The votes are in for the 2025 FedScoop.

See the winners!

VA issues new data ethics principles

The Department of Veterans Affairs issued new ethics principles for accessing and handling veterans’ data, it announced Monday.

The nine principles are designed to ensure the safe and responsible use of data, especially personally identifiable information like medical data. With the increased use of data, particularly during COVID-19 response, comes thorny issues of how that data is used, protected and accessed, which the new principles aim to address.

In full, the principles developed by VA’s Data Ethics Group are:

“VA’s principle-based ethics framework takes a proactive approach to data management and privacy by setting standards for our partners to follow,” acting VA Undersecretary for Health  Richard Stone said in a statement. “VA is applying this framework to all data interoperability initiatives, including those tied to our COVID-19 response and modernization efforts.”

The set of principles comes as the VA is undertaking a massive modernization of its legacy electronic health record system, migrating to a new cloud-based Cerner EHR platform that the department hopes will bring its health care into the digital age. The Government Accountability Office recently instructed the VA to pause the rollout of the program to do more testing and fixing known issues, but the department said it won’t heed that advice.

The VA has expanded data access and usage in other ways with a host of new applications and APIs, some of which allow veterans to access their own data from iPhones. The expansion of data access has raised questions from lawmakers in the past over the VA’s security practices and their work to rid their networks of Chinese technology. The VA has also dabbled in AI projects to detect veterans at risk for suicide.

The principles follow other agencies that have enumerated broad guidelines for ethical data use. In 2020, the DOD adopted ethical principles for the use of artificial intelligence, which is heavily data-reliant.

The VA said it wants to have all its policies reflect the new principles by the end of 2022.

Marines piloting 5G to improve warehouse logistics

The Marine Corps Logistics Command in Georgia is piloting the use of 5G to enhance operations in new “smart warehouses.”

Federated Wireless and a group of other technology companies have kicked off work with the Marines to develop a high-bandwidth wireless network that can handle more data. Together, they will work to expand the capability of warehouse operations and improve the new network security with a zero-trust security architecture, according to a news release.

The project, based out of the command’s headquarters in Albany, is one of several in which the military is hosting 5G “test beds” on bases, offering private companies the opportunity to test their tech in less regulated environments while boosting connectivity for the services.

The new network is hosted on the Citizens Broadband Radio Service (CBRS). This part of the electromagnetic spectrum within 3.5-3.7GHz bands is reserved by the Federal Communications Commission for both federal and non-federal use.

The upshot for the Marines is the new network could improve the logging of receipts, storage, inventory control and auditing of supplies that support global operations, according to the release. The hope is the 5G network will also be able to support warehouse robotics and holographic, augmented and virtual reality applications.

The Department of Defense’s 5G strategy aims to improve base connectivity and eventually transition the technology onto the battlefield as a means to improve overall command, control and communications.

Cisco has partnered on the effort to provide a security architecture for 4G and 5G networks that follows a zero-trust model where all points of the network require continuous security checks, not just at the perimeter. With the added bandwidth of 5G and more data flowing, added layers of security are needed to ensure malicious actors are not corrupting information.

Other partners on the pilot include Amazon Web Services, Perspecta Labs, Vectrus, Capstone Partners and JMA

How open technology and process help the public sector innovate

Secret Service wants 2,000 body-worn cameras

Secret Service members may soon wear body cameras in the line of duty, according to a request for information from vendors.

The Secret Service is part of the Department of Homeland Security, which wants to award a firm-fixed-price contract for 2,000 body-worn cameras but first needs a better sense of vendor capabilities to plan the procurement.

Federal interest in body-worn cameras has increased since the Department of Justice started permitting their use on federal task forces in October.

The desired cameras will store at least 12 hours of video at a high-definition video resolution of 1080 pixels and ideally 24 hours at 8K. They’re to have at least a 150-degree field of view and ideally 180 degrees, as well as night vision and vehicle adaptability.

Cameras will have pre-event recording that can be adjusted to between 30 seconds and 2 minutes prior to their activation. Activation and deactivation can be manual but will automatically occur whenever the camera, a weapon or a taser is withdrawn from its holster.

Live feeds will be able to be remotely activated and monitored and all videos timestamped and dated. GPS can also be tied to the video and manually disabled or remotely activated.

The Secret Service wants the ability to categorize, label and redact videos captured. The cameras will be able to have their internal memory remotely monitored, and uploads will be both wireless and wired.

Cameras will wirelessly upload their contents on-premise or to a Federal Risk and Authorization Management Program-certified cloud platform within at least 10 and ideally five minutes of activation. The device will purge that data once it’s uploaded.

Non-evidentiary video files will be stored at least 30 and ideally 90 days, while the desired range for evidentiary files is 3 to 32 years. The Secret Service also wants the ability to label videos “permanent” to automate their perpetual storage.

Logs must be auditable and the cloud platform must have access controls capable of resisting denial-of-service attacks and exfiltration attempts.

Other camera features the Secret Service seek include:

Vendors have until noon on March 1 to respond to the request for information.

Air Force’s Operation Flamethrower aims to torch outdated IT policy

The Air Force‘s effort to burn down old IT policies that are holding back network modernization has a name befitting the type of change it seeks to spark: Operation Flamethrower.

The program has existed for several months to modernize IT policy, and now it’s keying in on nixing any policies that stand in the way of the Air Force’s move to an enterprise IT-as-a-service model.

In doing this, the Air Force faces challenges of budgetary stress — operating multiple networks boosts the IT price tag during a transition — and the complexity of gutting the decades-old policies designed around outdated technology, Brig. Gen. Chad Raduege said Thursday at a virtual AFCEA St. Louis meeting.

“Operation Flamethrower is all about creating offsets,” Raduege said. These “offsets” the program is looking to create are policy changes that would reduce the bloat of network operations with automation and secure endpoint weaknesses.

Central to that is the “shrinking of the AFnet,” the Air Force’s enterprise network, he said.

“This is a challenge that we are going through right now,” Raduege said of shrinking the legacy network and reducing the cyberattack surface.

The Air Force has been in a multi-year network transformation journey where it is championing enterprise IT-as-a-service to replace outdated legacy systems that are less secure and limit connectivity. Operation Flamethrower is also looking to reduce the redundancies created in the transition, burning out old systems that are no longer needed as new services come online.

“We are trying to figure out how to get from the legacy network where we are today into the future,” Raduege said.

The project has backing from senior leaders in the Air Force, Raduege said. It also has the support of the Cyberspace Capabilities Center at Scott Air Force Base.

Top Air Force general champions power of code during software factory visit

The chief of staff of the Air Force and other senior leaders paid a visit Tuesday to Kessel Run, the Air Force’s software factory and tech hub, where he underscored a commitment to a software-driven transformation of the department.

During his first visit to Kessel Run‘s Boston headquarters, Gen. Charles “CQ” Brown, the top officer in the Air Force, emphasized how he wants the Air Force to achieve some of its biggest modernization goals with rapid software developments. New programs at the heart of the Air Force’s evolution to a more digital branch will rely on software that is developed with the end-user in mind, Brown said during his visit to the coding factory. Kessel Run started as a pilot program for agile software development — where code is developed iteratively and refined to user needs — and has grown into a hub to rapidly and securely write and buy software for systems across the Air Force.

Brown has adopted a guiding mantra of “accelerate change or lose” as he leads the force. Much of that change will come from divesting from legacy platforms and dated aircraft programs in favor of modern software-defined platforms.

A big part of that, Brown said, is prioritizing the education of airmen on software development and using code as a tool to modernize systems in the fleet.

“Those are the areas that are going to be important,” he said during a Wednesday follow-up media roundtable in which he talked about the visit. “Someone is going to have to write code.”

Brown later added how he sees software as one of the most critical ways to evolve the Air Force’s current weapons systems and platforms. He pointed to the F-16 fighter jet — an aircraft that Brown himself has flown and even taught others to fly — as a system that can be transformed with more frequent software updates.

“The airplane actually changes because you are able to push more information to it,” he said.

Kessel Run helped develop programs that allow for more seamless software updates to the F-16, as opposed to a previous multi-day update process. Brown says that allows for the plane, and the force writ large, to be more nimble and invest more information from sensors.

“You are using software to change our approach,” he said.

JADC2 on the calendar

Software will also play a pivotal role in the Joint All Domain Command and Control (JADC2) operational concept: the futuristic strategy for defense driven by the coordination of an “internet of military things.” Brown told reporters Wednesday that he recently held talks on JADC2 with his counterpart in the Navy, Chief of Naval Operations Adm. Mike Gilday.

His discussions with Gilday come just before Lt. Gen. Dennis Crall, chief information officer of the Joint Staff, is set to hand over a document outlining the data standards and JADC2 strategy to the Chairman of the Joint Chiefs of Staff Gen. Mark Milley.

The Joint Staff is “laying out some level of standards and how we do data and digital architecture,” Brown told reporters. “That’s the lifeline.”

The Air Force has a memorandum of understanding with the Army to collaborate on JADC2 efforts, as the entire concept relies on sharing data across all domains and all services. Brown said he anticipates holding another meeting with Army Chief of Staff Gen. James McConville soon. Brown added that the publication of the DOD data strategy has helped increase collaboration.

“What we are seeing is a lot more dialog between the services,” Brown said.

GSA extends login.gov access to states and localities

The General Services Administration wants a limited number of state and local governments to try login.gov with their federally funded programs.

The COVID-19 pandemic and other crises have GSA‘s Technology Transformation Services looking to expand login.gov‘s authentication and identity proofing services, so people can more easily access their benefits.

Federal agencies have used login.gov with their websites since 2017, and GSA’s announcement Thursday brings users closer than ever to single sign-on for services at all levels of government.

“TTS will limit engagements with state and local entities to work that is linked to federal programs in which TTS is uniquely positioned to provide assistance,” reads a blog post announcing the news. “TTS will partner with applicable federal agencies to ensure proper coordination.”

Login.gov allows agencies to choose between forms of multi-factor authentication for securing accounts and is based on human-centered design.

Users in the participating states and localities will only need one account and password to access federal services and can rest easy knowing their privacy is protected in accordance with guidance from the National Institute of Standards and Technology, as well as the Cybersecurity National Action Plan.

Interested states and localities can apply to participate in the login.gov pilot here.

Those selected will have access to a developer sandbox letting them freely experiment with login.gov integrations while guiding them through the process. Participants will also be able to interact with each other, federal agencies and the login.gov team for support.

How healthcare agencies can tackle fraud, waste and abuse with RPA

CMMC language is in GSA’s latest contracts, but requirements will be order-specific

Any new cybersecurity requirements the General Services Administration asks of contractors will be introduced at the order — not the contract — level, according to the deputy assistant commissioner of IT acquisition.

While language from the Department of Defense‘s Cybersecurity Maturity Model Certification (CMMC) has been included in GSA‘s latest governmentwide acquisition contracts (GWACs), any application of its five levels will be order specific, Keith Nakasone, deputy assistant commissioner for acquisition in GSA’s Office of IT Category, said during an AFFIRM event Wednesday.

That way GSA can begin requiring contractors to prove their networks meet a certain maturity level while still ensuring agencies’ mission requirements are met.

“Not every single system is equal,” Nakasone said. “So we have to have the flexibility in the contracts to deliver the acquisition solutions.”

CMMC language was included in both the $50 billion STARS III and Polaris GWACs aimed at small IT businesses. Awards have yet to be announced for the former, and the latter remains in the draft solicitation phase.

GSA continues to hold regular Polaris meetups to address items like an ordering guide, which will serve as a template on how to use the contract for both contracting officers and DOD partners. The goal is to synchronize CMMC and the GWACs so GSA can phase in new DOD programs and projects over time, Nakasone said.

As work on the GWACs continues, civilian agencies have started approaching GSA about including CMMC requirements, he added.

GSA is also factoring the National Institute of Standards and Technology’s Special Publication 800-171 on DOD contractor assessments, Federal Acquisition Regulation, and Defense Federal Acquisition Regulation Supplement into program and project requirements. For instance, DOD’s Supplier Performance Risk System captures a lot of data around 800-171 that GSA hopes to tap into, Nakasone said.

“If we can deliver governmentwide acquisition contracts with order-specific requirements, we will be able to do a better job in managing not only the acquisitions, but what we will also be able to manage is that framework — that ecosystem that’s being built over time,” Nakasone said.

Army stands up first multi-domain task force in Washington state

The first of three multi-domain task forces has been established in Washington state to focus on the Army’s combat operations in areas with limited telecommunications access, the service’s top officer said Wednesday.

Military leaders have stressed that battles of the future will rely on a connected internet-like system to communicate across the domains of land, air, sea, cyber and space — a future the new task force and many other offices across the military are working to make real. The task force was activated to bring this conceptual connectivity to life in “Anti Access/Area Denial (A2/AD)” environments, Army Chief of Staff Gen. James McConville said during a Heritage Foundation event.

Two other multi-domain task forces are planned to be stood up in the coming years, one in Europe and another in the Indo-Pacific, McConville added.

“The future is all about range and speed,” the general said, referring to modernization work across the Army to speed up multi-domain operations.

The task force started as a pilot program in 2017, according to an Army news release. As the Army developed other modernization centers across the force, the task force in Washington was activated to be a “centerpiece” of modernization in A2/AD environments, where enemy forces jam communications or launch cyberattacks to disrupt operations.

McConville said Army systems still have the ability to “penetrate” environments degraded by an enemy.

McConville also spoke about the task force’s additional focus on long-range precision “effects,” a capability similar to long-range precision fires where artillery guns can hit targets miles away. McConville didn’t elaborate on what targeting effects the Army is now able to achieve by linking more data across domains, only saying the new capabilities “are coming on board as we speak.”

“All of those capabilities can be used to get precision effects below the level of armed conflict,” he said.