DoD medical records system goes down temporarily

Published 7 November 2006

An auditing function is to blame for the 20 minute shutdown of the Clinical Data Repository; records of 8.6 million soldiers and their families at risk; DISA is working hard to create redundancy with local caches and renote data storage

Readers may recall the news earlier this year that a large number of Veterans Administration records had been compromised by an IT security failure. That was a bad blow, and that it was committed against those who had served their country made it doubly disconcerting. Sad to say, one does not have to have retired from service to think one’s health records at risk. The Defense Information Systems Agency (DISA) has announced that the Clinical Data Repository, the electronic storage facility for the medical records of 8.6 million active duty and retired soldiers and their families, failed briefly last week. There is no indication of a security breach, but the problem calls into question the Repository’s structural soundness.

The disruption, officials said, lasted only twenty minutes, and was not altogether unanticipated. In recent years the military has been transfering files from the Military Health System to the Armed Forces Health Longitudinal Technology Application database, and troubles have arisen along the way. Military doctors, however, are extemely reliant on the electronic records — a model, some say, for the future of e-health care — and when the system is down the quality of care neccesarily suffers. Indeed, this is the main drawback of electronic health records, one similar in many ways to the problems of electronic voting. Without a paper-based back-up, IT or electrical failures can leave everyone involved high and dry.

Preliminary DISA analysis indicates that a faulty auditing function was behind the recent problem. Officials also said the agency is working to build redundancy for the data repository. As it stands today, the Repository resides on a separate storage-area network, and a mirror copy exists at the data center that houses health records. The data center generates multiple copies of the repository each day, and those copies are retained on-site and off-site. DISA is also testing a remote data center and is setting up cache servers at Military Health System facilities to permit local access if the data center goes down again. These latter endeavors are expected to be operational within a few months.

-read more in Bob Brewin’s Government Health IT report