VA sees problems in open-source development for VistA

Potential hurdles eyed in licensing, certification and governance

• By Alice Lipowicz
• Aug 18, 2010

The Veterans Affairs Department sees advantages in using open-source software to modernize its Veterans Health Information Systems and Technology Architecture (VistA) system, but it anticipates several problems if it takes that step.

The VA issued a request for information Aug. 11 asking for industry to deal with anticipated concerns related to open-source development for VistA.

The request follows a recommendation from an Industry Advisory Council working group in May 2010 that the VA create an open-source development program to update VistA. VA Chief Information Officer Roger Baker has invited the group to submit advice on modernizing VistA.

---

Related story:

VA moves closer to IT modernization decision

---

The VA is seriously considering an open-source development program, but it has reservations about configuration management, copyrights and licensing, governance structure and certification and validation of any open-source code developed in the process, the RFI stated.

“The VA is considering an ‘open-source’ model for VistA that would enable VA to benefit from innovations that third parties could make available according to a code-sharing framework,” the RFI stated. The RFI lists three advantages of open source: the possibility of greater innovation and integration of new capabilities; likely improvements in capabilities, quality, reliability, and robustness; and broader proliferation of common electronic health record software and solutions.

Meanwhile, open-source development also presents problems, the RFI stated.

Although the collaboration in the open-source community brings options, it also requires an appreciation for the necessity of effective configuration management; the sensitivities regarding intellectual property such as copyrights and licensing, the necessary governance around dynamic development collaborations essential to code and "kernel" stability and robustness for the long term, and the absolute necessity for certification, validation and review of code before release, according to the RFI.

The RFI asks vendors to respond to a series of questions about a potential open-source system for VistA modernization. The questions included:

• What role should VA assume in an Open Source VistA Ecosystem, as user, developer, maintainer, certifier, operator, and/or distributor?
• What role should non-VA sponsored developers assume in an Open Source VistA Ecosystem?
• What specific functions of VistA Open Source should the VA be prepared to fund?
• How would the VA go about participating and collaborating in the open-source community?
• How would the VA implement software components available through open-source or licensed software channels into the mainline of VistA?

Vendors were invited to respond by Aug. 25 and to submit white papers and additional questions.