VA hopes modernization of legacy systems means more security in future

Large numbers of veterans today have grown up with technology, including smart phones. Now the Department of Veterans Affairs and Apple are collaborating to bring vital information to the health app on their iPhones. It’s just one small effort in a massive IT modernization going on at VA.

VA IT representatives Bill James, deputy assistant secretary for development and operations, and Drew Myklegard, acting executive director of demand management, said what they’ve created is essentially a “wall outlet” for applications built by third party developers. It’s all part of the department’s larger Application Programming Interface initiative.

Bill James, Drew Myklegard, Department of Veterans Affairs
Bill James, left, deputy assistant secretary for development and operations, and Drew Myklegard, acting executive director of demand management, both of the Department of Veterans Affairs.

“It’s those instructions that are going to tell an external developer how to build their app according to the data that we’re going to be passing to them. And it’s really helpful if we build those APIs in a standards-based way so that they could come in and plug into our outlet, or an in case of health care, they can go and plug into Johns Hopkins, Mayo, Cleveland clinic’s outlet,” Myklegard said on Federal Monthly Insights — Digital Transformation. “And so that’s what we did. We aligned our API strategy for this health API around what was going on and the commercial sector.”

He said that although the API makes a wide range of information accessible, it’s not a free-for-all. Entities are vetted before they can plug in. The core source of data is the Veterans Information Systems and Technology Architecture, or VistA, but James said it’s staged in a database referred to as the corporate data warehouse. There it’s curated assembled and prepped before becoming externally available. API is a gateway to a larger modernization effort at VA.

“Not only are we we’re using the gateways as a way to engage the private sector to use their money, their capital, their resources on behalf of the veterans, but those gateways also have some performance thresholds, if you will,” he said on Federal Drive with Tom Temin. “So behind that, we’re putting things on the cloud, where you have a very strong and aggressive cloud policy and effort inside the VA.”

An example is the 800,000 email boxes moved to the cloud, James added. As the department makes those moves, however, it deprecates applications in VA’s data centers. Right now, 70 VistAs are in the Defense Information Systems Agency data center in St. Louis.

“And so we’re going to be moving those to our cloud,” James said. “Once they’re in our cloud it will allow us to do inter-system testing and performance testing, because there’s going to be peers in the cloud.”

Aside from the cloud initiative, Myklegard has a few projects in motion as director of demand management, such as engineering and architecture. After email modernization, legacy systems in need of an upgrade include replacing VistA with Cerner, medical logistics systems, and HR Smart and its commercially-available PeopleSoft program.

“So all of those are efforts to, rather than writing ourselves, let’s put cost before custom. It’s buy before build,” Myklegard said. “And that way we get services to our veterans much more quickly than if we have to write it in ourselves.”

VA is also moving its shared service for its financial system to the VA enterprise cloud, which is within the federal cloud environment but provided by Amazon and Azure, Myklegard said.

“And I think the other effort that we’re really excited about, in addition to transitioning the old workflows to the cost process is building more apps, and in native way, and one of those is VA.gov, which we launched — right around Nov. 8, there was a follow-on for Vets.gov,” James added.

Since the launch he said teams releasing code and soliciting user feedback have seen a 51% increase in health care applications, a 20% rise in customer satisfaction and a more than 200% increase in utilizing the MyVA311 number.

In the long term, sustaining that modernization and upholding cybersecurity are the challenge. VA’s Chief Information Security Officer Paul Cunningham is working with Deputy Chief Information Officer Dominic Cussatt on the electronic health record and program office to mitigate risk and operate under a National Institute of Standards and Technology framework.

“We’re actively planning ahead of time, as we’re building apps to make sure that they’re secure. And we also have another advantage of switching a commercial cloud and these [government] clouds, they’re leveraging FedRAMP,” Myklegard said. “We bring security in earlier. But we’re also more secure from the beginning because the tools that we’re using are all inheriting these great controls from other agencies, which is going to allow us to deliver faster and more secure products.”

Copyright © 2019 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.