DHA performing some much needed IT system house cleaning

The Defense Health Agency inherited hundreds of technology contracts when the Defense Department created the new organization more than eight years ago to improve governance and coordination among military healthcare facilities.

These contracts weren’t developed to support a centralized infrastructure with more than 240,000 Windows endpoints and double the number of medical devices.

Pat Flanders, the chief information officer at DHA, said the goal is to consolidate and standardize more than 200 separate contracts down to less than 10 over the next three-to-four years.

Pat Flanders is the CIO of the Defense Health Agency.

“The plan is to replace all of those in this multi-system integrator model. The first of those is the one that was recently awarded, and that is the enterprise information technology services integrator (EITSI) contract. The awardee of that contract is like a program manager support contract. They work on the government side of the fence, helping us manage the follow-on contracts, which are for geographic service providers,” Flanders said on Ask the CIO. “You can think all of the IT services touch labor support at every military treatment facility and clinic in a chunk of the United States, let’s say the East Coast or something like that. These are the big vehicles, and then for areas where we require large expertise in a domain, say something like Active Directory, we’ll have capability service provider contracts, though they’ll be smaller. The intent here is to get nice long 10-year contracts, and have them all align under the EITSI contract with the government. That EITSI contract also runs our global service center, a 450 or so person, global 24/7 help desk as a feedback mechanism. So you’ve got the feedback of the help desk into that EITSI contract, and then them helping us literally come up with the requirements and phase in the other contracts.”

DHA awarded Peraton the EITSI contract in August. It is a 10-year firm-fixed-price, blanket purchase agreement (BPA) with an ordering ceiling of $2 billion. Peraton beat out six other competitors for the award.

Flanders said the next set of replacement contracts are now in the works, starting with the first geographic service provider. DHA held an industry day in early September and is gathering feedback. He said his office will continue to follow this same approach to award all the corresponding contracts with the next awards coming in the summer.

While the contract awards are the sizzle for industry, the real meat of the effort is the modernized infrastructure and the services DHA customers will enjoy.

Flanders said the consolidation and standardization effort will reduce the burden of managing and maintaining these 200 contracts. It will reduce costs for DHA and provide better, more consistent infrastructure and services delivery.

As part of this effort as well as the broader IT modernization strategy, DHA also is removing out-of-date systems and software from their inventory.

The ‘Left Behind Effort’ is in full swing

Tom Hines, the director of engineering and technology transformation at DHA, said the separate, but related MEDCoi — Medical Community of Interest — effort includes application migration and modernization and is a key piece of this consolidation initiative.

“When you think about something as massive as a global network and the movement of all these pieces of that network from what was seven legacy networks, not only do you have things that are left behind, but you basically have the hooks and all those things remaining on your switches and your routers and your firewalls and all your security architecture. Human nature is such that when you’re actually doing a new deployment, you tend to add things, you never take things away. So that’s that cleanup activity,” Hines said. “We’ve got a whole team of people, who we call euphemistically the ‘left behind effort.’ It’s really going back and cleaning up all the legacy enterprise services and the rules and rule sets and the network pointers and those sort of things so what we really have is a clean thing that we can sustain going forward. It’s a massive effort. I have a series of subject matter experts who are right now inquiring on the network, determining exactly what the targets are, what things have to be done and we’re looking at automating much of that progress going forward. We’ve got three pilots starting fairly soon.”

Hines said the pilots will focus on automation using open source products, and people that are trained specifically to figure out the spiderweb architecture and ensure mission services don’t break.

“The approach is really twofold. One, we’re taking a front-end approach that says, ‘What does right look like?’ That goes back to delivery engineering and it asks the question, knowing what we know about what’s supposed to be on the network and how it’s supposed to work, what precisely does that look like? We model that and we build that in a database. We then take agents, network tools, that are intended to inquire how the network is actually operating, what ports and protocols are being used, what devices are communicating, what enterprise services are those communicating with? And then we do a big net-net against what theoretically should be and what actually is operating because we have our networks to this day,” he said. “We have agents on devices. We have agents on switches. We, obviously, have them on firewalls, routers, all of that is centrally monitored and managed. We’re now, for the first time, capable of taking what should be, and what actually is operational in the field, comparing the two and understanding what the difference is, and also what anomalous activity is occurring that we would never expect.”

The team of experts will begin eliminating all those devices and applications that shouldn’t be there or are no longer needed. Hines said this team of experts will play a key role in “managing the drift,” meaning they will ensure configurations of systems and networks remain consistent.

Flanders said the new network will be more manageable, more easily secured and rely on a smaller number of tools.

“We got a really good handle on the spend, on who was spending what where, and I’ve got a team of folks that analyze that now looking for opportunities for consolidation. We’ve done a bunch, and we’ve got a bunch more planned. There’s going to be some organizational changes here at the headquarters, where I’m probably going to get a new mission to standardize radiology devices. And so that’s going to be a really big one,” he said. “I believe that we’ve come a long way just in four years, and each year, it gets better and better and better.”

Related Stories

Comments

ASK THE CIO

THURSDAYS 10 A.M. & 2 P.M.

Weekly interviews with federal agency chief information officers about the latest directives, challenges and successes. Follow Jason on Twitter. Subscribe on Apple Podcasts or Podcast One.