The Secretary of the Department of Veterans Affairs (VA) Denis McDonough promises changes are coming after a 12-week strategic review of the VA’s electronic health record program. That program is missing important elements of the federal government’s cyber defense strategy. Carol Harris, director of information technology and cybersecurity issues at the Government Accountability Office (GAO), discussed the state of VA cybersecurity on “Government Matters” Monday.
- Harris said the VA has multiple cybersecurity deficiencies in high-impact systems and that if these systems failed, there would be a “catastrophic impact” on the department’s ability to deliver its mission.
- At a recent House Veterans Affairs Technology Modernization Subcommittee hearing, Harris testified that it will take concerted effort to break down siloes in IT at the VA so it is more centralized.
- The VA has made progress with its electronic health record program, but GAO recommends it postpones further deployment of the new system until addressing any critical or high-severity test findings, said Harris.