VA big shift on Health IT Model and Cyber

VA big shift on Health IT Model and Cyber

The VA promised a big shift in its health IT practices yesterday at a hearing. Instead of building new software themselves — their current habit — the VA IT managers will be shifting toward a “buy-first” model, in which they look to the private sector to fill their needs, according to Laverne Council, who’s been the agency’s CIO for a scant 3 1/2 months (she came from the private sector).

That may not be enough for Congress, though, which is concerned about the persistent lack of interoperability between the VA and the Department of Defense, and the big amounts that have been paid despite that paucity. (About $1 billion, a GAO official reckoned.)

Members seemed to favor two options: 1) White House intervention to knock agency heads together; 2) for the DOD and the VA to share the same system, either a commercial version, or VistA (It’s a little bit late for the latter, but ah well.)

“We have sent men to the moon and robots to Mars, I feel like we should be able to move one electronic file from one system to another,” said Will Hurd, chair of the IT subcommittee of Government Reform, who co-chaired the hearing. “It is clear to me that our inability to integrate these two systems is a problem of leadership, rather than technical feasibility.”

The coalition of researchers, hackers, and tinkerers won their day at the Library of Congress: they’ve secured an exemption to the Digital Millennium Copyright Act. That will allow researchers to probe medical devices — that aren’t to be actually implanted in patients —for “good-faith” cybersecurity research. It will also allow patients to passively monitor the data flowing out of their medical devices.The source of the issue is a bit wonky and steeped in copyright law. The Digital Millennium Copyright Act allows intellectual property holders to install “technological protection measures” in their software, which blocks unauthorized inspections; the intent is to protect copyright in the digital age. But the Act also authorizes the Library of Congress to grant exemptions every three years.