Skip to main content
InterScripts
Pillar · Federal Healthcare Modernization

Federal healthcare IT modernization — DHA, VA, federal civilian

The short answer: Federal healthcare IT modernization is the transition of U.S. government healthcare systems from legacy platforms (AHLTA, CHCS, VistA, Essentris) to modern, cloud-native, FedRAMP-aligned platforms — primarily Oracle Health (Cerner) Millennium for the Defense Health Agency (MHS GENESIS) and the Department of Veterans Affairs (VA EHRM). The modernization scope spans the active EHR, integrated ancillary systems, federal data governance (VAULTIS), and the archival of historical records under NIST SP 800-53 / CMMC L2 / DoD RMF.

Raju Togi
Raju Togi · President & Chief Executive Officer· Reviewed 2026-05-15

Key takeaways

  • MHS GENESIS replaces AHLTA, CHCS, Essentris across the Military Health System
  • VA EHRM replaces VistA with Oracle Health (Cerner) Millennium across VHA
  • VAULTIS is the DoD data strategy reference: Visible, Accessible, Understandable, Linked, Trustworthy, Interoperable, Secure
  • BytePad for Government archives historical federal data under FedRAMP-aligned controls
  • GSA Schedule (MAS) and state BPAs are the dominant federal procurement vehicles
  • Federal compliance baseline: NIST SP 800-53, CMMC L2, DoD RMF, Zero Trust (NIST SP 800-207)

The numbers

GSA MAS
Schedule held by InterScripts
GSA
4 state BPAs
Active: UT, MI, PA, Washington County
InterScripts contract records
NIST 800-53
Federal control baseline
NIST
CMMC Level 2
DoD contractor baseline
DoD
DoD RMF
Risk Management Framework
DoD
300+
HIS migrations executed
InterScripts delivery records

The federal modernization stack

A federal healthcare modernization program touches four layers: the active EHR (MHS GENESIS or Oracle Health for VA EHRM); the integration spine that connects the EHR to ancillary clinical, financial, and operational systems; the data governance and archival layer (VAULTIS, BytePad for Government); and the security, compliance, and identity layer (NIST SP 800-53, CMMC L2, DoD RMF, Zero Trust, ICAM).

Modernization programs that succeed treat these four layers as one. Programs that succeed treat them in sequence — EHR cutover, integration sustainment, data governance, then security retrofit — usually run over-budget and over-schedule.

Why VAULTIS matters

VAULTIS is the DoD's data strategy framework: Visible, Accessible, Understandable, Linked, Trustworthy, Interoperable, Secure. It is the design baseline for federal data-governance programs and the reference architecture BytePad for Government implements out of the box. Each of the seven attributes has measurable engineering implications — visibility is a catalog problem; accessibility is an access-control problem; understandability is a metadata problem; linkability is a master-data problem; trustworthiness is a provenance problem; interoperability is a standards problem; security is a NIST 800-53 problem.

Federal procurement reality

Federal healthcare IT procurement runs through a small number of contract vehicles: GSA Multiple Award Schedule (MAS), agency-specific IDIQs (DHA TMSI, VA T4NG), state BPAs, and direct task-order procurement under set-aside categories (small business, SDVOSB, 8(a), DBE). InterScripts holds GSA MAS plus active state BPAs in Utah, Michigan, Pennsylvania, and Washington County, and operates as both prime and subcontractor.

Sources & references

Frequently asked questions

What is the difference between MHS GENESIS and VA EHRM?

MHS GENESIS is the active EHR program for the Defense Health Agency, replacing AHLTA, CHCS, and Essentris across the Military Health System. VA EHRM is the Department of Veterans Affairs program replacing VistA. Both programs deploy Oracle Health (Cerner) Millennium.

How does BytePad for Government differ from commercial BytePad?

BytePad for Government runs in Azure Government and AWS GovCloud and is architected to NIST SP 800-53, CMMC Level 2, DoD RMF, and Zero Trust controls. The commercial BytePad runs in commercial Azure / AWS under HITRUST r2, SOC 2 Type II, and ISO 27001:2022.

Is InterScripts a small business federal contractor?

Yes. InterScripts is a Small Business, Minority-Owned, and DBE-certified federal contractor with CAGE 8YC07, DUNS 014379990, and UEI X5LBW3NEQDK7.

Which federal contract vehicles does InterScripts hold?

GSA Multiple Award Schedule (MAS), plus active state BPAs in Utah, Michigan, Pennsylvania, and Washington County. Available as prime or subcontractor on agency-specific IDIQs.

Read the cluster

VA EHRM program — vendors, timeline, opportunities

VA EHR Modernization (EHRM) program — replacing VistA with Oracle Health (Cerner) Millennium across VHA. Vendor partners, timeline, sites, opportunities for small business contractors.

Bring this to your team

Book a 30-minute walkthrough with the InterScripts experts who wrote this. We will tailor it to your systems, retention obligations, and federal compliance posture.

Schedule a meeting