VA Cybersecurity and IT Oversight

PURPOSE:

• To examine the Department of Veterans Affairs’ (VA) implementation of the Federal Information Security Management Act and Federal Information Technology Acquisition Reform Act (FITARA), as well as specific IT investments, including the modernization of the Veterans Health Information Systems and Technology Architecture (VISTA) system.

BACKGROUND:

• The Department of Veterans Affairs (VA) is engaged in an effort to modernize the Veterans Health Information Systems and Technology Architecture (VISTA).
• The centerpiece of VA’s modernization program, referred to as VistA Evolution, is an electronic health record (EHR) that should be interoperable with the Department of Defense, as well as private sector health care providers.
• The VA received an overall grade of ‘C’ on the Committee’s 2015 FITARA Implementation Scorecard, with F’s on both Data Center Consolidation and IT Portfolio Review Savings.
• Additionally, the VA Office of Inspector General has found repeat “material weaknesses” in the VA’s cybersecurity posture.