds reasonable the Secretary’s procedure that allows an appellant or his representative read-only access to VBMS at the VA General Counsel’s office or at a VA regional office (RO), the Court will deny Mr. Green’s motion.

I. BACKGROUND

On March 1, 2016, Mr. Green filed a Notice of Appeal from a January 15, 2016, Board of Veterans’ Appeals (Board) decision that denied claims for disability compensation for a bilateral eye disorder and for disability ratings in excess of 10% for left and right lower extremity radiculopa-thy. On April 28, 2016, the Secretary served Mr. Green with a copy of the record before the agency (RBA) and certified to the Court that the RBA had been served pursuant to Rule 10(a)(5) of the Court’s Rules of Practice and Procedure (Rules). Pursuant to Rule 10(b), any motion disputing the content of the RBA was due 14 days after service of the RBA. U.S. Vet. App. R. 10(b).

A. Appellant’s Motions

On May 13, 2016, Mr. Green filed motions seeking an order (1) compelling the Secretary to grant his attorney remote read-only access to his VBMS file, and (2) staymg proceedings until the Secretary grants his attorney remote read-only access. Mr. Green asserted that a stay of proceedings was necessary because he was unable to determine whether to file a motion pursuant to Rule 10(b) disputing the RBA without first having access to VBMS. On May 27, 2016, the Court stayed the appeal pending further order of the Court.

In his motion for remote read-only access, Mr. Green explained that the Board decision on appeal identified an error in VBMS3 and, therefore, access to VBMS is necessary to ascertain whether an RBA dispute exists. Appellant’s Mot. at 2. Mr. Green stated that on April 26, 2016, his attorney asked the Secretary’s counsel for read-only access to VBMS and upon being referred to an employee at the VA central office, his attorney was informed that “it was VA’s policy to require Court attorneys to also be accredited representatives before the VA before VBMS read-only access would be granted.” Id.

Mr. Green argued that, read together, 38 C.F.R. §§ 1.600(b)(1) and 1.601(a)(2) afford an attorney of record in proceedings at the Court the right to “ ‘read-only access to VBA automated claims records from a location other than a VA [RO].’ ” Id. at 1 (quoting 38 C.F.R. § 1.601(a) (2016)). Mr. Green further argued that the *284regulations do not give the Secretary discretion to impose, via internal policy, an additional accreditation requirement on attorneys before the Court. Id, at 1-2. Mr. Green indicated that an order compelling the Secretary to provide remote read-only access is consistent with Rule 10(d), which provides that “ ‘the Secretary shall permit a party or a representative of a party to inspect and to copy, subject to reasonable regulation by the Secretary, any original material in the [RBA] that is not subject to a protective order.’ ” Id, at 3 (quoting U.S. Vet. App. R. 10(d)) (emphasis added). Finally, Mr. Green contended that the ABA Model Code of Professional Conduct and VA regulations require his attorney to represent him with competence and diligence and that to ensure completeness of the RBA his attorney “requires” read-only access to the VBMS file. Id. at 4.

In response, the Secretary argued that Mr. Green’s attorney had not been denied read-only access to VBMS. Secretary’s Opposition at 3-4. Rather, the Secretary asserted that he had offered Mr. Green’s counsel the same opportunity to review the claims file that he had been offering attorneys representing appellants at the Court when the claims file was maintained in paper format: Mr. Green’s attorney may review the VBMS file at either the VA General Counsel’s office or at a VA RO of the appellant’s counsel’s choosing. Id. The Secretary explained that he does not require attorneys representing appellants before the Court to become accredited to access an appellant’s files in person. Id. at 3. The Secretary stated that VA has procedures and protocols in place that require accreditation for remote read-only access because “it is the only means by which VA can protect its internal system which contains highly sensitive records.” Id. at 4.

The Secretary further argued that §§ 1.600-.603 are inapplicable to VBMS, arguing that these regulations—enacted prior to the implementation of VBMS— apply to “remote access to ‘automated [VBA] claims records’ which is limited ‘only to the inquiry commands of the Benefits Delivery Network [ (BDN) ]’ which, in turn, provides access to very specific data.” Id. at 5 (quoting 38 C.F.R. § 1.600(a)(1), (c)(1) (2016)). Assuming that the regulations apply to VBMS, the Secretary argued that the regulations do not confer an enforceable right. Id. at 5 n.5; see 38 C.F.R. § 1.600(d)(2) (2016).

Finally, the Secretary asserted that “[t]he manner in which VA chooses to provide access to its electronic records system is an administrative matter ..., and not a question of fact or law necessary to a decision over which the Court has jurisdiction.” Secretary’s Opposition at 8. He argued that the decision to extend remote access is discretionary and subject to reasonable regulations imposed by the Secretary to safeguard VA’s electronic records system. Id. at 8-9.

On June 8, 2016, the Court granted Mr. Green leave to file a reply to the Secretary’s opposition. Mr. Green argued, among other things, that the Secretary has no authority to dictate the procedures governing representation at the Court and that the Court has jurisdiction to address this issue because it affects the Court’s efficiency and the accuracy and completeness of the record. Reply at 3-4. Additionally, Mr. Green maintained that offering representatives at the Court access to VBMS at a VA RO is not meaningful or reasonable access, alleging that traveling to the RO is an undue and unnecessary hardship. Id. at 5-6. Finally, Mr. Green’s attorney stated that she is not seeking to become accredited by VA because she practices exclusively at the Court, and that the Secretary has failed to demonstrate why accreditation is a “reasonable regula*285tion by the Secretary” under Rule 10 (d). Id. at 6.

B. Supplemental Memoranda of Law

On June 6, 2016, the case was submitted to a panel to address the merits of Mr. Green’s motion for remote read-only access to VBMS, and, on June 14, 2016, the Court ordered the parties to submit mem-oranda of law addressing the following:

(1) Sections 1.600 through 1.603, title 38, of the Code of Federal Regulations, formerly §§ 14.640-14.643 promulgated in 1994, refer to “automated [VBA] claims records” and “automated claimants’ claims records.” Given that VBMS was implemented by VA nearly 20 years after the regulations were promulgated, explain whether these regulations govern remote read-only access to VBMS, which the Secretary concedes is “the only system through which a claimant’s e-folder is reviewable.” Secretary’s Opposition at 2, n.2.
(2) If “automated [VBA] claims records” and “automated claimants’ claims records” identified in §§ 1.600-1.603 do not include VBMS records, identify what systems the regulations refer to, describe the data that may be accessed, and state whether VA continues to utilize these systems following the advent of VBMS.
(3) If §§ 1.600-1.603 do not pertain to VBMS, inform the Court what, if any, regulations, policies, handbooks, or other internal VA guidance govern the requirements, policies, and procedure for granting representatives and attorneys read-only remote access to VBMS, including the appellant’s undisputed assertion that the Secretary requires all attorneys to be accredited by VA to obtain remote access. See Appellant’s Mot[.] at 1-2; Secretary’s Opposition at 4 (referring to “procedures and protocols VA currently has in place for appellant’s counsel to obtain remote read-only access to VBMS”).
(4)The Secretary asserts that how VA chooses to provide access to its electronic records is an administrative matter over which the Court lacks jurisdiction. Secretary’s Opposition at 8. Please address the Court’s jurisdiction in light of (a) the procedural posture of this case and (b) Rule 10(d)’s requirement that the Secretary “shall permit a party or representative of a party to inspect and copy, subject to reasonable regulation by the Secretary, any original material in the record before the agency,” U.S. Vet. App. R. 10(d), and the Secretary’s position in Robinson v. McDonald, that “electronic claims files in VBMS must be treated as originals for the purpose of admissibility in evidence before the Court.” Secretary’s Corrected Response to the Court’s Dec. 11, 2016, order at 19, Robinson v. McDonald, U.S. Vet. App. No. 16-0715 (submitted to panel Jan. 8, 2016).

Green v. McDonald, U.S. Vet. App. No. 16-0174 (June 14, 2016) (per curiam order).

In his supplemental memorandum of law, Mr. Green maintained that §§ 1.600-.603 govern access to VBMS. Appellant’s Memorandum (Mem.) at 1-3. Noting that the regulations specifically govern “read-only access to the automated [VBA] claims records,” Mr. Green asserted that VA’s use of the phrase “read-only access” indicates that the regulation is intended to provide representatives the opportunity to review their clients’ claims files. Id. at 3. Additionally, Mr. Green averred that the Court has jurisdiction to determine whether the Secretary’s regulations provide a reasonable opportunity to inspect and copy original material in the VBMS file. Id. at 6; see Rule 10(d).

*286Taking the contrary position, the Secretary maintained that the regulations relating to remote read-only access are inapplicable to VBMS. Secretary’s Mem. at 3. The Secretary asserted that §§ 1.600-.603 by their plain language apply only to the BDN4 and the specific data and information enumerated in § 1.601(c)(1). Id. The Secretary stated that the Privacy Act, 5 U.S.C. § 552a, and 38 U.S.C. §§ 5701 (Confidential Nature of Claims) and 7332 (Confidentiality of Certain Medical Records), govern VA’s disclosure of claimants’ records, and that none of these laws or their implementing regulations require VA to provide remote access to VA claims files. Id. at 7-8; see also 38 C.F.R. §§ 1.500-.525 (2016) (Release of Information from Department of Veterans Affairs Claimant Records) and 38 C.F.R. §§ 1.575-.582 (2016) (Safeguarding Personal Information in Department of Veterans Affairs Records). Nonetheless, the Secretary acknowledged that remote access inures to the benefit of veterans and eases the process of representation, and stated that he has been endeavoring to provide remote access to individuals representing claimants before VA. Secretary’s Mem. at 9.

To provide remote access, the Secretary further explained that he is required to adhere to certain information security requirements, including those presented in the Federal Information Security Modernization Act of 2014 (FISMA), codified at 44 U.S.C. §§ 3551-58; minimum security standards established by the National Institute of Technology (NIST); and policies and procedures issued by the director of the Office of Management and Budget (OMB), see 44 U.S.C. § 3554(a)(l)(B)(i), (iii). Secretary’s Mem. at 9-14; see also 40 U.S.C. § 11331 (requiring the director of OMB to promulgate information security standards that include the minimum security requirements determined by NIST and that are otherwise necessary to improve efficiency and security); NIST Federal Information Processing Standard (FIPS) 200, Minimum Security Requirements for Federal Information and Information Systems (Mar. 2006); FIPS 201-02, Personal Identity Verification (PIV) of Federal Employees & Contractors (Aug. 2013); NIST Special Publication 800-53 Rev. 4, Security and Privacy Controls for Federal Information Systems and Organizations (Apr. 2013).

According to the Secretary, Homeland Security Presidential Directive-12 (HSPD-12) further requires VA to implement the use of PIV cards for logistical access to VA networks and information systems.5 Id. at 11. The procedures for obtaining a PIV card include fingerprinting, a background investigation, and security training. Id. Additionally, the Secretary maintained that “as the system is currently constructed, a [power of attorney (POA) ] code is central to limiting access within VBMS only to those records a representative has been authorized to access by a claimant” and, “[a]t present, the only way to assign a POA code is through VA accreditation.” Id. at 12.

*287Finally, the Secretary argued that the determination to grant remote access and the manner in which such access is granted is purely discretionary and outside the Court’s jurisdiction. Id, at 17. The Secretary averred that he is not requiring accreditation for access to the original record under Rule 10(d) or to practice before the Court, but that the Secretary’s additional security requirements for remote read-only access to VA’s internal system are reasonable. Id. at 16.

C. Oral Argument

At oral argument, Mr. Green reiterated his contentions that his attorney has a right to remote read-only access to VBMS pursuant to 38 C.F.R. §§ 1.600-.603. Oral Argument (O.A.) at 1:40-53, Green v. McDonald, U.S. Vet. App. 16-740 (argued Aug. 25, 016), http://www.uscourts.cavc. gov/oraLarguments_audio.php. Mr. Green further argued that the Secretary’s July 19, 2012, notice in the Federal Register, which announced VA’s proposal to add VBMS to its existing system of records, essentially redefined “automated VBA claims records” in the regulations to include VBMS. O.A. at 1:58-2:22 (referring to 77 Fed. Reg. 42,599-42,600 (discussing VA’s “Policies and Practices for ... Accessing ... Records in the System” and “Safeguards” that refer to granting attorneys remote online access to a “claimant’s automated claims records”)). Notably, Mr. Green argued that his attorney represents veterans solely at the Court and does not desire to become accredited to practice before VA. O.A. at 8:40-56.

The Secretary urged the Court to deny Mr. Green’s motion for remote read-only access to VBMS because (1) Mr. Green’s counsel has access to the VBMS file at her local RO and, therefore, VA is complying with Rule 10(d); (2) remote access triggers additional information-security safeguards, which are mandated by other Federal law over which the Court does not have jurisdiction; (3) the determination that accreditation is part of the process to receive remote access is an internal management decision committed to VA’s discretion and not reviewable by the Court; and (4) the regulations that Mr. Green relies on do not create a right to remote access to VBMS. O.A. at 16:45-17:35. When asked to explain how or in what manner accreditation addresses VA’s security concerns, the Secretary reiterated unwaveringly that the accreditation requirement is a management decision and the only way VA can protect the privacy of records within its technological limitations. O.A. at 21:37-22:25, 23:20-24:10, 35:22-36:42.

II. ANALYSIS

The fundamental disputes in this case are whether Mr. Green’s attorney has a right to remote read-only access to Mr. Green’s VBMS file under 38 C.F.R. §§ 1.600(b)(1) and 1.601(a)(2), and whether the Secretary’s policies and procedures for providing an appellant or his representative an opportunity to inspect and copy any original material in the RBA are reasonable pursuant to Rule 10(d).

A. Jurisdiction

This Court has the power, “to the extent necessary to its decision and when presented,” to “decide all relevant questions of law, interpret constitutional, statutory, and regulatory provisions, and determine the meaning or applicability of the terms of an action of the Secretary.” 38 U.S.C. § 7261. In furtherance of this authority, Congress provided the Court with “broad discretion to prescribe, interpret, and apply its own rules.” Checo v. Shinseki, 748 F.3d 1373, 1377 (Fed. Cir. 2014); see 38 U.S.C. § 7264(a).

As the Court recently stated in Robinson v. McDonald, 28 Vet.App. 178, 184 (2016), Rule 10(a) mirrors the requirement *288in 38 U.S.C. § 7252(b) that “[rjeview in the Court shall be on the record of proceedings before the Secretary and the Board.” See U.S. Vet. App. R. 10(a) (providing that the RBA shall include “all materials that were contained in the claims file on the date the Board issued the decision from which the appeal was taken,” as well as “any other material from the record before the Secretary and the Board relevant to the decision on appeal”). In keeping with the adversarial nature of proceedings before the Court, Rule 10(b) allows an appellant to contest the content of the RBA provided by the Secretary. U.S. Vet. App. R. 10(b). To assist an appellant in determining whether the RBA is accurate and complete, Rule 10(d) requires the Secretary to allow “a party or a representative of a party to inspect and to copy, subject to reasonable regulation by the Secretary, any original material in the [RBA] that is not subject to a protective order.” U.S. Vet. App. R. 10(d) (emphasis added).

In this case, the parties disagree whether the Secretary’s policy permitting a party or a representative of a party to review an appellant’s VBMS file at the General Counsel’s office or a local RO complies with the requirement in Rule 10(d), or whether Mr. Green’s attorney has a broader right to remote read-only access. Because this case implicates the Secretary’s compliance with Rule 10(d) and the Court clearly has jurisdiction to enforce its own rules, the Court has jurisdiction to determine whether the Secretary’s policies and procedures governing access to the “original material in the [RBA]” are reasonable. U.S. Vet. App. R. 10(d). To the extent that the Secretary contends that the Court lacks jurisdiction to review his policies and procedures for granting remote access to VBMS, which the Court agrees are not governed by 38 C.F.R. §§ 1.600-.603, the Court finds it unnecessary to resolve this issue because, as discussed below, the Court finds reasonable the Secretary’s procedure that allows an appellant or a representative of an appellant read-only access to VBMS at the VA General Counsel’s office or at a VA RO.6

B. Compliance with Rule 10(d)

Mr. Green argues that his attorney has a right to remote read-only access to his VBMS file and that the Secretary’s policy, which requires attorneys practicing at the Court to become accredited to receive access, is contrary to the plain language of 38 C.F.R. § 1.601(a) and constitutes an unreasonable regulation by the Secretary under Rule 10(d). Mr. Green does not dispute that the Secretary offered his attorney an alternative means to review the VBMS file, but instead asserts that remote access is the only meaningful access to the VBMS file. The Secretary asserts that §§ 1.600-.603 are inapplicable to VBMS and that he has complied with Rule 10(d) because he has not denied Mr. Green the opportunity to inspect and copy any original material in the RBA. To the extent that the Secretary requires an attorney to review VBMS files at the General Counsel’s office or a VA RO, he explains that this procedure is consistent with his longstanding policy that permitted review of the paper claims file at the General Counsel’s office or any VA RO.

1. Is there a regulatory right to remote read-only access to VBMS2

The “interpretation of a ... regulation is a question of law” that the Court *289reviews de novo. Lane v. Principi, 339 F.3d 1331, 1339 (Fed. Cir. 2003). As always, to discern the meaning of a regulation, the Court begins with the plain language of the regulation. Cf. Perrin v. United States, 444 U.S. 37, 42, 100 S.Ct. 811, 62 L.Ed.2d 199 (1979) (“We begin with the language of the ... Act itself.”); Smith v. Brown, 35 F.3d 1516, 1523 (Fed. Cir. 1994) (noting that the canons of statutory interpretation apply to interpreting regulations), superseded by statute as stated in Samish Indian Nation v. United States, 419 F.3d 1355 (Fed. Cir. 2005). “[I]f the meaning of the regulation is clear from its language, then that is ‘the end of the matter.’ ” Tropf v. Nicholson, 20 Vet.App. 317, 320 (2006) (quoting Brown v. Gardner, 513 U.S. 115, 120, 115 S.Ct. 552, 130 L.Ed.2d 462 (1994)).

In 1994, YA proposed and promulgated the regulations relied on by Mr. Green as authority for remote read-only access to YBMS. See “Expanded Remote Access to Computerized Veterans Claims Records by Accredited Representatives,” 59 Fed. Reg. 47,082-02 (Sept. 14, 1994) (codified at 38 C.F.R. §§ 14.640-14.6437); see also 59 Fed. Reg. 37,008-01 (July 20, 1994) (Notice of Proposed Rulemaking). At the time, VA had provided remote access to accredited representatives of Veterans Service Organizations with offices in space provided within VBA ROs under 38 USC § 5902(a)(2). 59 Fed. Reg. at 37,008. The Secretary’s notice of proposed rulemaking reflects that he decided to provide the same online remote access “to all individuals and organizations” under 38 C.F.R. §§ 14.626-.635 and “attorneys of record for claimants before the [Court] who request such access.” Id.

Sections 1.600-.603 authorize access to “automated [VBA] claims records” and “automated claimants’ claims records,” and “establish policy, assign responsibilities and prescribe procedures” related to when, and under what circumstances, access will be granted, the exercise of authorized access, and the bases and procedures for disqualification. 38 C.F.R. § 1.600(a). As relevant here, § 1.600(b)(1) provides that “VBA will grant access to its automated claimants’ claims records from locations outside [ROs] ... to individuals ... granted access ... under §§ 1.600 through 1.603.” 38 C.F.R. § 1.600(b)(1) (emphasis added). In turn, § 1.601(a) provides:

An applicant for read-only access to VBA automated claims records from a location other than a VA [RO] must be:
(1) An organization, representative, attorney or agent approved or accredited by VA under §§ 14.626 through 14.635; or
(2) An attorney of record for a claimant in proceedings before the [Court] or subsequent proceedings who requests access to the claimant’s automated claims records as part of the representation of the claimant.

Because § 1.601(a) is written in the disjunctive, Mr. Green argues that to receive remote read-only access to VBA automated claims records there is no regulatory requirement that an attorney representing an appellant at the Court be accredited by VA. The plain language of the regulations supports Mr. Green’s reading. Read together, §§ 1.600(b)(1) and 1.601(a)(2) provide that “VBA will grant access” to “[a]n attorney of record for a claimant in proceedings before the [U.S. Court of Appeals for Veterans Claims].” (emphasis added). Unlike § 1.601(a)(1), there is no requirement in § 1.601(a)(2) that an attorney of record at the Court be accredited by VA to *290qualify for remote access. However, finding no accreditation requirement in the regulation does not end the Court’s inquiry because, as noted above, the parties fundamentally disagree whether the regulations authorize remote read-only access to VBMS.

Standing alone §§ 1.600-.603 do not define “automated VBA claims records” or “automated claimants’ claims records.” However, when § 1.600 is read in its entirety, it becomes clear that “automated VBA claims records” and “automated claimants’ claims records” do not include VBMS files or a claimant’s electronic claims folder. See Vazquez-Claudio v. Shinseki, 713 F.3d 112, 115 (Fed. Cir. 2013) (“In construing regulatory language, we must read the disputed language in the context of the entire regulation as well as other related regulatory sections in order to determine the language’s plain meaning.”); see also Smith v. Brown, 35 F.3d 1516, 1523 (Fed. Cir. 1994) (“Only by ... full reference to the context of the whole can the court find the plain meaning of a part.”). Section 1.600(c)(1) provides that

[a]ceess will be authorized only to the inquiry commands of the [BDN,] which provides access to the following categories of data:
(i) Beneficiary identification data such as name, social security number, sex, date of birth, service number and related service data; and
(Ü) Claims history and processing data such as folder location, claim status, claim establishment date, claim processing history, award data, rating data, including service-connected medical conditions, income data, dependency data, deduction data, payment data, educational facility and program data (except chapter 32 benefits), and education program contribution and delimiting data (except chapter 32 benefits).

38 C.F.R. § 1.600(c)(1).

By limiting access to categories of data and information enumerated in § 1.600(c)(1), the regulation provides some context in which to understand the meaning of “VBA automated claims records” or “automated claimants’ claims records.” Here, the categories of accessible data do not include VBMS files or a claimant’s electronic claims file. To the contrary, § 1.600(c)(1)(h) specifies that the BDN will provide the “[c]laims history and processing data such as folder location.” Duncan v. Walker, 533 U.S. 167, 174, 121 S.Ct. 2120, 150 L.Ed.2d 251 (2001) (“[A] [regulation] ought, upon the whole, to be so construed that, if it can be prevented, no clause, sentence, or word shall be superfluous, void, or insignificant.’ ” (quoting Market Co. v. Hoffman, 101 U.S. 112, 115, 25 L.Ed. 782 (1879)). Thus, the Court discerns no merit in Mr. Green’s argument that the regulations should be interpreted to authorize access to his VBMS file.8

*291 2. Reasonableness

Although Mr. Green fails to demonstrate that §§ 1.600-.603 apply to VBMS, pursuant to Rule 10(d) the Court must determine the reasonableness of the Secretary’s policy requiring attorneys representing appellants at the Court to (1) travel to the General Counsel’s office or a VA RO9 to inspect and copy any original material in the RBA—in this case Mr. Green’s VBMS file, or (2) comply with VA’s information security requirements to receive remote read-only access to VBMS, which includes becoming accredited by VA.

As the custodian of Mr. Green’s claims records and the party limiting the manner in which his adversary may have access to the original material in the RBA, the Secretary must shoulder the burden of showing that his policies and procedures to gain access to original material in the RBA are reasonable. See Robinson, 28 Vet.App. at 189 (finding that the Secretary failed to demonstrate that the Court was legally compelled to deviate from its usual and straightforward application of Rule 10(d) as requiring access to the original paper source documents). As between the parties, the Secretary is the most knowledgeable to explain VA’s policies and procedures governing access to veterans’ claims records; therefore, it is appropriate to require the Secretary to demonstrate compliance with Rule 10(d), which includes establishing that his policies and procedures permitting an attorney representing an appellant at the Court to inspect and copy any original material in the RBA are reasonable.

The Secretary maintains that general access to veterans’ claims files, paper or electronic, is governed by the Privacy Act, 5 U.S.C. § 552a, and 38 U.S.C. §§ 570110 and 7332.11 He further asserts that none of the statutes or implementing regulations require VA to provide remote access to VA claims files.

With limited exceptions, section 552a(b) of title 5, U.S. Code, provides that “[n]o agency shall disclose any record which is *292contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains.” 5 U.S.C. § 552a(b). Upon request, the agency shall permit an individual “to review the [individual’s] record and have a copy made of all or any portion thereof.” 5 U.S.C. § 552a(d) (emphasis added). To carry out the provisions of section 552a, Congress required each agency that maintains a system of records to promulgate rules, which shall, among other things, “establish procedures for the disclosure to an individual ... of ... ree-ord[s] or information pertaining to [the individual].” 5 U.S.C. § 552a(f)(3) (emphasis added).

The Secretary promulgated regulations governing an individual’s access to records, and inspection and disclosure of records to accredited representatives and recognized attorneys. Section 1.577, of title 38, Code of Federal Regulations, provides that “any individual upon request may gain access to his or her record or information pertaining to him or her which is contained in any system of records maintained by [VA].” 38 C.F.R. § 1.577(a) (emphasis added). An individual “will be permitted ... to review the record and have a copy made of all or any portion” of the record. Id. Section 1.525(b)(1) provides, in pertinent part, that “[i]nspection of folders by accredited representatives or recognized attorneys[12] holding a written authorization where such cases are being processed shall be in space assigned for such inspection.” 38 C.F.R. § 1.525(b)(1) (emphasis added).

Consistent with the Privacy Act, 38 U.S.C. §§ 5701 and 7332, and VA regulations, VA’s Adjudication Procedures Manual (M21-1) recognizes that representatives holding a POA have authority to review information in a claimant’s claims folder and that “[a]n RO may release a claimant’s claims folder” to an attorney representing an appellant at the Court. M21-1, pt. 1, ch.3, sec. B.2.a. With proper authorization (VA Form 21-22a), a representative may review the claims folder “within an RO space designated for such review” and the “RO director may permit accredited representatives of service organizations to review a claims folder at the desk of the accredited representative.” M21-1, pt. 1, ch.3, sec. B.2.j. Although the M21-1 manual contemplates that some POAs might have access to a claimant’s electronic claims folder, the M21-1 does not address the circumstances under which electronic access is provided. See, e.g., M21-1, pt. 1, ch.3, sec. B.l.d (providing notice to POAs who have access to a veteran’s electronic claims folder).

Taken together, the statutes and regulations discussed herein lend support to the Secretary’s contention that VA’s policy of permitting an attorney representing an appellant at the Court to inspect and copy original material in the RBA at the General Counsel’s office or a VA RO is longstanding and rooted in safeguarding individual privacy from the misuse of information. The privacy statutes require the Secretary to keep confidential claimants’ claims files, but also direct him to disclose certain information upon receipt of proper written authorization. As discussed above, the regulations addressing access by an individual or an accredited representative or recognized attorney contemplate the right to review and copy all or any portion of the records (38 C.F.R. § 1.577(a)) and inspection of folders in a space designated for such inspection (38 C.F.R. § 1.525(b)(1)). Nothing discussed *293herein requires the Secretary to provide remote access to claimants’ claims records.

Mr. Green essentially maintains that the Secretary’s policy is unreasonable because to require an attorney practicing at the Court to travel to the General Counsel’s office or a VA RO imposes an “undue and unnecessary hardship” and deprives his attorney of meaningful access to his VBMS file. Reply at 5. Mr. Green further speculates that it is unclear whether VA ROs are equipped to accommodate time-consuming demands to review claimants’ VBMS files, and he argues that his attorney requires remote read-only access to VBMS to competently represent him in this appeal and to ensure the completeness of the RBA. Id.

Mr. Green’s arguments are not persuasive because he fails to explain what has changed, other than the manner in which VA stores claims records, that renders VA’s longstanding procedure unduly burdensome and a deprivation of meaningful access. Although remote access to claims records might ease the process of representation, the Court agrees with the Secretary that Mr. Green’s argument that VA is prohibiting his attorney from providing competent and diligent representation rings hollow.

Importantly, the Secretary has not denied Mr. Green’s attorney read-only access to his VBMS files. Offering an option similar to VA’s longstanding policy that permitted appellants’ attorneys to inspect and copy the paper file at the General Counsel’s office or a convenient VA RO, the Secretary has offered Mr. Green’s counsel read-only access to the VBMS file at the General Counsel’s office or a convenient VA RO. Given the Agency’s responsibilities under the Privacy Act, the Secretary reasonably maintained custody of the original paper records and required the inspection of records to be performed at the General Counsel’s office or a convenient VA RO. VA’s transition to a paperless claims processing system, which includes electronic storage of claimants’ claims records, does not alter the Court’s view. With advancements in technology, VA faces new information security risks and is required to comply with FISMA, HSPD-12, and NIST minimum security standards. Absent any statutory obligation to provide remote access to veterans’ claims records, the Court will not, at this time, delve into the Secretary’s policies and procedures regarding remote access to VA’s internal networks and information systems.13 The Secretary’s policies and procedures that allow an appellant or his representative to inspect and copy any original material in the RBA—whether that material is stored in paper or electronic format—at the VA General Counsel’s office or at a VA RO are reasonable and comply with Rule 10(d).

Nonetheless, because the Secretary affirms that he is endeavoring to provide remote read-only access to veterans’ representatives and attorneys, the Court is compelled to comment on the Secretary’s current stance that VA has made a management decision that all attorneys seeking remote read-only access to VBMS must become accredited by VA and that accreditation is the only way VA can protect the privacy of records within its technological limitations. Although the Secretary indisputably must comply with Federal laws and regulations to safeguard veterans’ private information and sensitive records, the Secretary provides no *294convincing explanation how requiring an attorney to become accredited by VA serves any security purpose.14

As noted above, the VA PIV credential is the sole identity credential for Department employees, contractors, and affiliates, which is required for logistical access to VA networks and information systems. See VA Directive 0735, HSPD-12 Program (Oct. 26, 2015) (defining Department-wide policy, roles, and responsibilities for compliance with HSPD-12, “Policy for a Common Identification Standard for Federal Employees and Contractors”)- Although the procedures for obtaining a PIV card, which include fingerprinting, a background investigation, and security training, clearly serve a security purpose, VA’s accreditation requirement is intended to ensure that agents and attorneys who represent claimants before the Agency are of good moral character and possess the qualifications and skills to provide claimants valuable service. See 38 U.S.C. § 5904(a)(2); 38 C.F.R. § 14.629 (2016); see also http:// www.va.gov/ogc/accreditation.asp (last visited Oct. 20, 2016) (stating that “[t]he VA accreditation program exists to ensure that [vjeterans and their family members receive appropriate representation on their VA benefits claims [and that] VA accreditation is for the sole and limited purpose of preparing, presenting, and prosecuting claims before VA”).

Even assuming that the Secretary has wide discretion to develop policies and procedures for granting remote access to his information security network, it is disconcerting that the Secretary requires an attorney, who intends only to represent appellants in proceedings at the Court, to file an application certifying that the attorney seeks accreditation to represent claimants before VA. Moreover, the Secretary’s regulations impose continuing legal education requirements, as a condition of initial accreditation and to maintain accreditation, that are not required to practice before the Court. See 38 C.F.R. 14.629(b)(iii), (iv). In addition to imposing requirements on attorneys that are not required by the Court’s Rules of Admission and Practice, the Court observes that it currently takes VA between 60 and 120 days to process attorney applications for accreditation. See http://www.va.gov/OGC/docs/Accred/Howto ApplyforAecreditation.pdf (FAQs) (last visited Oct. 20, 2016). In this regard, the Court notes that the Court’s Rules provide, at most, 74 days from notice of docketing to dispute the content of the RBA. See Rules 10(a) (requiring the Secretary to serve the RBA not later than 60 days after notice of docketing) and 10(b) (requiring that any motion disputing the RBA must be served within 14 days after service of the RBA). Thus, unless an attorney is already accredited by VA, the Secretary’s endeavor to make remote read-only access available might be an empty gesture for many attorneys representing appellants at the Court and may be a factor that the Court considers in its future determinations regarding the reasonableness of the Secretary’s regulations under Rule 10(d).

III. CONCLUSION

Attorneys representing claimants in proceedings at the Court do not have a regulatory right, pursuant to 38 C.F.R. §§ 1.600-.603, to remote read-only access to claimants’ VBMS files. Pursuant to Rule 10(d), the Secretary is required to permit Mr. Green or his representative to inspect *295and to copy, subject to reasonable regulation, any original material in the RBA that is not subject to a protective order. For the foregoing reasons, the Court finds reasonable the Secretary’s policies and procedures that allow an appellant or his representative to inspect and copy any original material in the RBA—whether that material is stored in paper or electronic format—at the VA General Counsel’s office or at a VA RO.

Upon consideration of the foregoing, it is

ORDERED that Mr. Green’s motion to compel the Secretary to provide his attorney remote read-only access to VBMS is denied. It is further

ORDERED that the Court’s May 27, 2016, stay will be lifted 14 days after the date of this order and proceedings shall continue in accordance with the Court’s Rules.

. "VBMS is an automated, fully electronic, Web-based claims processing system designed *283to serve as the cornerstone of [the Veterans Benefits Administration’s] transition to paperless claims processing.” VA’s Notice of Amendment of Systems of Records, " 'VA Compensation, Pension, Education, and Vocational Rehabilitation and Employment Records—VA’ (58VA21/22/28),” 77 Fed. Reg. 42,-594-01 (July 19, 2012). "At the present, VBMS is the only system through which a claimant’s e-folder is reviewable. The e-folder is the digitized version of what used to be the paper claims file.” Secretary’s Opposition to Motion (Mot.) at 2 n.2.

. Although Mr. Green’s motion requests "read-only access” to VBMS, subsequent pleadings and arguments, along with the regulations that he relies on to establish a right to access, make clear that Mr. Green seeks remote read-only access. Thus, the Court’s order will address whether the Secretary is required to provide Mr. Green’s attorney remote read-only access,

. "Although [VBMS] indicates that service treatment records were received in April 2015, the Board finds this to be in error, as it was clear that the RO considered these service treatment records during the process of adjudicating the rating decision on appeal.” January 15, 2016, Board Decision at 4.

. BDN is a "legacy application used for processing claims for compensation, pension, and fiduciary service, education, and vocational rehabilitation and employment (VR & E) and financial transactions.” Secretary's Mem. at 3-4.

. In August 2004, President George W. Bush issued HSPD-12, requiring the Secretary of Commerce to promulgate a "Government-wide standard for secure and reliable forms of identification issued by the Federal Government to its employees and contractors.” To meet identity, credentialing, and access management requirements of HSPD-12, the "VA PIV Credential is the sole identity credential for Department employees, contractors, and affiliates.” VA Directive 0735, HSPD-12 Program (Oct. 26, 2015).

. Similarly, because the Court holds that the regulations do not apply to VBMS, the Court need not determine whether the mere statement in 38 C.F.R. § 1.600(d)(2) that §§ 1.600-.603 do not create an enforceable right to access "automated VBA claims records” is a valid exercise of the Secretary’s authority to promulgate regulations necessary or appropriate to carry out the laws administered by VA.

. In 2008, the Secretary redesignated 38 C.F.R. §§ 14.640-.643 as §§ 1.600-.603, respectively, without substantive change. 73 Fed. Reg. 29,852-01, 29,870 (May 22, 2008).

. In light of the Secretary’s assertions that in 2000 VA shifted from BDN to VETSNET and in 2010 to the Stakeholder Enterprise Portal—"a self service portal designed for external stakeholder, business partners[,] and service providers (including ... POAs) to access web-based systems, information^] and services on behalf of [v]eterans and VA,” see Secretary’s Mem. at 5—it is unsettling that the Secretary has not amended his regulations to reflect his current telecommunication systems and the data that is available via remote access. Moreover, although the Court declines Mr. Green’s invitation to redefine "automated claims records” in §§ 1.600-.603 to include VBMS, the Court finds the Secretary’s assertions on appeal that there are no regulations governing access to VBMS incompatible with VA’s earlier statements indicating that access to VBMS by a claimant’s representative or attorney will be approved in accordance with VA regulations. See 77 Fed. Reg. 42,600 (2012) (providing that access to VA’s data telecommunication networks, including VBMS, is "by authorization con*291trolled by the site security officer who is responsible for authorizing access to the BDN, Virtual VA, VBMS and VETSNET by a claimant’s representative or attorney approved for access in accordance with VA regulations.... The security requirements applicable to the access of automated claims files by VA employees also apply to the access of automated claims files by claimants’ representatives or attorneys” (emphasis added)).

.At oral argument, the Secretary agreed that there might be circumstances in which the closest RO office might still require an attorney to travel an exceptional distance. In those cases, the Secretary asserted that VA will provide access at any VA facility that is more convenient for inspection. O.A. at 18:05-22, 23:20-24:10; see also 77 Fed. Reg. at 42,600 (indicating that VBMS terminal locations include VA Central Office, ROs, VA health care facilities, Veterans Integrated Service Network offices, Department of Defense Finance and Accounting Service Centers, and the U.S. Coast Guard Pay and Personnel Center).

. Section 5701 addresses the ‘‘[c]onfidential nature of claims.” Section 5701(a) provides that ”[a]ll files, records, reports, and other papers and documents pertaining to any claim under any of the laws administered by the Secretary ... in possession of [VA] shall be confidential and privileged.” 38 U.S.C. § 5701(a). Section 5701(b)(1) requires the Secretary to disclose the records described in subsection (a) ”[t]o a claimant or duly authorized agent or representative of a claimant as to matters concerning the claimant alone.” 38 U.S.C. § 5701 (b)(1). With one exception, not pertinent here, any disclosure made pursuant to section 5701 “shall be made in accordance with the provisions of section 552a of title 5.” 38 U.S.C. § 5701<j).

. Section 7332 addresses the "[c]onfidentiality of certain medical records” relating to drug abuse, alcoholism or alcohol abuse, infection with the human immunodeficiency virus, or sickle cell anemia. 38 U.S.C. § 7332.

. Notably, § 1.525(a)(1) refers to 38 C.F.R. § 14.629(b) (Accreditation of Agents and Attorneys) to identify "recognized attorneys.” 38 C.F.R. § 1.525(a)(1).

. This is not to say, that at some point in the future, advancements in technology might render unreasonable any requirement that a party or representative of party travel to a VA office to review electronic records.

. Similarly, although the Secretary states that a POA code is central to limiting access within VBMS only to those records a representative has been authorized to access by a claimant (see Secretary's Mem. at 12), the Secretary fails to explain why accreditation is the only means to assign a POA code, which seems purely administrative.