The Industry Advisory Council of the American Council for Technology, Fairfax, Va.—which is advising the Veterans Affairs Department—issued a report last week recommending that the VA overhaul VistA, its clinical information technology system. The IAC was commissioned last year by VA Assistant Secretary for Information and Technology Roger Baker to recommend a way forward for both the VA and VistA.
Baker last summer announced that dozens of software projects—including several that were part of the HealtheVet program—were either halted or put under a more rigorous system of management scrutiny because of cost overruns and development delays.
Baker is no stranger to the IAC. In 2008, he served as vice chairman of an IAC team that planned for the transition between the Bush and Obama administrations. He is a former executive vice president at CACI International, a military and national security contractor. He also has served as chief information officer of the Commerce Department and CIO of defense contractor and systems integrator General Dynamics Information Technology. A year ago this month, he was confirmed by the Senate to his current VA post, which is equivalent to its CIO.
About seven months ago, Baker asked the council to answer a list of questions about VistA in an effort to plan for the VA's IT future:
Is VistA a system that could be deployed to a wider community, and what is the most appropriate deployment model: open-source code, cloud computing, business process/methodology or other?
- What organizations should have responsibility for maintaining the system?
- Should VistA be established as a national standard and, if so, what are the national implications?
- What is the appropriate strategy for modernizing VistA and transitioning it to a more current and innovative architecture?
- What are the opportunities and impact of modernizing and deploying VistA upon private industry, the healthcare community and other key groups?
- What principles and best practices should be documented and distributed for use by other government agencies considering similar issues?
In response, the work group said in VistA Modernization Report: Legacy to Leadership, released May 4, that VistA hasn't been widely deployed outside the VA thus far, “because it is very difficult to operate and expensive to modify.” It recommended the VA foster an “open-source community” to promote the development of the VistA successor program, to be called VistA 2.0, which could then be “offered up as the international standard information system for medical centers.”
But, according to the IAC work group, “VistA should not be ‘modernized' in the sense of upgrading and updating the current VistA in a traditional evolutionary model.” Instead, VistA should be re-engineered, “creating a new, open-source, open-standards ecosystem within which the proven functional capabilities of VistA can be replicated, modernized and enhanced in a sustainable, scalable and secure environment.”
Today, much of VistA is in the public domain. Copies of much of the software are available without charge or license under the Freedom of Information Act, although licenses are required for some proprietary software systems needed to operate VistA, such as the Cache database by InterSystems Corp. and Microsoft Corp.'s Windows operating system. In addition, a few of VistA's 130 or so software modules are proprietary. However, WorldVistA, a not-for-profit organization, has developed a largely open-source version of VistA, using GT.M, by Fidelity Information Services, an open-source version of MUMPS, replacing Cache, and the Linux operating system, replacing Windows.
The IAC work group recommended the VA contract with an unspecified Federally Funded Research and Development Center to lay the groundwork for the re-engineering of VistA's replacement, preparing a “detailed set of technical specifications” for what they describe as the “VistA 2.0 Open Source Core Ecosystem.”
But because proprietary software likely will be part of the mix during re-engineering, VistA 2.0 won't be entirely open-source, predicts Ed Meagher, chairman of the IAC work group that prepared the report.
Still, any commercial off-the-shelf, or COTS, software products that connect with VistA initially via an interface, soon must be reprogrammed to run “native” in the surrounding open-source environment, Meagher said. A proprietary software vendor will still be able to charge the VA license fees, but “three guys in a garage can say, ‘I can do a Red Hat on it,' ” Meagher said, referring to the purveyor of the open-source Linux operating systems, and try and compete with the proprietary system's vendor for the VA's business. “We haven't eliminated anybody from playing,” he said.
Aside from the COTS vendors, Meagher said, major contractors who develop new software to government specifications should be required to hand over intellectual property rights to the VA so that the new software code can be put in the public domain, he said.
That recommendation, if followed, could avoid a recurrence of a situation from the late 1980s and 1990s when giant defense contractor SAIC copied the publicly available VA system, adapted it for the Military Health System, but was allowed to retain ownership of the new software.
The initial SAIC contract price for the work was reported at slightly more than $1 billion. But Meagher said the ultimate cost to taxpayers for the resulting Composite Health Care System, or CHCS I, and its troubled successor system, CHCS II, now called AHLTA, is more in the range of $3 billion to $4 billion.
Meagher said it will be up to the VA to ensure those sections of the new VistA developed under contract will remain in the public domain.
Meagher said the entire job of re-engineering VistA “could be done, soup to nuts, finished in five years.” That would include “decomposing” the current VistA system, writing the specs for a replacement, programming the replacement, rolling it out to all VA facilities and migrating the data from VistA to VistA 2.0.
Last month, the VA held an “industry day” to go over details of a massive IT contracting opportunity called Transformation Twenty-One Total Technology, or T-4. A request for proposals is scheduled to be issued under T-4 by May 31, with contracts to be awarded by the end of September. The total limit of T-4 contracts over five years is $12 billion.
As it works on the VistA replacement, Meagher said the VA should find ways to revitalize the development approach it used to create the VistA system and its precursor, the Decentralized Hospital Computer Program, with one-on-one interaction between VA clinicians and programmers.
Of the 20 alternative development models reviewed by the IAC work group, the VA's own iterative model made it to the final round of six contenders selected by the work group as the most practical, valuable and viable when taking into consideration criteria such as financial and technical risk, time to benefit, governance complexity and estimated return on investment.
According to the work group report, “Since many of the VistA applications were actually built this way, why not do what has proven to work in the past?”
In analyzing those final six alternatives, the work group concluded the decision to go forward boiled down to "two basic options." They are:
- "Restructrure the existing VistA system, piece by piece, into a more modular and well-behaved application while still using it."
- "Build a replacement system reusing the business processes, workflow, screen designs and data models from VistA."
Meagher said that even when re-engineering VistA to create VistA 2.0, the work group “strongly encouraged” the VA to keep that close relationship between the developer and the end-user.
Recently, a team of researchers from the Center for Information Technology Leadership concluded that the VA had spent more than $4 billion on the development of four key VistA subsystems that in 2007 produced an estimated annual benefit to the VA of about $687 million.
However, for costs of the entire VistA system, Meagher said, “they're off by eight or nine billion. The whole thing was” $12 billion to $14 billion.
But even with that level of public investment, Meagher said VistA has run its course. “We recognize what those guys have accomplished,” Meagher said. “You've got to say, ‘Bravo. You did well, but now you've got to try something else.' And that's what we're trying to do here.”
Baker, the VA's titular CIO, was unavailable for an interview, but provided a statement via e-mail.“The VA is pleased with the efforts of the ACT-IAC to review the option for moving VistA into an open-source endeavor and especially the dedicated efforts of the members of the work group and leadership of ACT-IAC,” according to Baker's statement. “Clearly the group did an exhaustive study covering the significant technical and governance aspects important to making decisions in the open-source arena. We are currently reviewing the many recommendations covered in the report and look forward to a rich dialogue and exchange of ideas and concepts with industry.
“VistA is the pre-eminent example of what a patient-centered electronic health record can do, and its improvement will take the joined efforts of clinical experts, government and industry,” according to the statement. “The VA looks forward to continuing this review.”
Click here to comment on this article.