The Department of Veterans Affairs’ (VA) Office of Inspector General (OIG) released a report on July 1, 2025 announcing it found VA procured IT systems which failed to comply with legally-required accessibility standards. Specifically, of the 30 “bedrock and critical” IT systems audited by OIG as part of its report, the inspector general found only four systems that complied with Section 508 of the Rehabilitation Act.

Since the Department of Veterans Affairs (VA) launched its most recent attempt to modernize its electronic health record (EHR) system in 2020, the initiative has been plagued with numerous setbacks and budget overruns. Given the issues faced, lawmakers recently introduced a new discussion draft of legislation that would increase oversight of the VA’s efforts.

Our very own Chief Cybersecurity Technologist and Institute for Critical Infrastructure Technology (ICIT) fellow, Don Maclean, recently joined fellow fellows Robert Lord (Protenus), John Menkahart (Securonix), Dr. Ron Ross (NIST) and ICIT co-founder and senior fellow, Parham Eftekhari on Capitol Hill to discuss the risks and threats associated with cyber attacks on healthcare facilities.