VA outlines protection of VLER data

The use of firewalls and increased encryption to protect data transmissions between various operational systems and warehouses are among several steps the Department of Veterans Affairs plans to take to safeguard patient data used in the Virtual Lifetime Electronic Record (VLER) program, according to a recent notice posted in the Federal Register.

The VA will limit access to databases with such information only to individuals whose job requires that access, and will enforce that access using information security officers, in addition to security software, according to the notice. What’s more, the VA plans train all staff on information security, emphasizing that it’s not just the job of the IT department to keep such information safe.

Other steps outlined by the VA in its notice include providing physical security for buildings and rooms housing veterans’ data and housing copies of back-up computer files at off-site locations.

The notice also proposes a number of “routine use disclosures” for the data. For example, the VA says that such data can be disclosed to federal, state, local, tribal or foreign agencies pertaining to criminal and civil violations of law.

The VLER program--which shares veterans’ health information electronically between the VA, the Department of Defense and select private healthcare facilities partnering with those entities--initially was launched in April 2009 to create a unified lifetime electronic health record for members of the armed forces. Last fall, it was expanded to seven sites: Grand Junction, Colo; rural Utah; Asheville and Western North Carolina; Buffalo; Charleston, S.C.; Minneapolis; and Puget Sound Wash.

The VA’s proposed 2013 budget requests $52.9 million for the VLER program.

To learn more:
- here’s the notice in the Federal Register

Suggested Articles

Healthcare software company Phreesia closed its first day of trading as a public company Thursday about 40% above its set price.

The announcement comes on the heels of the Trump administration's effort aimed at kidney care that includes expanding access to in-home dialysis.

Technology company Philips has acquired Boston-based startup Medumo, the developer of patient navigation and engagement solutions.