Health IT

Safeguarding Pentagon health records

Shutterstock image (by Sergey Nivens): close up of a scientist's hand holding a glass dish.

Hackers have healthcare data firmly in their sights, but Capt. John Windom is keen to keep the Pentagon's massive health records system from being the next breach victim.

"I can assure you ... [we] are very attentive to the cybersecurity and security measures that not only have already been implemented but that are forthcoming," Windom, program manager for the multibillion dollar Defense Healthcare Management Systems Modernization project, told FCW Oct. 27.

"We're going to be probing potential vulnerability areas time and time again to ensure that prior to deployment within the framework of our DOD healthcare enterprise," the security environment is appropriately tested, added Windom, who spoke to FCW after his appearance at a National Defense Industrial Association conference in Springfield, Va.

The Navy captain said he has paid close attention to high-profile security failings like the breach of the Office of Personnel Management, adding that Frank Kendall, the Pentagon's top acquisition official, expects as much from his program managers.

The multibillion dollar DHMSM contract, awarded in July to the team of Leidos, Cerner and Accenture, is to deliver a single commercial health records product that serves 9.6 million people, and is interoperable with the Veterans Affairs' Vista health records system and with private-sector systems.

The cyber stakes for health data are high. Earlier this year, two big health insurers, Anthem Inc. and Premera Blue Cross, revealed they had been breached in hacks that affected millions of people.  

Meanwhile, retired Gen. Keith Alexander, the former head of the National Security Agency and U.S. Cyber Command, has said hackers could be exploring the ability to manipulate health data as a new form of cyber mischief.

Windom said his team is on track to implement the DHMSM project, but that there will not be any shortchanging of security requirements or other due diligence. "We will not let schedule dictate us not doing what's right," he said.

The commercial off-the-shelf nature of the DHMSM product meant that the Pentagon staff responsible for testing and evaluating the program did not have to be overly cautious with up-front testing, according to Windom.

"What we don't want to do is undermine that objective by being overly restrictive in the way we test," he said. "Cerner has a $600 million-plus R&D budget…So in order for us to leverage and capitalize on the off-the-shelf solution, we want to use a similar [testing] baseline."

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.