VistA outage effects felt for months

The Veterans Affairs Department will be working for months to restore the integrity of electronic records that were disrupted during an outage of its e-health record system Aug. 31 at 17 medical facilities in northern California, VA health care officials said.

Medical professionals at the hospitals, including San Francisco's VA medical center, were prevented from logging on to VA's VistA health record, the Veterans Health Information System and Technology Architecture, and its component, the Computerized Patient Record System.

The disruption, which lasted for nine hours, was caused by the movement of the management of information technology systems to regional data centers. The incident happened during business hours at VA's regional data processing center in Sacramento, said Ben Davoren, director of clinical informatics at VA's San Francisco Medical Center. He talked about the incident during testimony last month before the House Veterans Affairs Committee.

'The disruption severely interfered with our normal operation, particularly with inpatient and outpatient care and pharmacy,' said Bryan Volpp, associate chief of staff for clinical informatics at VA's Northern California Healthcare System, in written testimony provided to the committee.

As a result, the medical staff had to write discharge instructions and medical and medication notes on paper.

Once the disruption was resolved, it took a tremendous amount of work to restore the integrity of the electronic record, he said.

'This work to recover the integrity of the medical record will continue for many months since so much information was recorded on paper that day,' Volpp said. Employees must pull up the paper records, and that presents a risk that some important facts or results collected on that day will be missed at some point in the future, he said.

Davoren called the incident 'the most significant technological threat to patient safety VA has ever had.' The Sacramento data center did not roll over the systems to the Denver regional processing center as planned. And backup systems for the regional strategy were unavailable or overwhelmed in four of the medical centers, he said.

'This was a known risk during the pilot phase of the [regional data processing center] collocation project,' Davoren said.

VA has moved management of information technology systems to regional data centers to better protect information in a secure data center instead of local facilities. Also, if a hospital system shuts down, such as in New Orleans during Hurricane Katrina, patient records could be immediately available from another hospital location.

Contingency plans for the regional data center, however, failed to stop the disruption, Volpp said.

In addition to the switch to the Denver data center failing to occur, the read-only backup of patient data was unavailable because of previously planned periodic updating of the hospital test account. Physicians and nurses then relied on health summary data, which was stored on several local personal computers and could be printed. The health summaries are brief extracts of the patient record with recent notes, medication lists and lab test history, he said.

VA is investigating the incident internally and also via an independent review to assure that contingency plans work, Robert Howard, VA's chief information officer, told lawmakers.

About the Author

Mary Mosquera is a reporter for Federal Computer Week.

inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group