recommended reading

No Defense-VA integrated electronic health record until 2017

Manuel Balce Ceneta/AP

The Defense and Veterans Affairs departments will not deploy an integrated electronic health record until 2017, eight years after President Obama kick-started the project, according to Defense Secretary Leon Panetta and VA Secretary Eric Shinseki.

Panetta noted an initial version of iEHR will be deployed by 2014 to medical facilities in San Antonio and Norfok, Va., -- a plan announced in April by VA Chief Information Officer Roger Baker -- but Panetta did not provide any new details.

Panetta and Shinseki spoke to reporters Monday at the James A. Lovell Federal Health Care Center, a jointly operated North Chicago Defense-VA hospital that serves as a showcase for iEHR projects.

“This center is the first-of-a-kind partnership between our two departments,” Panetta said. “This really is a unique demonstration effort to try to bring together the DoD and VA systems.”

The reason for the long delay from concept to execution for the iEHR has been partly bureaucratic. Defense and VA did not agree on the basic structure and management of the iEHR until May 2011, and top officials from both departments deferred signing the charter for the Interagency Program Office, which will manage deployment of iEHR until October 2011.

The two departments put off until February selecting a director of the Interagency Program Office, Barclay Butler, a former vice president of Harris Healthcare who also served as the chief information officer for the Army Medical Department in 2001 and 2002, until this February.

Panetta said when it’s completed, iEHR will stand out as “the world's largest electronic health record system” and Shinseki said a project of such scale and importance requires a deliberate approach so “we can get it right.”

Shinseki added, “We'll go as fast as we can without accepting risk that's not tolerable. 2017 is a target. We're going to begin rolling out the initial capabilities of iEHR in 2014 at those two sites we indicated. If we can go faster, we will. But quality and safety are the standards we measure ourselves by.”

Development of iEHR is a “significant challenge” he added. “I think the folks who work here can provide you insights on that.”

Shinseki did not specify the iEHR challenges the staff at Lovell faces, but Lt. Cmdr. Donna Poulin, the hospital’s chief information systems officer, detailed them in an internal presentation obtained by Nextgov, which highlights problems Defense and VA face as they develop the joint record.

Poulin said the iEHR graphical user interface for clinicians that the VA medical center in Honolulu developed and piloted at Lovell functions in a read-only mode, meaning clinicians cannot input data. Clinicians at Lovell must access three separate networks -- VA, Defense and Navy -- all of which use different methods to authenticate end users, and each has different cybersecurity policies.

Shinseki emphasized iEHR will be “open in architecture and nonproprietary in design to expand information sharing [and to] eliminate gaps between our two robust health care systems,” in keeping with the use of open source software that he backed in April.

This approach conflicts with Defense plans to use commercial software in developing iEHR, according to a Pentagon report submitted to Congress in April -- the opening salvo in what a former top VA official, who declined to be identified, called a battle between the two departments over the basic structure of the iEHR.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.