Health IT

DOD's health data exchange running on bridge contract

health data (Supphachai Salaeman/ 

The system that allows the Department of Defense to share health data across multiple legacy platforms and with outside providers is running on a sole-source bridge contract while a bid protest is being resolved.

In June 2018, DOD awarded a five-year contract with a $90 million ceiling for sustainment services for the Defense Medical Information Exchange (DMIX) system to ASRC Federal Data Solutions. But a protest by incumbent ActioNet looks to delay the start of the new contract.

DMIX is a core component of the Defense Department's ongoing health record modernization effort. Although it was created before the DOD acquired a commercial health record capability and began plans to implement it, DMIX is now managed by the same office that handles the implementation of MHS Genesis -- the Cerner-based system it acquired in 2015.

DMIX supports sharing of health data in standardized formats across multiple current and legacy DOD systems, including MHS Genesis system and the Joint Legacy Viewer, which connects DOD and Veterans Affairs systems. The DMIX system is busy, supporting between 60,000-70,000 data exchanges just between DOD and VA every day. DMIX also links the DOD health IT system with 53 external health information exchanges.

According to contracting documents signed in late December but just posted publicly on Jan. 11, the Program Executive Office Defense Healthcare Management Systems (DHMS) authorized a six-month sole-source extension to ActioNet to continue work on the DMIX system, citing the need to implement needed patches and upgrades. One upgrade, scheduled for May, has been in the works for almost a year and involves coordination with multiple legacy vendors, according to contracting documents.

"The longer the systems remain offline, the larger the risk of patient misdiagnosis, missed allergies alerts, duplicative procedures, increased overlook of 'drug seeking' behavior, and missed negative medicine interactions," contracting officials wrote in a document justifying the sole-source extension.

The dollar amount of the extension, which covers two months base and four one-month options, was redacted in contracting documents. ActioNet's protest is due to be resolved at the Government Accountability Office by the end of February.

The DMIX program has had problems in the past. According to an internal oversight report from the Office of the Director of Operational Test and Evaluation, DMIX release 5 "is not survivable against cyber-attacks." A pair of tests conducted between May and September 2017 discovered "several vulnerabilities that could allow an adversary to compromise patient data," according to the DOTE report. Those vulnerabilities were exploited an "adversarial assessment."

A DHMS spokesperson told FCW those vulnerabilities had been mitigated in a subsequent DMIX release.

The contracting documents justifying the sole source extension don't explicitly mention cybersecurity vulnerabilities. In addition to the needed updates, officials cited "network latency (local or enterprisewide),miscommunicated systems patches that bring systems down, corrupted databases, a blade being pulled out of a storage network" as examples of everyday problems that demand a contractor stay on the job while the protests are being resolved. "Without this contract action, DMIX will not have insight into critical systems, which could result in more frequent outages of longer duration that directly impact patients and providers," the justification states.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected