VA sees problems in open-source development for VistA

Potential hurdles eyed in licensing, certification and governance

The Veterans Affairs Department sees advantages in using open-source software to modernize its Veterans Health Information Systems and Technology Architecture (VistA) system, but it anticipates several problems if it takes that step.

The VA issued a request for information Aug. 11 asking for industry to deal with anticipated concerns related to open-source development for VistA.

The request follows a recommendation from an Industry Advisory Council working group in May 2010 that the VA create an open-source development program to update VistA. VA Chief Information Officer Roger Baker has invited the group to submit advice on modernizing VistA.


Related story:

VA moves closer to IT modernization decision


The VA is seriously considering an open-source development program, but it has reservations about configuration management, copyrights and licensing, governance structure and certification and validation of any open-source code developed in the process, the RFI stated.

“The VA is considering an ‘open-source’ model for VistA that would enable VA to benefit from innovations that third parties could make available according to a code-sharing framework,” the RFI stated. The RFI lists three advantages of open source: the possibility of greater innovation and integration of new capabilities; likely improvements in capabilities, quality, reliability, and robustness; and broader proliferation of common electronic health record software and solutions.

Meanwhile, open-source development also presents problems, the RFI stated.

Although the collaboration in the open-source community brings options, it also requires an appreciation for the necessity of effective configuration management; the sensitivities regarding intellectual property such as copyrights and licensing, the necessary governance around dynamic development collaborations essential to code and "kernel" stability and robustness for the long term, and the absolute necessity for certification, validation and review of code before release, according to the RFI.

The RFI asks vendors to respond to a series of questions about a potential open-source system for VistA modernization. The questions included:

  • What role should VA assume in an Open Source VistA Ecosystem, as user, developer, maintainer, certifier, operator, and/or distributor?
  • What role should non-VA sponsored developers assume in an Open Source VistA Ecosystem?
  • What specific functions of VistA Open Source should the VA be prepared to fund?
  • How would the VA go about participating and collaborating in the open-source community?
  • How would the VA implement software components available through open-source or licensed software channels into the mainline of VistA?

Vendors were invited to respond by Aug. 25 and to submit white papers and additional questions.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

The 2015 Federal 100

Meet 100 women and men who are doing great things in federal IT.

Featured

  • Shutterstock image (by venimo): e-learning concept image, digital content and online webinar icons.

    Can MOOCs make the grade for federal training?

    Massive open online courses can offer specialized IT instruction on a flexible schedule and on the cheap. That may not always mesh with government's preference for structure and certification, however.

  • Shutterstock image (by edel): graduation cap and diploma.

    Cybersecurity: 6 schools with the right stuff

    The federal government craves more cybersecurity professionals. These six schools are helping meet that demand.

  • Rick Holgate

    Holgate to depart ATF

    Former ACT president will take a job with Gartner, follow his spouse to Vienna, Austria.

  • Are VA techies slacking off on Yammer?

    A new IG report cites security and productivity concerns associated with employees' use of the popular online collaboration tool.

  • Shutterstock image: digital fingerprint, cyber crime.

    Exclusive: The OPM breach details you haven't seen

    An official timeline of the Office of Personnel Management breach obtained by FCW pinpoints the hackers’ calibrated extraction of data, and the government's step-by-step response.

  • Stephen Warren

    Deputy CIO Warren exits VA

    The onetime acting CIO at Veterans Affairs will be taking over CIO duties at the Office of the Comptroller of the Currency.

  • Shutterstock image: monitoring factors of healthcare.

    DOD awards massive health records contract

    Leidos, Accenture and Cerner pull off an unexpected win of the multi-billion-dollar Defense Healthcare Management System Modernization contract, beating out the presumptive health-records leader.

  • Sweating the OPM data breach -- Illustration by Dragutin Cvijanovic

    Sweating the stolen data

    Millions of background-check records were compromised, OPM now says. Here's the jaw-dropping range of personal data that was exposed.

  • FCW magazine

    Let's talk about Alliant 2

    The General Services Administration is going to great lengths to gather feedback on its IT services GWAC. Will it make for a better acquisition vehicle?

Reader comments

Thu, Aug 19, 2010 AC

Open source software is probably the best choice for governments and large corporations to use for infrastructural software for at least one reason: you have full access to the complete source code and the toolchain required to maintain and upgrade it. With closed source, proprietary, software, you're merely setting yourself up for a future disaster: software companies come and go, and there is no way to predict if a particular company will still be in business at any given point in the future. If your agency, of firm, uses proprietary software for a critical part of your mission, you risk being incapable of performing that mission when the software is obsolete or the company behind the software ceases to exist. Open source software is a prudent choice for agencies, or companies, which require software with service longevity and must have the capability to maintain and upgrade their own systems as need dictates.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above