Open source collaboration with VA betters VistA EHR security

Kyle Murphy | EHR Intelligence | November 15, 2013

The work of a graduate student at Georgia Tech has led to the creation of a patch to repair a security vulnerability in one of the most widely used EHR systems, according to an announcement by the Open Source Electronic Health Record Agent (OSEHRA).

The non-profit organization responsible for hosting the software repositories for the Veterans Health Information Systems and Technology Architecture (VistA) EHR as well as supporting a community dedicated to innovated on this and other open source EHR systems is heralding the experience as a “textbook example” of how an open source approach to collaboration can improve the security of EHR systems.

“We’re very proud of both the process and the outcome here,” said Dr. Seong Ki Mun, CEO of OSEHRA, in a public statement. “A single interested individual found a vulnerability that impacted the entire community. Every VistA user can use the resulting patch to improve security for their patients. The level of cooperation among agencies, companies, and individuals was unprecedented, and demonstrates the real power of the open source community.”