Department of Veteran Affairs – Federal Register Recent Federal Regulation Documents

VA is amending the current system of record (SOR) (173VA005OP2) the Department of Veterans Affairs (VA) Mobile Application Environment (MAE) by renaming it VA Enterprise Cloud Mobile Application Platform (VAEC-MAP). The VA MAE has been replaced by VAEC-MAP. VA changed Information Technology providers from Terremark to Amazon Web Services (AWS). In addition, the system location has changed. We are restating the routine uses in full and revising the language to make routine uses align with recent Office of Management and Budget (OMB) guidelines and making minor editorial changes to more clearly articulate uses and to align with standardized VA routine use language. VA is republishing the system notice in its entirety. VAEC- MAP is a cloud hosted system that provides the infrastructure and hosting platform for Mobile Shared Services (i.e., common services used for Mobile applications) and web components of applications used on Mobile devices. Mobile applications connect to VA enterprise services using the VAEC MAP Mobile Shared Services. Mobile applications such as Video Visits Service (VVS), Veteran Affairs Online Scheduling (VAOS), Patient Viewer (PV), and Veteran Affairs Video Connect (VVC) leverage this platform, pipeline, and hosting environment to provide a coordinated scheduling and notification capability to Staff and Veterans among other resources. VAEC-MAP uses the VAEC AWS cloud environment to provide an automated platform and pipeline for the development and hosting of production VA mobile applications. VAEC Common shared services, such as BigFix, Nessus, Splunk, and AD, are leveraged to provide security control implementation and system security visibility to the VA teams responsible for ensuring the security of VA systems. Administrative users of the VAEC-MAP environment must authenticate to the VA (Citrix Access Gateway or RESCUE) via Personal Identification Verification before using access keys and Identity and Access Management multi-factor authentication to gain access into the environment. System Administrators access the VA network using VA managed Government Furnished Equipment through Virtual Private Network connections to the VA Local Area Network and are authenticated using an Active Directory system managed by VA Network Security Operations Center. Encrypted communications protocols and ports are employed to protect information flowing across the VA network. All system access is managed via Role Based Access Control deployed separately within the environment and adheres to the Least Privilege Principal for all user accounts regardless of role. VAEC-MAP user account management adheres to VA policy or exceeds VA Policy where applicable.

On March 13, 2020, the President declared a national emergency recognizing the threat that the ongoing outbreak of COVID-19, the disease caused by the novel (new) coronavirus known as SARS-CoV-2 (``the virus''), poses to the Nation's healthcare systems. On April 10, 2020, the President of the United States issued a Memorandum for the Secretary of Veterans Affairs, ``Authorizing the Exercise of Authority under Public Law 85-804.'' The Memorandum authorizes the Secretary to exercise authority with respect to contracts performed in support of efforts by the Department of Veterans Affairs to combat COVID-19. The President authorized and directed the Secretary of Veterans Affairs to publish this memorandum in the Federal Register. The text of the memorandum is set out below.

In accordance with the Privacy Act of 1974 (5 U.S.C. 552a(e)(4)) all agencies are required to publish in the Federal Register a notice of the existence and character of their systems of records. Notice is hereby given that the Department of Veterans Affairs (VA) is amending the system of records entitled ``Freedom of Information Act (FOIA) RecordsVA'' 119VA005R1C.