Any Comment on VA Security Plan?

[Nancy E. Anthracite, MD]

The Department of Veterans Affairs has invited the open source community to 
comment on its plans for two aspects of their software related to healthcare. 
I am hoping someone will be willing to look at their security plans for 
authentication.  To my eyes, and I know almost nothing about this, it appears 
that they are crippling their ability by using Windows 2008 server.  They have 
Red Hat Linux in many sites now, so I was wondering if they would be better off 
replacing their Windows 2008 server with a Linux solution.  I also know too 
little to know if there any aspects of this plan that need changes.  I decided 
that since the VA healthcare software is used heavily in my community, I would 
ask for help from the experts in your community with this other subject we 
know a lot less about.

I have put this link to the document because I am not sure if this list allows 
posting of documents. 

http://www.techstrategies.oit.va.gov/docs_design_patterns_aaa.asp

There is supposed to be an open discussion about the VAs plans next Monday at 
4 PM Eastern.  If anyone feel they have something that should be commented on 
at the session or by an email, or you have questions, please contact me and I 
will try to help answer your questions or help you provide comments where they 
are most likely to do some good.

P.S., if you find the use of the term Design Patterns disturbing, so do the 
other developers I know, but they have largely chosen to bite their tongues 
except in private!

Thank you for your consideration.

-- 
Nancy E. Anthracite, MD
nancy at worldvista.org
240-246-0123
240-793-7436 (cell)