Transforming Information Technology at the Department of Veterans Affairs

IBM Center for The Business of Government


In October 2005 the U.S. Department of Veterans Affairs launched what many believe to be the most ambitious organizational information technology overhaul and consolidation ever to be attempted in the federal government.

With increasing pressure coming from outside entities, including Congress and the Government Accountability Office, and pushed by a group of influential insiders, the department in 2005 laid out ambitious and controversial plans to consolidate control over what had become a sprawling, aging and unwieldy system of computer and communications technologies spread across the department’s more than 1,000 medical centers, clinics, nursing homes and veterans’ centers.

According to an October 2005 memo from a former VA chief information officer, the VA CIO had direct control over only 3 percent of the department’s overall ITIT budget and 6 percent of the department’s ITIT personnel. Individual medical directors in the field had virtually complete control over decisions about ITIT investment, which had resulted in a substantially ad hoc and disjointed ITIT system virtually impervious to rapid, nationwide sharing of client information, universal system upgrades or patches, or system-wide distribution of new, proven applications.

As pressing as questions about the functional capacity of the system were, the overall security of the system was equally urgent, with scores of unsecured laptops and thumb drives floating around the system containing confidential information about millions of veterans. Meanwhile, mainframes sat unsecure in frequently precarious circumstances, near old steam and sewage pipes, with no backups available. Indeed, the push to gain control over the sprawling system was reinforced powerfully in 2006, when an IT security breach compromised the confidential information of some 26 million veterans.

The heart of the overhaul was the creation of a governance plan and the adoption of a full set of best IT practices that the VA hopes will ultimately result in a secure, integrated, reliable and responsive IT system aimed at efficiently delivering high quality health care services to veterans, while supporting the thousands of health care professionals who work for the VA.

Under the plan, the department has centralized all IT budgeting, planning and development, including putting full control of the department’s IT budget and staff under the VA’s Office of Information and Technology in Washington, D.C., while placing a premium on encrypting, securing and accounting for every piece of computer hardware in the system.

The ongoing effort has been difficult and controversial. An organization based substantially on an ethic of dispersed authority and control has proved to be an extremely difficult environment in which to try to centralize and consolidate. There has been wholesale resistance to the consolidation effort from a wide variety of powerful players both inside and outside of the VA.

As of this writing, the transformation is a work in progress, but has made substantial progress towards the “One-VA” vision laid out in the consolidation plan. But while the effort is still a work in progress, it has the potential to be a useful model for other large-scale public sector entities wishing to modernize and consolidate similarly unwieldy and dispersed systems.

Some of the VA lessons include the obvious, including the absolutely critical role that leadership plays in any large-scale organizational change effort. But some lessons are less so, including the VA’s novel and innovative approach to the contract that it let for outside help with the transformation effort, an approach that ought to prove useful to any organization availing itself of outside help with transformation.Meanwhile, the VA has clearly made substantial progress in consolidating planning, budgeting and personnel and in securing all the information contained in its massive IT system. Specific initiatives include moving data to regional processing centers with improved “fail over” capacity. A new contract is allowing for increasingly rapid and reliable deployment and upgrading of computer hardware and software system-wide.

While questions about the transformation remain—in particular about whether the development arm of the VA is up to quickly designing, testing and deploying new software—the reforms at the VA appear to be taking root. No doubt the growing pains will continue, but with continued work and investment, the VA has the potential to solidly secure its place as a model for how to do large-scale IT transformation in a logistically and politically complicated—some would even say openly hostile—environment.

(Executive Summary)