Back in late February, the US Department of Defense and Veterans Affairs announced that they would not achieve their goal of a single EHR by 2017, and would stick with their creaky AHLTA and VistA systems for the foreseeable future [TTA 3 April]–along with the general lack of interoperability–eyes rolled at the $1 billion down the drain, but seemingly not much else budged. (And this does not include the $4 billion spent on failed updates and fixes in both systems–TTA’s ‘Pondering the Squandering’, 27 July) To this Editor’s utter shock, the 2014 National Defense Authorization Act (NDAA), agreed to by the House and Senate this week, mandates a plan for either interoperability or a single system by 31 January–about 6 weeks from now–and to adopt it by 2016. Moreover, both systems must be interoperable with private providers based on national standards by 1 October 2014. A close reading of the NextGov article indicates that the bill adds levels of complexity and perhaps unworkability. Getthereitis, anyone?–or does this sound like Healthcare.gov, redux? FierceMobileHealthcare
And it takes a grad student to find a major info security flaw in VistA. While finalizing his last project on the vulnerability of government systems to foreign attack for his master’s degree in information security, Georgia Tech‘s Doug Mackey examined the open-source code of VistA and found a remote access security flaw where he said “some remote messages are not properly security checked, and a remote unauthenticated or unauthorized user can execute any of thousands of database operations.” It was fixed through the efforts of VA and the not-for-profit Open Source Electronic Health Record Agent (OSEHRA). iHealthBeat, GCN
Most Recent Comments