VA Considers Cloud Collaborative Tools

Seeks Advice on Using Commercial SaaS Applications
VA Considers Cloud Collaborative Tools
The Department of Veterans Affairs is seeking advice from cloud computing vendors on the feasibility of using commercial software-as-a-service collaborative tools that eventually could meet the needs of all of its 134,000 medical personnel.

In a recently issued request for information, the VA asks vendors for suggestions for using web-based collaborative software that will integrate with the VA's existing systems. The project would start with a pilot including up to 5,000 participants. That could lead to the use of collaborative tools by all of the VA's 17,000 staff physicians, 36,000 residents and 81,000 other medical staff members.

"By implementing a pilot of cloud SaaS-based collaborative tools, the VA would be able to demonstrate how collaborative tools will improve veteran care, reduce the amount of time the VA's doctors spend on collaboration and prevent further breaches which have been caused, in part, due to the lack of a VA-approved collaborative tool," according to the RFI announcement.

The VA's November 2010 report to Congress on breaches listed an incident at a Chicago VA hospital in which four residents were inappropriately sharing information on more than 1,000 patients via a Yahoo calendar application. So the VA wants to make sure such cloud collaborative applications are used with the appropriate security precautions, including accessing the applications through a secure VA network. The RFI announcement notes that any SaaS application the VA uses must have earned, at a minimum, FISMA (Federal Information Security Management Act) moderate certification.

The RFI states that a recent VA study concluded that "VA's doctors need a new, effective and intuitive collaborative tool to improve communications while also reducing data breaches."

The VA is considering using a commercial cloud-based collaborative application, rather than developing and hosting its own application, based on recent Office of Management and Budget guidance, the RFI announcement also notes.

Four Scenarios

The RFI spells out four use scenarios for the collaborative application:
  • Sharing sensitive and non-sensitive patient information from one VA physician to another;
  • Sharing non-sensitive health-related information on education, research that's not patient-specific, policy and similar document developmental collaboration;
  • Use of cloud SaaS tools as a substitute for the VA's standard Microsoft Outlook Exchange e-mail and for interconnection with the VA's existing e-mail systems; and
  • Sharing of sensitive patient information between the VA and the Department of Defense.

The RFI document, which lists 47 questions for vendors to address, is not a formal solicitation of bids for the massive project, but instead is "solely for information and planning purposes."


About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.