VA IT moves earn praise

The VA has made major improvements in managing and securing its systems, according to a new report

VA Information Technology: Management Making Important Progress in Addressing Key Challenges

With strong leadership and a broad reorganization of its information technology operations, the Department of Veterans Affairs has made major improvements in managing and securing its systems, according to a new report.

In a near reversal of its past criticism, the General Accounting Office gave the VA high marks for its overall IT management, including centralizing IT functions and laying a solid foundation for "detecting, reporting and responding to security incidents."

"Over the past six months, VA has shown clear progress in addressing some of the critical weaknesses that have plagued its management of information technology," according to a report released at a Sept. 26 hearing of the House Veterans' Affairs Committee's Oversight and Investigations Subcommittee.

VA Secretary Anthony Principi has pledged to create "One VA." In August, he ordered the consolidation of the VA's IT management, giving the agency's chief information offier, John Gauss, authority over the agency's $1 billion IT budget and requiring the VA's three administration-level CIOs to report to Gauss.

GAO and members of Congress applauded the moves. In the past, the CIOs at the Veterans Health Administration, the Veterans Benefits Administration and the National Cemetery Administration could spend their budgets as they saw fit and make other IT policy decisions.

"Secretary Principi has led the VA toward a clearly defined strategic plan that integrates the planning, funding, project execution and project management oversight of VA information technology," said Rep. Steve Buyer (R-Ind.), chairman of the subcommittee.

The GAO report called the moves a "bold and innovative step." According to the report, only one other agency — the General Services Administration — has taken similar steps to give its department-level CIO authority over all IT funding.

"These efforts demonstrate our very strong commitment at all levels to building an effective information technology program for the long term," Gauss told the panel.

Nevertheless, Richard Griffin, the VA's inspector general, told the subcommittee there is room for improvement. The VA needs to "establish a comprehensive, integrated VA-wide security program," he said.

There are still major security vulnerabilities that "represent an unacceptable level of risk to VA operations and its mission of providing health care and delivering benefits to the nation's veterans," Griffin said.

Denial-of-service attacks on mission-critical systems, unauthorized access to data and fraudulent payments continue to occur, he said. In the coming year, it is imperative that the VA install intrusion-detection systems at its facilities nationwide, complete infrastructure protection activities and control physical access to computer rooms, he stressed.

Despite those shortcomings, Gauss said the VA continues to make progress on cybersecurity. "We are building a strong foundation for our IT program, but much remains to be done," he told lawmakers.

Under the direction of cybersecurity chief Bruce Brody, the department has awarded a $103 million contract to a consortium of five companies to tighten the VA's security systems, detect hacker attacks and prevent them.

Security officers at the three VA administrations will report directly to Brody. Security officers at each hospital, regional office and cemetery will report directly to the facility's manager instead of keeping the hodgepodge of existing reporting arrangements.

Still, the VA's actions are a work in progress, according to the GAO report, and they "have not yet been sufficient to fully implement all of the key elements of a comprehensive computer security management program."

Meanwhile, Gauss said he is tackling the troubled VetsNet program for compensation and pension payments. The VA has spent six years and more than $300 million trying to deploy the system, but continues to rely on an aging network to make 3.5 million benefits payments to veterans and their dependents each month.

Gauss said he's committed to getting VetsNet working by April 2004 and has hired a project manager to oversee its completion.

***

High score

In a report released Sept. 26, the General Accounting Office said the Department of Veterans Affairs has made substantial progress in improving its management of information technology.

Among the activities the VA is doing right:

* Consolidating and restructuring the chief information officer's authority.

* Developing an enterprise architecture.

* Improving computer security.

* Hiring a consortium to respond to cybersecurity breaches.

* Enhancing the monitoring and detection of security problems.

* Making progress in securely sharing health care data with the Defense Department to improve medical services to veterans.

* In the process of recruiting a permanent chief enterprise architect.

NEXT STORY: Letter to the editor

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.