Official: VA’s Legacy EHR Must Be Maintained, But Not a Long-Term Solution

The United States Department of Veterans Affairs headquarters is seen on Wednesday May 28, 2014 in Washington, DC.

The United States Department of Veterans Affairs headquarters is seen on Wednesday May 28, 2014 in Washington, DC. Matt McClain/ The Washington Post via Getty Images

The official cautioned that “modernization would require VistA be rewritten almost from scratch.”

The Department of Veterans Affairs must continue to maintain its legacy health information system as it moves forward with its multi-billion dollar electronic health record modernization project, even though the decades-old software is too outdated to serve as a viable long-term solution, a VA official said during a House Veterans’ Affairs subcommittee hearing on Tuesday. 

Daniel McCune, VA's executive director of software product management, told members of the committee’s Technology Modernization Subcommittee that the Veterans Health Information Systems and Technology Architecture—or VistA—“has served VA and veterans for over 40 years, and we are aware of its limitations.” But he added that, as the agency continues to slowly deploy the new Oracle Cerner EHR system, “VistA remains our authoritative source of veteran data."

Modernizing the EHR system has been a priority for VA for some time, albeit one with few tangible results until now. Prior to awarding Cerner the contract for the new EHR system—known as Millennium—in 2018, VA spent years attempting to modernize VistA. During a House Veterans’ Affairs Committee hearing on Feb. 28, U.S. Comptroller General Gene Dodaro told lawmakers that VA has spent “over $1.7 billion dollars for failed predecessor electronic healthcare record systems that either failed, or did not come to fruition.” 

Rep. Matt Rosendale, R-Mont.—the chairman of the subcommittee—said VistA “must be maintained,” and called for the VA to identify “key areas of VistA that need to be modernized and are feasible to undertake.” Rosendale previously introduced legislation in January that would terminate the VA’s transition to the Oracle Cerner system if the agency “cannot demonstrate significant improvement” in its deployment. 

“The reality is, regardless of whether the Oracle Cerner implementation can be accomplished, and regardless of how we feel about that, the VA will probably continue to rely on VistA for at least another decade, and some of the elements of VistA will probably never go away because no replacement even exists,” Rosendale added. 

Rep. Sheila Cherfilus-McCormick, D-Fla.—the panel’s ranking member—also agreed that maintaining VistA “is imperative” for the VA, noting that “there are functions of VistA that are not related to the EHR and would likely exist long after the EHR is replaced.”

But Cherfilus-McCormick expressed concerns about the current state of VistA, including cybersecurity risks, data management issues and a code-base “considered to be obsolete by many.”

“I’m not here to say that the Oracle Cerner approach in EHRM is going well, but I’m not sure returning to VistA is correct either,” Cherfilus-McCormick added. 

McCune agreed that maintaining VistA during the deployment of the new Oracle Cerner EHR system was essential, noting that VA has already been working to enhance the legacy system by “standardizing VistA code,” implementing an API gateway and transitioning portions of the system to a cloud environment. He noted that “20 instances of Vista have been moved to cloud, with an additional 54 planned this year.”

But McCune told lawmakers that VistA is “an old technology ill-suited for the modern digital age,” and added that “modernization would require VistA be rewritten almost from scratch, at a great cost and great risk.”

McCune highlighted the fact that VistA is written in an old programming language called Mumps, which he noted “is not taught in computer science classes.” While he said VA had been able to retain Mumps programmers “much longer than a typical workforce,” he added that “approximately 70% of our Mump programmers today are retirement eligible, and we have few options to hire or contract additional ones.”

The rollout of the new Oracle Cerner EHR system, however, has been fraught with technical issues, patient safety concerns, delays and cost overruns since it first went live at the Mann-Grandstaff VA Medical Center in Spokane, Washington in 2020. A report released in July 2022 by the VA's Office of Inspector General found that the new software deployed at the Spokane facility inadvertently routed more than 11,000 orders for clinical services to an “unknown queue” without alerting clinicians, resulting in “multiple events of patient harm.” 

VA announced in October that it was pausing further rollouts of the Oracle Cerner software until June 2023 to give the agency time to “fully assess performance and address every concern” with the system’s deployment. The agency announced last month that it was also pushing back the planned deployment of the Oracle Cerner EHR system at the VA Ann Arbor Healthcare System until later this year or in 2024. The go-live for Ann Arbor was originally scheduled to happen in June of this year.

Ongoing issues with the new software’s deployment have only increased lawmakers’ worries about the viability and usability of the new system. Rosendale, in particular, expressed concern during the hearing about reported disparities regarding patient safety when it came to medical facilities continuing to use VistA, and those that have transitioned to the Oracle Cerner EHR system. 

Rosendale cited VA’s patient safety reports related to its EHR systems and noted that—for the 166 medical facilities still using VistA—the agency received 12,644 reports in 2020; 14,637 in 2021; and 9,211 in 2022. For the two years after Cerner went live in Spokane, Rosendale said VA received a combined 1,033 patient safety reports at that facility alone.

“That’s over 500 reports per year from one hospital using Cerner,” he said. “One hospital, compared to an average of 55 reports annually from the VistA hospitals.”

Rosendale said the data showed that, as a result of the Oracle Cerner EHR system’s beleaguered rollout, Mann-Grandstaff has “become the most dangerous VA hospital in the country.”