The risks involved in rolling out the world’s biggest civil IT
programme were significantly underestimated when ministers
initiated the project in 2002, according to evidence unearthed by
Computer Weekly.
The evidence raises questions about whether Connecting for
Health, formerly the national programme for IT in the NHS, was
initiated by Downing Street on a false basis – that it would be
easier to implement than has proved to be the case.
Computer Weekly has also learned that the timescale was
underestimated. The project was originally to be undertaken in two
years and nine months, beginning in April 2003. It has since become
a 10-year programme.
Downing Street has refused a request by Computer Weekly under
the Freedom of Information Act for the minutes of a meeting on 18
February 2002, chaired by the prime minister Tony Blair, at which
the IT-led modernisation of the NHS was initiated.
But a profile of the project, which was drawn up within a month
of the meeting at Downing Street, has revealed that there was no
category for calculating one of the greatest risks to the project –
that doctors and nurses would not accept the new systems.
The specific risks and complexities of the IT programme that
were evaluated were given a points score which bore little relation
to the magnitude of the scheme.
The “Project Profile Model” was based on a template of the
Office of Government Commerce, and was originally an appendix of
Delivering 21st Century IT Support for the NHS, a document which
formed part of the launch of the programme in June 2002.
This appendix was omitted in the official version of the 21st
Century IT document which is published on the Connecting for Health
website.
The aim of the project profile model is to assess the risks and
complexity of a project. In each category, a points score was given
to the national programme according to the degree of complexity or
risk.
The model gave a maximum risk score of three points if the
number of IT practitioners involved was more than 100. But the
national technology-led modernisation of the NHS involves far
larger numbers – 20,000 health service IT staff and 10,000 people
in the private sector. Other areas also showed a significant
underestimation of potential risk:
- Total IT costs: this was scored as four out of four. Maximum
points were to be given if the project cost more than £100m. The
national programme is projected to cost between £18.6bn and £31bn
over its 10-year life (see story, p4).
- Business costs excluding IT: this was scored as four out of
four. Maximum points were to be given if the business costs were
more than £50m. The national programme’s business costs are
projected to be billions of pounds.
- Number of individuals affected within government: this was
scored at six out of six. Maximum points were to be given if the
scheme affected more than 10,000 people. The national programme
affects at least 800,000 staff.
- Impact on business processes: this was scored at four out of
six.
- Impact on other projects and changes: three out of eight.
- Degree of innovation: this was scored at three out of
four.
- Scope of IT supply: scored at zero. A maximum of three points
was to be given if the plan was to “deliver bespoke
application”.
- Complexity of the client-side arrangements: two out of
four.
In total, the national IT scheme scored 53 out of a maximum 72
points. The OGC said anything over 40 is “high risk”.
Specialists say the underestimate partly explains why, three
years after its launch, the scheme has been hit by interfacing and
other technical difficulties, delays in implementations and
uncertainties over future funding.
Jean Roberts, lead for policy on the Health Informatics Forum of
the BCS, said the profile model underestimated the risks and
complexity and treated the scheme as an IT programme rather than a
change management initiative. She said the scoring appears to “bear
little relevance to the actual scale and complexity of the
programme in practice, and many issues which have yet to be
resolved tactically at local level”.
A spokesman for Connecting for Heath cited the way the
procurement was run as a model for other parts of the public
sector. “What is being referred to is an early scoping document
which was initiated before the national programme came into being.
This followed OGC guidelines for major projects. This was an early
analysis which fed into Delivering 21st Century IT, which was the
definitive strategy document.
“It indicated that the project was, unsurprisingly, high-risk,
given the criteria laid down by OGC for assessing a project
against. It indicated that the project should go through external
Gateway reviews, which the national programme has done.”
He added, “It is well known to anyone with experience of large
projects that risks and issues are part of normal programme
management. Ministers and senior officials have stated publicly
that it would not be possible to deliver a programme of this size
and complexity without encountering issues along the way.”
If ministers approved an IT plan knowing it would be more risky
and complex than stated, this would not be the first time.
A financial and managerial audit by consultancy Arthur D Little
into an IT project to deliver new air traffic control systems found
there was a perception among officials, which was “unsupported by
any unequivocal documentary evidence”, that ministers would not
approve the project if they knew the whole truth.
Officials set an artificially short deadline for implementation
because they feared the government would otherwise “not agree to
funding of the project at all”. In fact, systems took more than 10
years to deliver, instead of the projected five years.
What the doctor ordered