DHA’s Consolidated MTF Network Focuses on Security Architecture, Efficiency

The Defense Health Agency is working to integrate and consolidate a variety of networks and systems across military treatment facilities (MTFs) as it continues to absorb the various military hospitals and clinics across the defense health space.

DHA CIO Pat Flanders has been coordinating the DHA consolidation of IT across the MTFs, which has largely meant meeting the challenge of connecting each of the service’s disparate systems, networks and IT assets. As long as there are duplicative capabilities across the MTFs, it is much more difficult to maintain resiliency and security, Flanders added.

“We’re all chopped up, and so that’s the biggest problem because when you own one of everything, it’s very difficult to establish consistent processes to ensure that everything’s secure,” Flanders said. “Instead we’re doing risk management framework evaluations of five kinds of devices for certain medical procedures. … The same is true of software across the landscape.”

As Flanders continues to bring the various military health networks together under the Medical Community of Interest (Med-COI), DHA’s new electronic health record (MHS Genesis) has been the cornerstone connecting disparate patient records across the original four MTF markets in the Military Health System.

“The two big modernizations I have are [I] have to put four legacy networks into one and many, many medical systems for which there is a distributed system,” Flanders said. “Although, I say there’s a new patient system … all of that is coming together on the new electronic health record called Military Health System Genesis. Those are two big issues.”

For Med-COI, Flanders emphasized that the network’s architecture is focused around security.

“It’s very deliberately architectured — a focus on security architecture,” Flanders said. “Basically, it’s … a single active directory, a single set of tools that we will install on the network [in] enclaves so that we can monitor and a singling up of the security stacks.”

Flanders described this architecture as one built from “the ground up” in a Mission Partner Environment information system specifically designed for MHS in a way that’s separate from the Defense Department’s SIPRNet and NIPRNet, or the Secret and Non-Classified Internet Protocol Router Networks.

Amid the technological changes come with the need to shift personnel and contracts. Flanders said the Military Health System currently has about 200 small contracts across MHS for touch labor and IT services work. DHA is trying to consolidate those contracts into a large series of contracts over the next couple of years.

Although the consolidation efforts occurring across the DHA’s networks and IT portfolio are challenging, the efforts have brought greater visibility and consequently security and efficiency across the MHS network.

“It’s a singled-up process, and it’s a singled-up ability to monitor and defend, a singled-up help desk, singled-up tools,” Flanders said. “It’s massively more efficient and effective, and we aren’t done yet.”