Chief of the Year: Information

On June 15, Government Executive is featuring the government's chief officers of acquisition, finance, human capital, information and information security in a special issue of the magazine. This year we've identified individuals to highlight as Chiefs of the Year -- not necessarily because they are unsurpassed in their fields, but because their peers have much to learn from their experiences.

Chris Flynn

Roger Baker
Chief Information Officer
Veterans Affairs Department

When Roger Baker came back to government in 2009 after almost a decade in the private sector, he told senators at his confirmation hearing he was aware he would inherit security and managerial difficulties. In recent years, there had been high-profile gaffes such as the loss of personal data on 26 million veterans and failed multimillion-dollar information technology projects.

As CIO at Veterans Affairs, Baker continued to confront information security and program management fiascos. For example, software bugs led to instances of doctors retrieving the wrong patient data and the department's IT portfolio was found to include 45 underperforming projects. Instead of kicking these embarrassments under the carpet, Baker went public about the medical information system flaw and halted those projects last summer.

Such moves could rile some advocates of health IT innovation and federal contractors, but Baker contends they were in the best interest of veterans. "We know we have saved $54 million in fiscal 2010 from those 45 projects, and we've moved those dollars to increase the probability of success in other projects," he says.

VA still has a long way to go toward providing timely access to benefits and turning around projects mired in wasteful spending, but Baker seems to be up to the challenge. He has made continuity of care through electronic health records a main concern. "Our ability to create for each veteran and each service member a complete record of their service, of their health interactions, of everything necessary to provide them with quality care . . . is really one of the absolute top priorities for us," he says.

A former Commerce Department CIO, Baker initiated a project management system at VA that suspends initiatives after they miss three milestones. Of the 45 projects on hold, 12 were cut and an online training system for employees remains in limbo. The others were restarted after undergoing substantial changes, such as an overhaul of the basic approach or replacement of the program manager, contractors or government staff. "If there are better systems out there or better approaches to it, I think we owe it to everybody inside VA to explore those," he says.

Baker is creating an internal project-tracking website to warn employees about initiatives at risk of suspension and has made some of that information available to the public as a stoplight-style chart. "If a project is trending red and it's missing [milestone] dates, it's pretty easy to see that it's going to come under some heavy scrutiny for whether it should be stopped or not," he says.

He owns up to the fact that security vulnerabilities continue to jeopardize veterans' and military members' data. "It's still the case that the bulk of the risk is internal. The issues that we see that cause information breaches in the VA tend to be things that employees are doing primarily inadvertently," he says. "The area where VA has made the most progress is VA is a model for how you treat and analyze potential privacy breaches."

Although Baker says he is committed to being open with the public and the VA workforce, he also seems wary of violating his employees' trust by revealing too much about department operations online. "It turns out that transparency is a little tough to do in government," he says. "I am both the CIO and the chief privacy officer of this organization. As we talk about doing things like putting performance information up on the Web we have to be very careful."

Chiefs of the Year 2010 main page