Public Sector IT

The Department for Work and Pensions has dropped a coalition government scheme to avert software disasters from its £2bn Universal Credit programme.

The DWP gave up using the "agile" method of software development for Universal Credit, the coalition government's flaghsip reform programme, last month.

It had before now repeatedly claimed agile was the way it would keep Universal Credit on track. The coalition government had meanwhile singled agile out as a major part of its flagship strategy to stop IT projects going calamitously and expensively wrong.

The Major Projects Authority - part of the Cabinet Office - was going to press-gang government departments to use agile methods on big software builds. Universal Credit was the government's first - and immensely ambitious - big stab at agile.

Now the DWP has ditched agile and put Universal Credit back under the direction of the old method of software project management - called the waterfall method - that is widely blamed for government IT's track record being so atrocious.

News of the u-turn slipped out last month in a written parliamentary statement by Mark Hoban, minister of state for work and pensions.

"In its final stages from April 2013, the programme is using the waterfall approach - a standard DWP testing methodology," said Hoban in answer to a written question from Steven Timms, the shadow employment minister.

"Initial development used agile," said Hogan. But it was no longer needed. "In a programme as complex as Universal Credit, which includes new IT developments and changes to existing IT assets, both agile and waterfall methods may be appropriate at different times."

U-turn

The u-turn raises questions about whether the government was wrong to pin its hopes on agile as the way to crack the government IT problem: did DWP ditch agile because it didn't work? Was agile not all it was cracked up to be?

Or did DWP make such a bodge of agile that Universal Credit is now likely to be a bodge as well. Did failure compel it to fall back quickly to the well-worn waterfall path in an attempt to get things back on track?

A DWP spokesman said neither case was true.

"Just because we are not using agile doesn't mean agile is inherently flawed, or that Universal Credit is inherently flawed," he said. "It probably means agile is at a point where agile is not appropriate."

Yet DWP and the coalition government had always made much more of agile.

Iain Duncan Smith, secretary of state and mastermind of the Universal Credit reforms, insisted only in September last year that DWP would continue using agile on Universal Credit until its final delivery date in 2017.

Agile was not something he had grabbed from the tool box for only as long as he needed to tighten a nut. Agile was at the heart of government policy to stop big IT projects like Universal Credit going wrong. And it was at the heart of Iain Duncan Smith's plan for Universal Credit too. Yet six months later, it was dropped offhand.

It is as though agile never really mattered at all.

Yet this is what the Cabinet Office said about agile in its ICT strategy in March 2011: "Lean and agile methodologies will reduce reduce the risk of project failure.

"The application of agile ICT delivery methods, combined with the newly established Major Projects Authority, will improve government's capability to deliver projects successfully."

DWP IT chief and government chief information officer Joe Harley said in May 2011 that agile would ensure his department delivered Universal Credit on time in October 2013.

Then last year it started to look like DWP was going to manage only a token roll-out of Universal Credit in October 2013. That's when Duncan Smith came out with the most complete description of to agile software development, and the most clear commitment to it that, really, anyone in the software community could ever hope to imagine. Universal Credit wasn't just agile. It really was agile. And it would remain so to the bitter end of the roll-out in 2017.

"There is a lot of ignorance at the moment in the media... saying, 'You are not going to be ready on time'. The truth is the time that we deliver this is 2017. So that is over four years. We start that process in October," Duncan Smith told the Work and Pensions Committee on 17 September 2012.

"The whole point about the agile process - which I find frustrating at times, because we cannot quite get it across to people - is to understand that agile is about change.

"It is about allowing you to get to a certain point in the process: one leap - check it out, make sure it works.

"And as you go into the next leap, you come up with something that says, 'We can rectify some of the issues in this, and make that even more efficient'.

"You are constantly rolling forward, improving and making more efficient things. There is a constant retrospective change that goes on to complete that system, and that is what will happen all through those four years," he pledged.

Now it's not going to be agile after all. There was always a question over whether Universal Credit really was agile. Put your ear to the ground now and you will hear that Universal Credit may not have really been agile at all.

It looks like the secretary of state may have found it convenient to use the agile story as a political fireguard: an excuse for yet another project running late and over-budget.

If you set the deadline far enough away - 2017, say - and pick a pie-in-the-sky budget of a large enough amount - £2bn, say - then you create enough room for the same old mistakes and slippages to happen without causing political damage. Universal Credit was going to take two years. But the "agile" buffer has given the project a six to seven-year timescale and a good covering story. Even if it is not really agile at all.

But if DWP and Cabinet Office were as genuinely committed to agile as they said they were, then there must be another reason why it has been dropped from the programme now.

Attention must turn to Accenture and IBM, who are on track to earn £1bn between them as lead developers of the system. They may have played the most significant part in agile's failure at DWP, or DWP's failure at agile. Accenture and IBM may have found agile commercially inconvenient. Neither has yet been able to speak about it.

This puts the software community in a bit of a quandry. If Universal Credit was never really agile but is still on track, then what is the point of agile? But if government was committed to agile and has ditched it after all, then again, what is the point of agile?

The Care Quality Commission wants public approval for a plan that will use health data to help private companies make inroads into the NHS.

The scheme will see the NHS care watchdog repositioning itself as quasi-market regulator and consumer champion for a newly privatized health service.

It was sketched out last week by CQC chairman David Prior, a Tory grandee who prepared British Steel for privatization in the 1980s.

Prior's proposed data-driven reforms are set to unseat the NHS' national network of hitherto impregnable general hospitals, making it easier for the private sector to carve up their specialist clinical departments under competition rules enacted by the coalition government last month.

Making his pitch last week at the King's Fund, a market-leaning health think-tank, Prior portrayed data as the way to break the NHS open for private companies.

He wanted the CQC - which has till now been concerned primarily with the quality of NHS health care - to turn its data to this new purpose. NHS Hospitals would be top of its target list. He would put the plan to public consultation this summer.

Data was first among a series of problems Prior told delegates he had with the NHS. It was, he said without a hint of irony, "a classic market failure".

"There is information asymmetry," he said. "Users don't know anything like as much as the professionals. It's particularly hard to measure quality of care. Its particularly hard to measure it on a comparable basis," he said.

Public gallery

The NHS, which has for 60 years been not a market but a public service, was at fault for not having data a market would find useful. The problem was not that the NHS lacked data. The NHS has plenty of health data - it is already used as a means to monitor and improve care. The problem, as Prior saw it, was the way NHS data was packaged. His CQC has begun re-packaging NHS health statistics to make them "a lot simpler, more recognisable - something that will resonate with the public".

Prior wanted "consumers" to use CQC's health indicators to compare the quality of care given by different hospitals and clinics. CQC has long been monitoring quality of care in the NHS. But this wasn't enough. Prior wanted it to play to the public gallery.

Solving this data deficiency would help Prior solve a more fundamental problem he had with the NHS. That problem was the NHS itself.

"In Norfolk there is one hospital," he said. "In Norwich there is one hospital. We can talk about competition till the cows come home but there is one hospital. You live in Great Yarmouth and there is one hospital.

"And there are significant barriers to entry. If you take the whole spectrum of emergency care, and most elective care, there are huge barriers to entry," he said.

"And people can't fail. You can't close a hospital like the James Paget in Gorleston. The market simply does not operate. You simply die if things go wrong."

This horrible propaganda set the scene for Prior's pitch, just like it formed the backdrop to the coalition government's reforms. He had no qualms repeating the tabloid caricature of an NHS ridden with "patients lying in pain or in soiled sheets that nurses aren't doing anything about".

His story was in essence that the sky was falling down. And that you've nowhere to run. Because there is just that one hospital up the road, where the nurses are oblivious to the screams of pain and stench of squalor, because they are stupid, or psychopathic, or chatting on the phone. That's how the story begins for the refashioned CQC and the health care market Prior will have it watch over.

The scene sets up a question that Prior's CQC will answer for us: what are you going to do about it?

Data siege

We are required to ask this question because the coalition government's private health market would never take off while the NHS was protected by its national network of fortresses known as general hospitals.

There are the market barriers Prior complained about: in the immense capital our great, beloved general hospitals have already sunk into health.

If you really must do something about it, then you do it the way a pack of hyenas might take down wildebeest, or a matador might take down a bull.

Perhaps thus, Prior told the King's Fund conference he had made general hospitals the primary target of his refashioned CQC.

"I think there are issues with hospitals," he said.

His issue was with general hospitals. It was that they were general. His argument was that you could take a hospital shown to be performing about average, and find that some of its constituent parts might not look so good when you looked at them close up.

This was the problem. He wanted to expose what he might call the rotting heart of the NHS. Data would do it.

So Prior was having the CQC cease its general audits of hospitals. It would instead start doing specialist audits. It might do a run of urology audits one year, cardiac the next. It's focus would be what the private sector calls verticals. This is how the new CQC's new direction will correct that market failure Prior talked about.

Vertical market

Private interlopers might have little chance of competing with a general like The Norfolk and Norwich University Hospital, with its 1000-beds and a campus large enough to fit around 30 football pitches.

But they could compete by snatching the odd contract for a specialist department like urology - especially if CQC league tables had picked the general's urology department out as a poor performer.

Private interlopers would fair even better in such a market if they were themselves not general but national or multinational specialists in areas such as urology.

This was the idea in the 80s when Prior was preparing British Steel for privatization. It was anticipated then that a newly privatized steel industry would reorganize rapidly into vertical specialisms, or lines of "vertical product differentiation".

The point was for each spore of the privatized industry to develop its own premium product line so each would have the best chance of making premium profits, Manchester University's Professor Jonathan Aylen wrote at the time. Industry was expected to organise itself this way: actually carving up the vertical profit lines between them.

"Vertical product differentiation does not imply a particularly desirable market structure," Aylen wrote.

"After all, the aim is to acquire market power in order to enjoy monopoly profits from a distinctive, high-quality product made at much the same unit cost as your rivals."

The sales pitch for privatization is competition and choice. The outcome could be a bit of a rip-off.

Market comparison

The steel industry then has meaningful similarities with the health sector now. New technology had lowered the barriers for companies to enter the steel market, as is happening now with telehealth. Customer choice, as Aylen put it then, was "a precondition for privatisation". This is also the raison d'etre of Prior's refashioned CQC.

Steel had been organized around a social priority, which was to provide jobs in regions of low unemployment. The NHS similarly concerns itself primarily with health, not profit - care, not consumers. The European steel industry's reorganisation involved closing plants: consolidating them for higher efficiency and greater profit. Prior's reorganisation at British Steel axed 20,000 jobs. Now he has his sights on the general hospitals. They must look like steel plants from a certain point of view.

But there is a key difference. The steel market was international. Its inefficiency was measured in production costs and profits on sales. Thus ranked, comparisons of national suppliers were meaningful to those making the case for privatization.

The NHS on the other hand is a closed system. Financial measures are no use for market comparisons. The NHS serves the nation. The nation pays its costs. Patients aren't interested in hospital balance sheets. Nor are contracting bodies, really. If you want to give a private supplier a way to break into the NHS, you have to help it find another way to differentiate itself. You have to deploy care quality data. But the care quality data we have was designed for care quality. If you want it to serve the market as well you have to make some changes.

Care quality data

Prior's CQC would help everyone understand what was going on by cutting context out of its catchy, simplified, vertically-aligned indicators. Context has shown that other hospitals were not quite the death traps data officials and academics said they were. But context is useless as a market indicator. Markets want something as quick and simple as a profit ratio. Something you can throw your hat on. Here they would get everything they wanted to make easy inroads into the NHS.

Prior denied this would be adversarial. He said he wanted a constructive relationship with hospitals. But his words were buttery. His refashioned CQC exemplifies and solicits the newly adversarial NHS. The CQC will be adversary-in-chief.

CQC had in fact taken a step back from the NHS, said Prior. "We will be outside the system," he said. This was the lesson he had taken from the Francis review into care quality at Mid-Staffs: that "the system was looking after itself".

His assertion relied on a tang of corruption to make its point. It implied the NHS was hiding horrors to stave of... what? Privatization? It has been doing nothing of the sort. Yet it has been under attack from all sides.

If as Prior said, it was wrong of the NHS to preserve itself, then the right action must be the opposite: some form of disassembly. Of course, Prior didn't spell his allusion out. It is an insidious logic that has crept into the top of the service.

Adversarial

So Prior's words were more momentous than they sounded. His CQC would begin acting from without the NHS, as "the eyes of the patient". It would step outside and stand with patients looking in. Again, he was encouraging people to see the NHS differently - adversarially.

Patients have until now been taken into the caring embrace of the NHS system. They are subsumed into it. They become part of it, along with clinicians, data analysts, care regulators and so on - all feeding into the system for care's sake.

Now Prior wants us to accept this is all wrong. "I'm not sure we have a system," he said in the opening of his speech last week.

We are talking here about the NHS - which prides itself in being the largest health system in the world. Prior portrayed it as a "fragmented, disintegrated system".

He said he wanted care integrated in the way private health providers do it in California. It is what you are hearing this week from the King's Fund about integrated care - or telehealth and telecare as it will be known when technology has helped integrate and industrialize it.

Consumer power will be at the centre of it: patients in the system but not of the system: uppity credit card carriers rifling their Gucci handbags impatiently, and snapping orders at those orderlies they used to call nurses, while they wait on their beds for that platinum-service specialist they just ordered. A 'patient-centred NHS'.

Somerset County Council has dodged questions over the reason why it imposed the blockade that caused its Southwest One outsourcing venture with IBM to fail.

Its answers would have revealed, on the eve of a local election, whether the Conservative Council leadership had intentionally precipitated the failure that it later blamed on Southwest One. It would show whether the they had chosen frontline service cuts over efficiency savings that would have made those cuts unnecessary - thus fulfilling their public aim to replace council services with private companies. It would show they lied about Southwest One to gain political kudos for their council cuts.

The council's evasion, combined with evidence of what really did happen, suggest the council was indeed to blame. It's blockade of Southwest One did precipitate the failure: that much is fact. The crucial question is why the council caused the obstruction.

Why, when Southwest One had already found more than £50m of savings for Somerset when the Conservatives were elected in 2009, did the council subsequently refuse to approve another £70m of savings Southwest One put up every year that followed. The Conservatives had opposed the Libdem outsource venture in their election campaign.

Every year for three years, Southwest One offered savings that would have added up to over £100m for the council. Every year, the council ignored them. Why?

The council refused to say, So Computer Weekly asked again under the Freedom of Information Act.

Now the council has said - in testimony under FOI law - that it does not know why it stopped approving Southwest One's savings. It refused to recognise the savings were ever proposed at all.

Ignorance

Computer Weekly asked about a crucial £76.6m of savings Southwest One has had on the table since 2010, and has been repeatedly ignored by Somerset. The first £58m of savings Southwest One put up before 2010 were approved by the council immediately.

"The £76.6m does not represent proposed savings offered to Somerset County Council in any format or forum," said the Council's FOI response.

"The value represents an undefined number of possible ideas presented by Southwest One around this time, that may at some later stage emerge as firm proposals, and thus be presented in the correct forum for mutual agreement and sign off by both parties

"Consequently, anything other than a firm proposal, backed with supporting evidence and processed through the contractual mechanisms agreed, is not information that SCC holds and therefore we are unable to respond to your request," it said.

The council did not approve the savings, it said, because they were never really offered. But this story didn't stand up.

Contrast

Paul Harding, performance & client manager for Taunton Deane Borough Council, a neighbouring authority that joined the Southwest One venture, said Southwest One routinely offered savings. Taunton Deane regularly implemented them.

"A procurement update report goes to our Corporate Scrutiny Committee every six months," said Harding.

"It's been an upward curve, year-by-year. Each year we've been delivering savings and signing off new initiatives.

"There needs to be a business case - some form of procurement activity. That's investigated by our finance people, to check the business case checks out. And if that's the case, the savings are signed off as being identified as realistic."

John Williams, Conservative leader of Taunton Deane Borough Council, said how well he thought this had worked.

"As far as we are concerned, the relationship with Southwest One is working, has worked and will continue to work," he told Computer Weekly.

Even the possibility that Somerset had simply found Southwest One's savings schemes to be unrealistic does not stand up to scrutiny.

Lawsuit

Last month Somerset settled out of court on a claim brought by Southwest One over the savings. Neither party will speak about the lawsuit. But one source close to action said this: "It was linked to the process of how Southwest One had been signing off, or not signing off the savings. The dispute was about the council not signing off the savings."

Settling out of court, the Council was able to able to make the issue go away without admitting liability. Now it must be asked if the timing of the settlement betrayed the council executive working to protect the elected party from embarrassment. Or whether, despite all appearances, Southwest One had been such a genuinely abject failfure for Somerset that the council just had to be shot of it as best and as quickly as it could.

Somerset's annual audit statements, along with Southwest One's annual accounts, had already shown how the savings proposals were as good as Taunton Deane claims. That initial £58 of savings were quickly approved.

Smoking gun

Documents the council released to Computer Weekly show how this added up. Southwest One had, for example, negotiated savings by 2010 of £30m for social services and £10m for transport, to be realised over 10 years that the contracts would run. It had barely got started on the work the Libdem council had contracted it to do.

Now that Somerset has reclaimed services it outsourced to Southwest One in 2007. It has ensured the venture will never deliver the £190m savings it originally promised. The venture may nevertheless limp on.

But because Southwest One was a shared services venture and Somerset was the major partner, the County Council's withdrawal from parts of the contract have now forced Taunton Deane to cut its outsource back too. Somerset's obstruction of Southwest One may turn it into a failure for all involved.

Both Somerset and Southwest One meanwhile proceed with apparent contempt for public scrutiny. Southwest One was, as often, unavailable for comment. Somerset was reduced to using truisms to evade answering its FOI request.

Asked by Computer Weekly what was the deciding difference for Somerset between those Southwest One savings schemes it approved and those it ignored, the council said those it had approved were savings it had approved while those it had not were not.

Or in FOI speak of the sort that will be familiar to anyone used to seeking such statements from officialdom: "The £58.5m comprised of savings proposals that had been appropriately proposed and processed within the defined protocols of the contract between SCC and SWo, mutually agreed as being likely to generate savings. The latter were not."

The NHS medical director's knee-jerk reaction to data on children's heart surgery in Leeds bodes ill for the wider hospital review he got under way this week.

Yet another leak of misleading mortality data - claiming "2,500 needless deaths" at Basildon hospital - blew an unpleasant wind over the NHS Commissioning Board, the body doing the review and, since the coalition's NHS reorganization came into force Monday, the over-arching body of the new NHS.

Its first act was on the review, which by coincidence is looking at Basildon and 13 other hospitals where statistical data has indeed shown a higher rate of death than average... a higher rate, that is, among seriously-ill patients, many of whom are actually destined to die tragically quickly: and no, not needlessly; but quite naturally, and despite all efforts of doctors, nurses and medical science to save them.

Sir Bruce Keogh, NHS Commissioning Board medical director, marked the launch with details of how this data-led review will work.

But it was also a first look at how the new regime was preparing to nail the NHS down with a nationwide data "surveillance" programme.

Keogh set the tone for this last month when he issued a tyrannical order to suspend child heart surgery in Leeds, in another instance of NHS death statistics being blown out of proportion.

The NHS Commissioning Board has assembled crack squads of inspection personnel to try the surveillance programme out on the 14 other statistically aberrant hospitals on Keogh's list.

"A vast array of hard data and soft intelligence has been collated to build up a picture of quality across the 14 [Hospital] Trusts," said Keogh's statement on Tuesday.

"This information is being analysed to support the Rapid Responsive Review Teams in targeting their investigations.

"Any review team that identifies serious concerns it believes requires rapid action or intervention, will immediately notify the chief executive of the hospital trust and the relevant regulators."

It might sound reasonable that hospitals are inspected, and that inspectors act without prior announcement using as much data they can get. And indeed it is. And they already do, and have since long before the NHS Commissioning board began his own inspections. The Care Quality Care Commission did them, and did so apparently well enough when considered out from under the shadow of death statistics that had been blown out of all proportion.

Inspectors

But it is a dread wind that blows the Keogh review's inspection squads on their way. He drew up their plans amidst the misbegotten outrage over the Francis Inquiry into deaths of seriously-ill patients at Mid-Staffs hospitals. His review relies on the same overblown data. His suspension of heart operations at Leeds similarly misused a subset of the same statistics.

This haphazard trail of politicized statistics sets a terrible precedent: an alarmist response to data that had only ever warranted collegiate action. That is how it the NHS was treating it: as helpful intelligence for a complex system.

Before Mid-Staffs we already had a health data ecology that was more advanced than any in the world. It had evolved gradually as part of the NHS system. A veritable army of health data professionals collected and cleaned hospital data to be fed into a central computer, open to the public on the World Wide Web.

"There's always been outcomes data of one kind or another collected by hospitals," one of the world's leading health data academics told Computer Weekly on the condition they remained anonymous, for fear of reprisals.

"There's readmission rates, post-surgical mortality rates... What's been missing traditionally is patients' own assessment of their health. So from 2009 onwards there's been this scheme called patient reported outcome measures - PROMS.

"What makes it really remarkable, is it is the first health care system anywhere in the world to require hospitals to collect this data routinely.

"It's an astonishing set of data. And its being used very enthusiastically by hospitals because their results are there in a comparative way on the website, broken down by Health Authority, Commissioner and Trust. The data is being consulted by Commissioners already.

"The data is available, completely anonymised, even at the patient level, and available to download as spreadsheets. I've got colleagues in the US using those data in research projects.

"It is a vast amount of data. It's excellent data. Every patient that comes to hospital for elective procedures such as a hip replacement fills in a questionnaire on the day, and [another] six months later. They've got something like an 80 per cent completion rate on hip replacement operations.

"It is in a form where the performance of hospitals is really quite clear. The Department of Health has commissioned an enormous amount of research on how best to report the difference in performance between hospitals.

"There's a huge effort that's gone in, with a big effort from the academic community to make it work. I think its a real achievement by the Department of Health that they've done this innovative stuff in an international way."

That was from one of the world's foremost academics in the field - too scared to go public.

Their point was to explain how baffled they had been by a blusterous speech health secretary Jeremy Hunt gave as a spoiler for the Francis report in February.

Hunt had forfended the Francis review's revelations about hospital deaths by declaring how he had instructed Keogh's office to make hospitals share patient data.

Quoted widely as part of his "paperless NHS" speech, Hunt said: "Today I can confirm that the NHS Commissioning Board have agreed that hospitals should be ready to share digital data from April 2014".

Computer Weekly spent days at the time trying to learn from the Department of Health and NHS Commissioning board what exactly had been mandated. They were not entirely sure. They insisted it meant all hospitals get working patient records systems in the space of a year. Then they back-tracked. The coalition government may have done an even worse job at kitting the NHS out with patient systems than the last lot had.

So scrub that, they said. What we meant was patient outcomes data: all hospitals must be in a position to share patient outcomes data by 2014.

But they already are. They already do.

The same bafflement serves as a suitable vantage to view the Keogh review. His position was predicated on a myth he continued to peddle when new regime started business this week: that the Mid-Staffs scandal was about hospitals refusing to give proper credence to his death statistics.

New regime

The precedent his data has since set - for Mid-Staffs, for Leeds, and perhaps also for Basildon and the others now under review - was false: false conclusions, drawn excitedly from data that was of limited use.

Yet that is the basis on which the NHS data regime has opened for business, thanks to the constant drip of scandalous interpretations of health data from Dr Foster, the company formed by Tim Kelsey, Keogh's compadre at the NHS Commissioning Board, and Professor Brian Jarman, Kelsey's colleague at Dr Foster.

Public outrage over the data regime's horrible founding fallacies has created space for it to change the rules. It has used that space to change the organizational meaning of data.

Thus the Commissioning Board has confiscated from hospitals the power to determine what their own data says about their healthcare, and how it should be acted upon. Keogh's rapid suspension of operations at Leeds, no matter how dreadfully mistaken, suggests how the new regime may wield the power it has taken.

His team have crowned data the monarch of a new bureaucracy. That is became immediately so intoxicated by its power demonstrates how it was not suited to the job. The NHS Commissioning Board has nevertheless taken the power of data determination from hospitals and given it to a network of what it has called Quality Surveillance Groups.

These are regional bodies formed around a network of "consumer" groups called Healthwatch, and peopled heavily with representatives of health monitoring bodies and commissioning groups. They will pour over health data, encourage unhappy patients and relatives to pay court, and then they will make hospitals answerable to what they find.

"There will be a wealth of information and intelligence, gathered formally and informally, about the providers of services to that population," said guidance on the Quality Surveillance Groups, "Guidance to the new health system", in January.

"Often the information that one party alone has will not cause concern," it said. "However, when combined with intelligence that, for example, a regulator may have, [it] might point to a potential problem that should be investigated further," it said.

The focus of this work was not the NHS, but "a health and care economy", which is where we come perhaps to the purpose of all this bluster about data that was already being handled perfectly well by the NHS ecosystem.

Privatization

Private health providers being ushered in with the coalition government's NHS reforms must be able to convince "consumers" they are a viable alternative to the long-beloved NHS.

The quality regime will do this for a privatized health economy. It will provide a way for private sector upstarts to offer credible credentials. To understand how this will work, it is helpful to look at another emerging market that has sought to vindicate itself similarly.

That is the emerging market for cloud computing, where multinationals that might on any normal day be found lobbying against regulation, instead lobbied for it.

Their customers were comfortable with conventional outsourcing contracts, especially since offshore outsourcing had made them so cheap. Outsource suppliers became more interested in cloud computing because it promised high profits again. But they had to lure customers away. They tried to do this by subjecting themselves to a regime of quality and service metrics.

It had to be a common regime. They could all go about making claims about their service quality. But only by independent arbitration could they prove their case. So they sought to agree a common way of defining service level agreements (SLAs) and the key performance indicators (KPIs) by which customers held outsourcers to account.

Siki Giunta, vice president of cloud computing at US IT giant Computer Sciences Corporation (CSC), said why suppliers needed to do this in a speech she gave at an Outsourcing Association conference when the cloud business was still getting off the ground, on 10 November 2011.

"I can tell you, for the next 24 months in the cloud world, the hardest thing to do when we buy cloud is, 'What have I got, and how do I measure it'? Because everything is all over the place," said Giunta.

"The world of new guys and the world of traditional guys have to merge together and have common SLAs," said Giunta.

"Our biggest challenge is, how do we get a homogeneity of SLAs so that the customer knows that if he buys from me or somebody else, it is the same thing he's measuring?"

"We have to marry our existing customers - outsource customers that are used to having traditional SLAs - to a cloud environment. We couldn't just say, 'Forget these things you have over here'. We had to marry the same situation," she said.

The NHS may not have much to gain from a surveillance regime, when the system could already be trusted to make the best of health data. But the regime will be a great aid for the health economy.

Post-bureaucratic age

The misconceptions that established the regime are that the NHS cannot be trusted to its own data husbandry, that its hospitals are consequently fetid old death traps, and so all must be subjected to the reign of an omniscient data. It something like a sun God channelled so devoutly by its priests that its light burns and shrivels all it touches.

It is the opposite of the sort regime the open data priesthood and their compadres the coalition government had led us to believe they would bring about.

The data revolution was to be bottom-up, post-bureaucratic and owing a lot of chaos theory. Instead of bloody-minded top-down bureaucracy we would have self-organizing systems: organizations as organisms endowed with self-awareness by the power of data.

What we have instead is total surveillance, enforced by committee, with a tendency for sensationalist misinterpretations convenient to those who would like to bury the public sector.

All this effort to make data a merciless moral imperative may however have been better expended simply on improving the systems of reporting and dissemination at which the NHS was already very good. The only trouble then is that patient groups rendered stupid with outrage, and enemies of the public sector, might only create more trouble than they already have, using the more powerful tools available to them. At least with this surveillance regime they will be brought into the fold where they might be tamed.

NHS medical director Sir Bruce Keogh may have breached his own data safeguards when he used preliminary data to justify the suspension of children's heart surgery at Leeds NHS Hospitals Trust on 28 March.

Keogh closed the unit after requesting provisional data to be leaked from the national heart data centre, the head of data at the centre has told Computer Weekly.

It has also emerged that as Keogh himself founded the very unit that produced the leaked data, he should have known it was incorrect. He should have known it could not be used to justify the Leeds closure. He may have further misled the public when he later blamed his mistake on Leeds, for what he said was its release of inaccurate data.

Dr David Cunningham, senior strategist at the National Institute for Cardiovascular Outcomes Research (Nicor - the data unit Keogh founded), said it had been obvious to experts charged with verifying the preliminary data that there was something wrong with it - something that stopped any of them doing anything with it.

Those experts - called the steering group - looked at the data when it was released on 27 March.

"They looked at it and said, 'That's too low, can we check it?' They saw the numbers didn't look right for Leeds that year," said Dr Cunningham.

The thing that didn't look right about the Leeds data was not what Keogh claimed it was when he saw it that same day.

It was obvious to the Nicor experts that the Leeds data was incomplete. This clearly meant it could not be used. It described a fall by more than a third in the number of operations done at the hospital in the last year. There was clearly something missing.

"That's the purpose of sharing it around the committee. It's for people to look at and say, 'That doesn't look right'," said Dr Cunningham.

"It was obvious a query should be raised about it. So I was asked to get people to check it. And that's what we did. It took about 24 hours," he said.

This procedure was an established routine for health data at the unit Keogh founded, and is an annual event.

On 27 March this year however, Keogh requested a copy of the preliminary data, said Cunningham.

Sir Roger Boyle, who resigned as head of Keogh's Nicor unit this week, sent Keogh the preliminary data. Both he and Keogh have confirmed that Keogh knew it was preliminary.

What was not clear until now is that Keogh, as Nicor founder, would have been familiar with the data and the validation procedures. He would like the other Nicor experts have known the data looked unusual enough to be verified before taking any action. He would have known Nicor's routine procedures for verifying unusual-looking data. He would have known to follow those procedures before taking the action he did.

"That's quite a serious allegation," said a spokeswoman for NHS England, where Keogh is now medical director. She was not able to answer the allegation. But she said there had been other reasons for Keogh's decision to close the unit. Keogh had nevertheless told BBC Radio 4's Today Programme the data had been his main reason for ordering the Leeds unit's suspension.

Keogh got hold of the preliminary data late on the afternoon of 27 March, shortly after it had been sent to the Nicor steering group usually charged with looking over it. By the following morning he had already ordered an emergency suspension of the Leeds unit. He went to Leeds to do this in person.

In the time it took Keogh to do this, Nicor's steering committee of eminent clinicians had verified that their immediate suspicions about the data were true. It was inaccurate.

Keogh failed to see what Dr Cunningham said had been obvious to the other experts. He took the erroneous data at face value.

The error had made it seem as though the data showed around a 100 per cent increase in deaths at Leeds in the space of a year. It seemed that the rate of mortality at Leeds had gone almost overnight to 200 per cent the national average. Leeds had simultaneously seen a highly unusual fall in heart operations, according to the preliminary data.

It should have been clear even to a layman that something was more likely wrong with the data than with Leeds. The Nicor data experts new within 24 hours it was a problem with the data. They knew this because they checked it. Keogh claimed the latter could not be ruled out and closed the unit for nine days while he reviewed the situation.

When on 9 April Keogh reopened the unit, he blamed Leeds for providing him with inaccurate data. Jeremy Hunt, the health secretary, supported Keogh on this. Yet the missing data was found quickly after Nicor told Leeds it was missing. The data error was picked up in a routine procedure by the Nicor unit Keogh established. It was all above board. Leeds could not even be chastised for having produced inaccurate data, as Keogh and Hunt had attempted.

Dr Cunningham told Computer Weekly the steering group's receipt of the preliminary data on 27 March was the "first pass" in a routine procedure for verifying data that has been collected annually since 2000.

"We don't circulate preliminary analysis that might have flaws in them. That would be a recipe for drawing the wrong conclusions," he said.

Keogh, first by requesting unverified data, then by ignoring the data's obvious faults, then by breaching usual procedure in not seeking to clarify those faults, then apparently wilfully misinterpreting that data, and then using the weight of all these errors to tell Leeds to close its heart unit, may have committed a serious breach of protocols he had helped establish.

Keogh was unable to clarify just how familiar he was with Nicor's precautionary procedures.

His office tried to claim he was not a data expert at all. Yet keogh has been one of the foremost health data experts since he founded the National Adult Cardiac Surgical Database in 1995. This database was the precursor to the Nicor unit. He should know how to read its data, and how not to misrepresent it.

Harvard Business Review exaggerated the risk of cyber attacks on the European public sector in return for money from Zurich Insurance Group.

Zurich sponsored a Harvard survey last year, and promoted it in February, raising fears of cyber attack among potential customers. Harvard Business Review Analytics Services conducted the survey. Harvard Business School Publishing released the findings.

Zurich said in February the findings may indicate "a false sense of security" about information security in the European public sector.

Harvard had found that only 40 per cent of public sector bodies in Europe regularly evaluated their information security procedures and systems. It found other reasons for concern as well.

Or so it seemed. Harvard's survey sample was feeble. It's findings were unreliable.

Harvard had interviewed just 8 people that Zurich could verify worked for public sector organisations. If forty percent of these regularly reviewed their information security procedures, it would have as much significance for the European public sector as a poorly attended Church hall meeting in Penge. It would have meant Harvard and Zurich had based their findings on the opinions of 3.2 people.

The survey may not have been quite that feeble. But it wasn't far off. And both Harvard and Zurich were unable to defend their findings.

A demographic breakdown of survey respondents seen by Computer Weekly showed how another 33 respondents had classified themselves as working either in government, charity or education. If you guessed that a third of these were public sector, you might conclude Harvard had surveyed 18 people. If you assumed the very unlikely possibility that they were all public sector, then you could count them as 41 of those surveyed. Zurich said Harvard surveyed 49 public sector organisations. Harvard said it interviewed 152 people across a variety of business sectors. The demographic breakdown showed it had interviewed 137 people. It looked flimsy. Even if you said 40 per cent of 40 people, Harvard had based its conclusion about the security of an entire continent's public sector on the testimony of 16 people. It wasn't a survey, it was a whip round.

You might be forgiven for expecting more of the Harvard Business Review. But that is precisely why companies like Zurich will pay to use the Harvard brand. The brand is so good, the survey doesn't have to stand up. People will swallow it whole if it's got "Harvard" on the front.

Duh, okay

Of other key findings in the Zurich / Harvard survey, somewhere between 2 and 14 public sector people said they were worried about cyber attack. Between 0.7 and 4.4 people said they did information security training. And between 6 and 36 people said they were compliant with regulations.

Or as Harvard put it, 9 per cent, 30 per cent and 75 per cent of respondents - or as you were meant to take it, of public sector bodies in Europe.

Harvard was careful not to state that this was representative of the European public sector - this survey that gave every other impression that it was representative of the European public sector.

Yet neither did Harvard state what its findings did actually say in context. It only stated them in relation to those people who had answered the survey, like a cat food advert on the television, telling you half truths and lulling you with purrs and happy housewives.

By hiding the context, Harvard instead gave a very powerful impression this was representative of the European public sector. Zurich itself stated very clearly that this paltry survey did speak for a continent.

What it was in fact representative of was members of the Federation of European Risk Management Associations (FERMA). Harvard had asked a bunch of insurance risk managers what they thought about cyber security. They were of course very worried about it.

But that was not all there was to it. It was not just shoddy scaremongering to get people to buy more insurance. It was an attempt to lobby for the cause of companies and public bodies appointing chief information security officers.

The survey narrative went like this. Most companies are worried about hackers and viruses and things. There's so many threats that it's "bewildering". You could lose money. You could get sued. Yet few companies have adequate information security budgets. Few executives even know enough about information security. Their security strategies are a bit disorganised. It's a bit of a rabble, with some HR directors doing some security stuff, some CIOs doing some other security stuff, and chief execs assuming it's all under control. But is it under control? How can you be sure when it's such an effort to get everyone together in one place? By the way, did you know that very few companies have dedicated chief information security officers? Oh an did you know that very few companies buy dedicated cyber insurance cover?

Most of this is not necessarily true. Some of it is blatantly misleading. Some is outright untrue. But you get the point.

Marketable skills

And the point is that when you ask risk managers about risk they say it's very risky. You don't need to pay Harvard to tell you that. But Harvard did do a famous job of writing these obvious conclusions deftly into something that says nothing about nothing in a way that makes it really seem something.

The point is that when you tell a bunch of risk managers what they want to hear, you lend courage to their convictions. The report gives them some tips as well: how to persuade your board to give more credence - and therefore a dedicated chief, and hence a budget for insurance - to the cyber threat.  Get government security people to come and do a presentation. Gather examples of nightmare scenarios yourself and do a presentation to the board. Be an insurance salesman.

So the Harvard report gives a lot of time over to what it describes as cyber threats. But when it came down to it they weren't threats at all, but fears. Fears expressed by risk managers.

Fears, that is, of professional worriers. 25 per cent of them, for example, were worried about "stealth attacks by organized crime, terrorists, or nation-states". It is probably good that someone is worrying about it, in some corner office somewhere. But it is not, as Harvard put it, a "top 10 information security and privacy threat".

Packaging fears as threats and using them to work risk managers up into a lather of righteous fright - that's not quite what you would expect of Harvard, is it?

The primary statistic for the survey was fear itself. Fear that people might disclose the wrong information. A sort of vague phobia of computer networks. Fear of espionage. Fear of trusted partners. The survey concluded that we were not fearful enough.

And there was fear of European regulation. The report led through a tangle of contradictory reasoning to the conclusion that most of what people do in Europe to protect themselves against cyber threats they did only for the sake of regulatory compliance. No matter that this meant public bodies had actually got information security pretty well covered. Regulation was a pain in the ass. The US has been lobbying against EU privacy regulations and undermining them with treaties for years. Harvard was having a good moan about it too. Zurich must have been rubbing its hands. The alternative, by strong implication, was that the determinant of infosec precautions should be actuarial. If you think it's a pain in the ass now, wait till you have a professional worrier on the board, an insurance premium bearing down on you and a bunch of hood-winkers at Harvard telling you we are all going to hell in hand cart, or whatever else it is they've been paid to tell you.

Bearing in mind the survey was rubbish anyway. BAE Systems Detica lent their support to this work as well. As did PRIMO, the public sector risk management organisation, and law firm DLA Piper.

Organizational behaviour

Josh Macht, group publisher of the Harvard Business Review, told Computer Weekly his report was a worthy and valuable exercise that should not be taken out of context. It had itself made an effort to make readers aware of the context in which it had been produced: a survey of risk managers about risk.

"What's important is to understand the context of it," he said. "And that these are the opinions of those people. You are making it sound like there's a sensationalistic bent to it, which I think is laughable.

"What's more important is less the number than the who. We are very clear with people that you are talking to people inside organisations who are scanning the horizon for risk, in Europe."

Macht could not say whether the findings were statistically significant. He refused to say how much Zurich had paid for them. He insisted Harvard had complete editorial control over the whole project.

He said Harvard's thing was understanding organisational behaviour. That's what the survey was about, he said. It was about the way organisations viewed and dealt with cyber risk.

It seemed rather that Harvard was trading on the idea that it is interested in organisational behaviour. And that it had organised its knowledge into a tool paying customers can use to influence organisational behaviour. It was a finalist in the 2010 M&M advertising awards for "Best Contribution to a Media Campaign".

Whether Harvard has as a result demonstrated how it is prepared to sell its reputation short depends on whether you think corporate priorities should trump academic priorities in a business school. If the alpha business school can do good business selling tissue-paper stories, academic rigour doesn't really matter, does it?

Mid-Staffordshire NHS Foundation Trust maintained an average rate of patient death for 17 years, according to a rational look at the numbers behind the NHS controversy.

Its performance was in fact remarkably good, show death statistics that have otherwise been used to condemn its hospitals and the NHS.

Mid-Staffs maintained and then bettered its rate death even while it bore a large increase in admissions of patients with serious illnesses.

This sudden increase occured between 2005 and 2007, the controversial period that became subject to the Francis Inquiry. Fewer of Mid-Staffs patients had actually died than might have reasonably been expected.

The blue line in the graph below shows the number of patients admitted to Mid-Staffs with a serious illness every year between 1996 and 2013. It shows admissions rapidly increased after 2004.

The red line shows predicted deaths, derived from national averages by Imperial College and used by the Francis Inquiry to show that Mid-Staffs had performed poorly.

The black line shows the actual number of seriously-ill people who died at Mid-Staffs between 1996 and 2013.

The graph reveals two important things: as patient numbers went up, deaths did not; and the difference between average and recorded deaths was mostly indistinguishable at Mid-Staffs for the last 17 years.

These two revelations are important because they further undermine the conclusions that have led to the widespread and grossly misleading conclusion that there was something horribly amiss at Mid-Staffs - that it was some sort of dirty hovel where patients went in their hundreds to die needlessly in the hands of cold-hearted nurses. It was rather a hospital that was succeeding against the odds.


The patients in this graph were the patients the Francis Inquiry was concerned with: the seriously ill - those most likely to die from their illness.

Mid-Staffs received 20 per cent more patients with serious conditions between 2004 and 2007. Yet deaths increased only 7 per cent.

This was clear in evidence submitted to the Francis Inquiry, where Computer Weekly obtained its data.

Mid-Staffs admitted 13,780 seriously-ill patients in 2004. By 2007, such admissions had increased by 2,654 cases, to 16,434. Yet Mid-Staff's death-rate for these high-risk patients actually fell in that time, from 6.4 per cent to 5.8 per cent.

Remarkably, such deaths continued to fall at Mid-Staffs even while admissions of high-risk patients carried on rising. Such admissions rose to higher levels than ever before. And Mid-Staff's death-rate kept falling.

Deaths of seriously-ill patients decreased 36 per cent at Mid-Staffs in the following years, between 2007 and 2010. That amounted to 340 people who did not die after the statisticians said they would.

Actual deaths fell from 946 to 606 in that time, even while admissions increased another 15 per cent, to 19,237 patients. This was the time when Mid-Staffs was subject to regulatory scrutiny and the first public inquiry.

In all, in the years between 2004 and 2010 that were relevant to the public inquiry and its followup, Mid-Staffs received 40 per cent more seriously-ill patients. Yet deaths fell 31 per cent. 277 fewer seriously-ill patients died than statisticians predicted, in a period when the hospital admitted 5,457 more high-risk patients.

When on 9 June 2010 Andrew Lansley MP, the then newly elected Conservative Secretary of State for Health, announced a second public Inquiry into deaths at Mid-Staffs, the hospital had already got deaths well below the national average, while treating high-risk patients in record numbers.

The truth was that the stats showed how close Mid-Staffs kept to the national average for deaths of seriously-ill patients.


So what was all the fuss about Mid-Staffs?

It was a gap that appeared between Mid-Staffs' death rate and the national average before 2007.

Statisticians at Imerial College magnified this gap using the now infamous Hospital Standardised Mortality Ratio (HSMR), a statistical indicator.

The HSMR magnifies the differences in a way that can make them look terrifying, like bugs and insects under a microscope. It arguably distorts the data, and frightens little children and politicians. This is in essence what the the death statistics at the centre of the NHS scandal have done.

Deaths at mid-staffs were about 50 to 200 people a-year more than average between 1996 and 2007. It is a difficult number to swallow. But these were less than one per cent of 154,661 patients admitted with serious conditions in that time.

There was really not much difference between Mid-Staffs and the national average. Seriously ill-patients died at a rate of between 2.8 per cent and 7 per cent at Mid-Staffs between 1996 and 2013. The national average was between 3.5 per cent and 7.1 per cent.

Between 2004 and 2007, when the difference was highest, Mid-Staffs' death rate was 5.9 per cent. This was a mere 1 percentage point higher than statisticians had forecast it would be. Their calculations, based on the national average, had predicted it would be 4.9 per cent.

They predicted that of 60,837 patients admitted to Mid-Staffs with a serious illness in those four years, about 2,967 would die. The number of actual deaths was 3,561.

That is still 594 more people who died than forecast. Their significance was nevertheless but a vague bellwether. They constituted only 0.9 per cent of seriously-ill patients admitted to Mid-Staffs in their time.

Even in the decade between 1997 and 2007 when Mid-Staffs' death-rate was higher than average, it amounted to only 0.8 per cent of 143,573 seriously-ill patients who attended the hospital. Statisticians reckoned 7,904.5 patients should have died in a decade. Actual deaths were 9,097. They were 1,192.5 above average.

In the years after 2007, when Mid-Staffs was doing better-than-average, its margin of fewer deaths amounted to 0.5 per cent of admissions. The difference for the last 17 years (the entire period for which records are available) was 0.3 per cent of admissions.

Looked at this way, it is easier to imagine a hospital battling against the odds to save people's lives than it is to shout fire and brimstone about a failed National Health Service.

It is from the perspective of a 0.3 per cent difference easier to imagine a hospital's day-to-day struggle to save lives having made more successes on one day than another, but perhaps accumulating more failures one year or another, and adding further over a whole 17-years to a total that might have been better, perhaps.

But at a hospital whose successes fell below the national average by 0.3 per cent of all seriously-ill patients it treated, perhaps staff did as well as could be expected. Perhaps now with hindsight granted by data tools like those developed by the sober, benevolent academics at Imperial College, even that narrow margin might be cut further.

This sort of death-rate leaves a lot of room to imagine the day-to-day complexities of human strife.

Death indicator

What we have instead is the HSMR indicator - the thing that turned death at Mid-Staffs into a frightening, microscopic image.

It did this by expressing the difference not in relation to actual numbers of seriously-ill people. It did it by expressing the difference as a proportion of itself - as a proportion of the forecast death-rate - a statistic of a statistic.

So for example, statisticians forecast there would be 721.2 deaths among 14,139 seriously-ill patients admitted to Mid-Staffs in 2005.

Looked not as an HSMR but as a simple death-rate, forecast deaths amounted to 5.1 per cent of actual admissions in 2005. Actual deaths amounted to 879, at 6.2 per cent of admissions. The difference of 157.8 people - the amount by which Mid-Staffs was worse than average that year, was 1.1 per cent of admissions.

To get the HSMR, you show actual deaths as a percentage of forecast deaths. So in 2005, 879 actual deaths equated to 122 per cent of those 721.2 deaths that had been predicted. Actual deaths were 22 per cent more than forecast. Or they were 1.1 per cent of admissions. It depends how you look at it.

Perspective

The point of the HSMR is to show how well an individual performance compares to the average. It therefore magnifies the differences between hospitals.

It can be understood just how much the indicator magnifies reality when you look at it from another perspective. Take those 1.1 per cent of admissions that in 2005 constituted Mid-Staffs' above-forecast deaths.

1.1 per cent was the difference between the actual deaths, which were 5.8 per cent of admissions, and predicted deaths, which were 4.9 per cent of admissions. The difference is meaningful only in relation to admissions. But consider it as a proportion of the forecast death-rate anyway and you again get 22 per cent.

Magnified this way and then considered in cretinous isolation, the Mid-Staffs death-rate sounds horrifying.

Link the death-rate unscrupulously to isolated incidents of poor care or medical error such as those highlighted by the Francis Inquiry (isolated incidents gathered over ten years and, roughly speaking, numbering about 300 cases among 500,000), and you get a concoction more harmful than would normally be allowed near any hospital, let alone academic institution.

Let us meanwhile not forget the living - those couple of hundred thousand patients who went to Mid-Staffs with a serious illness in the last decade and were cured or, as is more likely with the seriously ill, had their deaths put off a while.

Of 242,688 patients with serious illnesses who were taken to Mid-Staffs with serious illnesses between 1996 and 2013, 229,800 survived. That was 95 per cent survival rate. Not bad when you think about it.

The Francis Inquiry into Mid-Staffordshire NHS Foundation Trust omitted key data showing how the hospital made drastic improvements immediately after it was warned that its death rate had risen alarmingly in 2007.

The data contradicts a key finding of the Inquiry, which was that Mid-Staffs did not give enough credence to the 2007 warning and did not respond to it quickly enough.

It raises serious questions about the reliability of the conclusions reached by Robert Francis QC, the medical negligence lawyer who conducted the inquiry. And while the grossly misrepresented statistical records of deaths at the heart of the Inquiry continue to be linked by members of the coalition government to the fact that the NHS is a public body, their consequent calls for reform rely on incomplete evidence and false conclusions.

Mid-Staffs' death rate dropped to below average the year after the 2007 warning, when the hospital took a variety of measures to root out the cause.

It has been better than average every year since Francis began his Inquiry in 2009, and was so good by the time Francis made his final report in February this year that it put Mid-Staffs among the UK's top 15 performing hospital Trusts.

Francis neglected to report the immediate improvement when he made his first report into Mid-Staffs in 2010. He then neglected to show its continued improvement when he published the Inquiry's final report last month.

Yet his condemnation of Mid-Staffs hinged on a claim that hospital staff did not do enough to respond to the 2007 warning.

Misleading

His condemnation led him to call for criminal sanctions against officials who gave misleading or erroneous reports about health data.

"Information provided to the public should be balanced, truthful and not misleading by omission," he said on publication of his final report from the Inquiry on 6 February.

"It should be a criminal offence to be party to a wilful or reckless false statement as to compliance with safety or fundamental standards," he said.

Francis' report recklessly portrayed data that showed Mid-Staffs in a bad light without contrast to data that showed how quickly it had responded to the 2007 warning.

Mid-Staffs' death rate was well above the national average when the crucial warning was issued in April 2007. Its rate for the prior 12 months had been 130, compared to the national average baseline of 100.

But in the very year of the warning, as Mid-Staffs staff took immediate measures to tackle the problem, the Mid-Staff average fell to 118.

Mid-Staffs had already reduced its death rate well below the national average, to 93, by 2008, the year immediately after the warning.

This meant that though the death statistics had predicted 881.5 people would die of a serious illness like cancer at Mid-Staffs hospitals that year, only 818 people actually did.

Those 818 patients were among more than 17,000 people Mid-Staffs treated for serious illness that year. It beat the statistical forecast of deaths with which unscrupulous and misinformed reformers have been bludgeoning the NHS. The stats predicted 5.1 per cent of those patients would die in 2008. 4.7 per cent actually did.

Improvements

Mid-Staffs went on making improvements that Francis neglected to consider when he condemned the hospital for not heeding the 2007 warning.

Mid-Staff's death rate fell further below the average in 2009, the year before Francis published his first report, to 87.

Francis neglected to publish Mid-Staffs below-average death rate for either 2008 or 2009 when he published his findings in the first Inquiry report on 24 February 2010.

Mid-Staff's death rate remained better than average in 2010, though it had risen slightly, to 90.

It fell again in 2011, to 84, according to data readily available to the Francis Inquiry. It fell again in 2012, to 76.

Yet Francis' report on 6 February this year showed data for just one of five years to 2013 in which Mid-Staff's performance was better than average. It showed just two of those six years from 2007 when Mid-Staff's death rate fell.

Francis did report that Mid-Staffs' death rate fell to 92 in 2008. But he neglected to report its better-than-average rate for 2009, 2010, 2011 and 2012.

The Inquiry report focused attention instead on controversial questions regarding the way Mid-Staffs and other hospitals classified patient outcomes, a process called coding. The controversy left a question over Mid-Staff's improvement in 2008, despite the major questions about coding having since been settled.

Silence

But the persistence of Mid-Staff's better-than-average death rate every year since the warning can leave little question about the high quality of care at the hospital.

Had Francis shown this data it may have altered the outcome of his Inquiry.

The public relations contact of the Inquiry has not responded to the question of why it did not publish data that showed Mid-Staff's improvement after 2007.

It has been responding intermittently to Computer Weekly's enquiries in the last fortnight, which last week included the revelation that reports about its findings had grossly misrepresented Mid-Staff's death statistics.

The Inquiry has, however, admitted to Computer Weekly that it has not published key evidence.

Though it has purported to have published all evidence it received, it has neglected to publish documents that are also crucial to its allegation that the trust did not respond adequately to the 2007 warnings for the sake of ensuring its health care was up to scratch.

The latest revelations about Francis' treatment of the crucial data about Mid-Staffs improvement raise questions about how balanced his own judgment was of the affair.

That is not to say he was wrong to condemn Mid-Staffs for those many anecdotal reports of occasions, from among more than 155,000 patients treated for serious conditions at Mid-Staffs between 1996 though 2008, where patients who had been in receipt of shockingly poor care had died.

It must however be asked whether Francis gave too much credence to historical, isolated incidents and little to evidence that ran contrary to his claims that Mid-Staffs had mishandled the 2007 warning.

Omission

Francis could have readily obtained the data that he omitted.

Computer Weekly obtained the latest data about Mid-Staffs in a matter of minutes. There was no question that Francis could have shown how Mid-Staffs had improved by referring to the same data, called the Hospital Standardised Mortality Ratio (HSMR).

Professor Brian Jarman, whose work in health informatics at Imperial College developed the statistics that sparked the 2007 warning, supplied Computer Weekly with data without delay this week.

Similarly, Mike Alldis, corporate information analyst at Mid-Staffs, generated the data in a matter of minutes while Computer Weekly was on the telephone, and sent it straight away in an Excel spreadsheet.

Alldis was able to extract the data using standard database queries he made using a computer system supplied to hospitals by Dr Foster Intelligence, a commercial spin-off of Professor Jarman's Imperial College unit.

Francis' Inquiry could have got this data. It instead relied on submissions direct from Professor Jarman himself, which it published verbatim in both its 2010 and 2013 reports. Jarman's submission to the 2013 Inquiry included Mid-Staffs death average only to 2008.

The Professor's key submission of Mid-Staffs death averages omitted crucial years that showed it was better than average in 2009, 2010, 2011 and 2012.

Jarman told Computer Weekly that data for Mid-Staffs after 2009 would not be relevant to the Inquiry. He said the Inquiry's terms of reference were to examine the Trust's performance only up until 2009.

Imbalance

Francis' 2010 Inquiry was indeed asked to report on incidents at the Trust between 2005 and 2009.

It nevertheless reported unfavourable death statistics going back to 1995, for years when the data was state-of-the-art and its reliability highly questionable.

Yet it neglected to report the one year that then already demonstrated rapid improvement at Mid-Staffs.

The 2013 Inquiry report published the same, damning historical data, but excluded more recent data that showed Mid-Staffs in a favourable light. The more recent data was more reliable.

The 2013 report's terms were also broader than 2010. Its key conclusion - that Mid-Staffs had not responded to the 2007 warning - could not have been judged properly without considering the marked statistical improvement.

It was reckless for Francis to damn Mid-Staffs with statistics and then not show how those very same statistics undermined his key accusation.

The 2013 Inquiry report relied for HSMR data on a table it copied from evidence submitted by Jarman and referenced BJ/14. That table neglected to show the improvement at Mid-Staffs in 2009, 2010, 2011 and 2012.

Jarman said he supplied the Inquiry with more recent HSMR data for Mid-Staffs, in a graph on slide 38 of a 96-slide presentation he submitted along with 663 other pages of evidence.

That graph, referenced BJ/59, showed the rapid improvement in Mid-Staff's death rate after the 2007 warning - but only to 2010.

There was no evidence that Francis took notice of this slides' report of Mid-Staff's better-than-average performance between 2008 and 2010.

Nor did the 2013 Inquiry report demonstrate that Francis took notice or even sought to learn how Mid-Staffs continued to improve in 2011 and 2012.

Francis said on publication of his report on 6 February that Mid-Staffs failures in handling the data had betrayed public trust in the NHS.

Francis' own failures in handling the data might have betrayed public trust in the Inquiry.

Data at the centre of the NHS scandal has been grossly misrepresented in reports that 1,200 people died needlessly or avoidably at Mid-Staffordshire hospitals.

Even reports that deaths at Mid-Staffs were "excess" distorted a statistical measure that experts warned was unreliable when they reported it to Mid-Staffs, sparking the scandal in 2007.

Experts warned the consequent Public Inquiry that people might not be able to handle raw hospital mortality data, which they said should be taken with a pinch of salt: the complex array of factors that determine someone's real chance of survival when they are taken suddenly to hospital with a serious condition.

It was feared mortality data would spark the sort of simplistic outrage that has indeed characterized public response to the Inquiry. It could create a culture of fear, they warned.

Roger Taylor, director of research at Dr Foster Intelligence, the firm that produced the data that became the scandal, told Computer Weekly the statistics had been "woefully poorly misunderstood".

"There is no number for the actual people who might have died avoidably," he said. "It is impossible to put an actual figure on it".

Yet press reports continue to describe the Mid-Staffs deaths as avoidable, needless or excess.

The most abused statistic is the 1,197 people with who died while being treated for the most mortal conditions.

Dr Foster derived the number by calculating statistics on people who died from conditions as serious as cancer and as perilous as urinary tract infections.

It calculated that 8,688 people should have died at Mid-Staffs, based on a national average of deaths in hospital of people with serious conditions.

It expected to see that this many people had died over 10 years at Mid-Staffs, using data gathered by the NHS and fed into its formula, which it calls the Hospital Standardised Mortality Ratio (HSMR).

It found instead that 9,885 people had died while being treated for serious conditions at Mid-Staffs over that decade, between between 1995 and 2007. This was 1,197 more deaths than predicted.

Deaths as predicted would have amounted to a 5.6 per cent death-rate for the 154,674 people treated for serious conditions at Mid-Staffs over the period.

The actual death-rate was 6.4 per cent. The difference between the estimate and the actual death-rate was 0.8 percentage points.

People

There has been outrage that even a single person should have died needlessly at Mid-Staffs hospitals. It has been said that these are not statistics, these are people.

The outrage has however been about a statistic. People were removed from the equation the moment the individual tallies of their deaths were collated. They people were not in the equation when Dr Foster calculated the statistics that caused the scandal. The outrage has attempted to transmute the statistic back into people again. It cannot be done.

People have also been outraged at any attempt to alleviate their outrage over the death statistics with an appeal to statistics. People say even one avoidable death is one too many.

Yet the Mid-Staffs Inquiry was adamant that it could not tell how many of these deaths were avoidable. It could not tell how many significant mistakes were being made at the hospital, if many at all.

Most crucially, it could not support claims that neglect and clinical error had caused 119.7 patients to die every year at Mid-Staffs since 1995.

As Robert Francis QC, the clinical negligence lawyer who conducted the Mid-Staffs Inquiry, said in his final report last month: "Unjustifiable conclusions continue to be drawn from the numbers of deaths at hospitals and about the number of avoidable deaths".

"HSMR cannot and does not claim to establish whether any particular death or group of deaths was avoidable.

"The evidence before this enquiry uncovered an alarming lack of consensus on the reliability and significance of patient death rates. As a result, to this day, there is no generally accepted means of producing comparative figures."

Avoidable

The Inquiry was not even asked to determine whether medical negligence or simple, tragic error accounted for any deaths at Mid-Staffs. It would have required complex reviews of circumstances around each and every death at hospital and could not have expected to be conclusive.

Independent reviewers did examine case notes for around 200 of people who died at Mid-Staffs hospitals between 2005 and 2009, and whose relatives had sought a review. These were drawn from around 2,700 people who had died of a serious condition at the hospital in that time, which was 5.7 per cent of the 47,000 people who were treated for one. Only 2,200 deaths were expected, or 4.7 per cent based on the national average.

It found 120 incidents of "unacceptably poor" care. It did not report incidents of avoidable death.

Few avoidable deaths are actually known to have occurred at Mid-Staffs, where it is as easy to tell a tale of heroic endeavour as one of horror from the treatment of more than 50,000 people who are treated there every year. That is how we are used to seeing the medical profession: in Casualty on television, in Florence Nightingale, in the opening ceremony of the 2012 Olympic games.

Inconclusive

Francis' first report from the Inquiry repeated numerous tragic anecdotes of neglect and error, many of which ended when the patient died. There were delays in treatment, misdiagnosis, understaffed wards, people left without water, or with so little attention that they had no choice but to use their beds as toilets.

These incidents created a terrifying picture that led to those unjustifiable conclusions about avoidable deaths that Robert Francis was at pains to avoid.

Francis and others who have looked closely at Mid-Staffs - including those physicians who conducted the case note reviews and those who advised the Inquiry - have nevertheless been unable to determine how many deaths may have been avoidable at Mid-Staffs, let alone how many were caused by criminal neglect.

Even Professor Brian Jarman, whose research at Imperial College founded Dr Foster, told Computer Weekly he had not tackled the question.

The human body, medical conditions, hospital environments, the social context within which someone has lived a life, the links between psychology and physiology: these are each so complex on their own as to make the cause of death of someone suffering a serious medical condition hard to pin on someone as blame. That is not to say there are never cases of criminal negligence either brought or let go.

Some have looked at the Mid-Staffs studies and claimed only one avoidable death occurred at the Trust between 2005 and 2009.

Others, like prime minister David Cameron, have preferred to suggest a link between soiled sheets and death through neglect. His condemnation of Mid-Staffs hospitals in parliament on 6 February - the day Francis published his final, 1,794-page report of the Inquiry - would have assuaged distress relatives. But there are signs that this has served those on the political right who would exploit the moral panic that has flourished under Cameron's watch to damage the NHS. Reality might exist somewhere in between Casualty and the Tory right, in a non-barbarian interest in using mortality data to improve healthcare.

Statistics

Even the statistics cannot determine how many avoidable deaths occurred at Mid-Staffs.

Imagine a hospital with 100 patients, Taylor told Computer Weekly. Imagine the statistics have estimated that it should have a death rate of 20 people, or 20 per cent. Then its actual death rate turns out to double, at 40 per cent.

You might say those deaths are "excess deaths" statistically, in that the 40 actual deaths exceeded the statistical estimate of 20 deaths. But the terminology creates that woefully poorly understood impression that 20 people died avoidably.

Imagine the hospital of 100 patients had 20 who were 100 per cent guaranteed to die before they leave, and 80 with not even a single chance of death. If all 20 of those who were fated to die did actually die, then the hospital would have met its statistical quota of dead patients. If 20 people out of the 80 without a single chance of dying did actually die as well, then it would be true to say there were excess deaths.

But the only way you could say those deaths were excess would be if this preposterous example were possible.

Now imagine a hospital with 100 people, each of whom have a 20 per cent chance of dying. If 40 patients die, that would be 20 more than expected. But which of those 40 people died avoidably, said Taylor.

The stats give good reason to inspect a hospital to see if there are any problems that might account for more seriously ill people dying than average. This is what the Francis Inquiry was getting at. This is also what Mid-Staffs did immediately the Daily Telegraph brought Mid-Staff's above average death-rate to it and the country's attention in 2007.

Even so, Taylor told the Inquiry, hospitals should not even be expected to investigate all the mortality alerts generated by the computers it has watching over NHS data, "as many would turn out to be caused by matters of no real concern".

"Southwest One is failing", Somerset's then Council leader Ken Maddock said a year ago last Friday.

"It is failing to deliver promised savings," he told the full council when it met to vote on his service-cutting budget 15 February 2012.

It was indeed failing, financially. But that may have been largely because it had been strangled by the council.

Southwest One, the outsource venture Somerset formed with IBM, Taunton Deane Borough Council and Avon & Somerset Police Authority in 2007, wasn't allowed to implement savings without the council's approval. Somerset had been withholding its approval. Hence SW1 was failing.

Computer Weekly has since last week asked repeatedly why Somerset had stopped approving SW1's proposed savings, which it began to do in 2010/11. The council has refused to say.

This week, at Somerset's 2013 budget meeting, the consequences of SW1's supposed failure could be seen in a council vote for cuts in public services to vulnerable people.

Somerset's annual budget vote on Wednesday included cuts to an extensive range of "front line" services, arranged by John Osman, Maddock's successor as council leader, and his Cabinet.

Pity

It was mostly belt-tightening, with staff and capacity being cut, and not necessarily all without care for sensible thrift.

But it would hit children's centres, child protection assessments, targeted intervention for the education of vulnerable teenagers, school transport for children with special educational needs, youth support, children's staff training, short-breaks for disabled children, psychology services again to children with special needs, and so on across the whole council.

Maddock had said, on putting his Change Programme to a council vote on 9 May 2011, that the situation had been forced on him by the Coalition* government, which had cut local government funding. Somerset County Council would be short of £46m between 2013 and 2015. (The shortfall has since increased to £51m).

But it was also ideological. Maddock, Osman and the Cabinet had billed it as a big society programme. Public services would be replaced by "community empowerment", as Maddock put it in 2011, and private provision.

The public sector would be opened up to competition. Private companies were more productive and had lower running costs, according to Somerset's Change Programme. People would live longer if the health service was private, it said. Children would be better educated if private companies ran schools. The Coalition* government would make it possible when it enacted bills in parliament to reform the NHS, schools and local government.

SW1 had meanwhile proposed savings that would have offset Somerset's budget shortfall. If only the council would approve them.

SW1 had in fact already set up £57m of savings for Somerset County Council, by combining the purchasing power of it and the two other public bodies that were shareholders in the venture.

"By the end of July 2011 potential savings for Somerset County Council of £57.4 million have been identified and agreed," said the Audit Commission's report for 2010/11.

Neither party has been willing to say exactly what was involved when Computer Weekly has asked. But the gist was that SW1 got good prices on procurement contracts. The savings would be eked out, year-by-year, under contracts that would go on till 2017 when SW1's own contract concluded. SW1 arranged the deals, then put them to Somerset for approval.

Blocked

SW1 was waiting for Somerset's go-ahead on schemes to save another £77m at the point when Maddock proposed his Change Programme.

"The Council is in the process of delivering these savings, with a further £76.6 million identified by SWO but not yet agreed by the Council for delivery," said the Audit Commission's 2010/11 report.

But Somerset never agreed them.

SW1's accounts to 31 December 2011 showed how Somerset had let things go into stasis.

Somerset had approved SW1 savings schemes worth £58.5m by the close of 2010, just months before Maddock launched the Change Programme.

A year later, at 31 December 2011, approved savings stood at £57.4m. Nothing had changed. SW1's £76.6m additional savings went untouched.

Another year on, by 31 December 2012, Somerset had still approved no more than £58.3m worth of SW1 savings, according to a statement Somerset made two weeks ago in response to an FOI request by David Orr, a local campaigner.

It had been three years. Somerset had not approved a single SW1 savings scheme. No wonder the outsource venture was in such dire financial straights.

The stasis could also be seen in numbers, recorded both by the Audit Commission and in SW1's own accounts, for schemes that Somerset approved and then subsequently implemented - schemes that could therefore start delivering savings.

SW1 and Somerset had implemented savings worth £48.4m by the close of 2010, £48.5m by the close of 2011 and £49.5m by 31 December 2012.

Stasis

Savings that Somerset had approved and not yet implemented were called "in transition". This was simply the difference between approved and implemented savings. It is nevertheless illustrative of the situation that the "in transition" numbers were not actually in transition: £10.2m in transition in 2010, £8.9m in 2011, and £8.9m in 2012.

It had been a different story early on.

Savings were identified, approved and implemented quickly, despite SW1's customarily botched implementation of an SAP computer system some serious problems for Somerset. The SAP problems forced SW1 to delay the majority of its savings programmes till 2010/11. But that was the year Somerset stopped approving them.

SW1 nevertheless identified £30m of savings in 2008, £22m of which Somerset approved and implemented quickly.

By April 2010, Somerset had approved £45.5m of savings and SW1 had another £40m lined up. That was £80m in all.

But Maddock put SW1 under review. By April 2011, Somerset had  another £76.6m SW1 savings awaiting its approval.

Last February, with the unapproved savings still gathering dust, and with councillors sitting to decide on the administration's cost-cutting Change Programme, Maddock used SW1's "failure" to give his cuts a boost. It was apparently reason to step up the council's cost cutting review. And that is what the council did, as was evident in the cuts Osman passed this week.

David Huxtable, who as Cabinet member for resources had been responsible for the Change Programme, said in his report to this week's council meeting, that the Change Programme had been "revitalised" and would now deliver its promised financial savings.

"A prime motivator of this Change Programme was to deliver the savings required to meet the shortfalls predicted," he said.

Somerset aimed to create a public sector that was smaller and more productive. Yet his administration had left SW1's proposals for procurement efficiencies gathering dust for another year.

SW1's relationship with Somerset has meanwhile deteriorated into a legal dispute over what outsource fees are due. Their payment depends on the partnership making procurement savings.

Suppressed

Critics have focused on actual cash savings Somerset has realised on those SW1 schemes it has approved and implemented. SW1's jolting start and the economic downturn helped suppressed these numbers well enough on their own at first. The council's freezing of relations and cuts in spending have ensured they don't recover quickly.

Somerset cashed £4.2m procurement savings in 2010 thanks to SW1. It cashed £7.6m in 2011 and £16m in 2012. The benefits seem paltry against the SW1's 2017 target of £192m. Yet it has still doubled cash benefits every year of the last three while Somerset blocked its additional savings schemes.

It seems unfair to compare the £16m cash against the £192m full-term target in the circumstances. This did not prevent the release of this figure last week confirming prejudices before the budget meeting, that SW1 was a failure and would not deliver its promised savings in the council's hour of need. SW1 made only 10 per cent of target thus far, Computer Weekly duly reported.

This scathing comparison was also made by Simon Garlick, who was recently appointed Somerset district auditor and took the practice to Grant Thornton, accountants who took on Somerset's audit work when the government disbanded the Audit Commission's regional responsibilities last year.

"SWO actual savings delivered of £13.03 million (as at the end of June 2012) are well below the Council's contract projections of £100.63 million (by 31 October 2012)," he said in September. He has since repeatedly criticized councillors for not getting on top of SW1's failure.

Garlick's reports lack the edifying detail of earlier public audits of SW1's work in Somerset. He has also refused to answer questions. Someone should clarify how well SW1 would be doing now had Somerset embraced all £135m of procurement savings the outsourcer had on the table two years ago when the numbers were last tallied. And if the failure is therefore SW1's or Somerset's.

Official auditors have started scrutinizing the vaguely menacing fog that has obscured government spending on cyber security.

Early signs are that most of what passes for cyber crime on these shores is credit card fraud. Yet most cyber security spending has gone to intelligence and defence agencies. And much of the rhetoric used to justify the expenditure has been about "attacks" of an unspecified but most certainly frightening nature, by people of uncertain address and approximate degree of malice.

One thing is most certain though, on the publication today of the National Audit Office's first report on cyber security spending, and that is that the cyber threat has been very good for business.

Or it has at least been good for the perception that the UK is a good place to do business. And that is good for business.

Booz Allen Hamilton, consultants of choice to the US military-industrial complex, commended the UK above all G20 economies last year for being most capable of withstanding cyber attacks and nurturing a digital economy.

This may be because most UK cyber security efforts have, according to the NAO, been concerned with stopping credit card fraud and trade in personal data. Their success looks good for UK plc.

It has also been lucrative for the security business, both public and private. It gave extraordinary priority to the promotion of computer security as an export industry. Of nine countries whose cyber security policies were reviewed by the NAO, none had placed as much emphasis on how they might incubate an industry.

Government meanwhile spent 73 per cent of its cyber security budget with intelligence and defence agencies.

This fact belied the most notable achievement of the strategy last year, when the Serious and Organised Crime Agency said it closed 36 websites selling pilfered credit card details.

Menace

Government statements on "cyber crime" are not usually so mundane. The Prime Minister marked the launch of this strategy in 2011 by declaring it would tackle terrorists as well as crooks.

A steady stream of vaguely frightening public statements have helped ease cyber badness into the ill-defined region where dirty feet and foreigners reside in the British psyche. The NAO noted a couple.

Jonathan Evans, the director general of MI5 said last year for example that there was more malicious activity in cyberspace than there used to be.

Foreign secretary William Hague meanwhile told the Budapest Conference on Cyberspace that Olympic computers systems were attacked every day the games were on last year.

Yet much of what passes for this sort of cyber crime are attempts at protest, vandalism and espionage. That's not to say it might not be undesirable. Nor that it might be possible that hackers one day break into the air traffic control system and make all the planes crash. Or something. But the most significant breach of cyber security in Britain to date was the occasion in 2008 when two CDs of child benefit data got lost in the post by HM Revenue & Customs.

The implication of the HMRC data loss was that there would be some sort of peado frenzy if our data was not locked down as strictly as our kids.

Just two years later, the NAO notes, cyber attacks were elevated to one of the four highest risks to the security of the nation, alongside terrorism, invasion and natural disasters (which included pandemic disease).

Guns

What had also happened in this time is that the US military had elevated cyber space to one of five domains of operation (types of field of battle) alongside air, sea, land and outer space. Cyberspace was however a civil domain. That did not just mean civil in the sense of a peaceful village turned to rubble by care-less tanks and mortars, or a civil domain like that of a wedding party broken up by missiles fired from drones.

It meant also that most of what passed as cyber "attacks" that weren't spotty kids and small-time hoodlums was espionage, and that included spying done by corporations. It is perhaps therefore appropriate that nearly two-thirds of UK cyber security spending is going on intelligence and not the military.

The idea of the strategy was to bring order to the internet, that most vaguely understood of frontier regions, to make it a safe place to do business and let kids play.

It was to be done by a principle best understood by comparison to the gun-toting American citizenry: that was that a nation would be more resilient against any sort of threat - whether foreign or home grown, official or bandit - if each and every constituent took its portion of responsibility for the whole.

In the UK strategy this meant two very mundane matters of utmost importance that have largely been drowned out by all the bombast. The first was that people should make sure their PCs are secure, so they don't get press-ganged into some distributed, borg-like attack on the national biscuit distribution infrastructure.

And that corporations communicate openly about what is really known about what "attacks" really are happening on major systems.

Both of these most important initiatives appear to have got nowhere.

Corporations have been excused their part for many years because of their assumed right to be unassailed by the national interest. They fess up security breaches only reluctantly. They like to portray a public image as clean as a fresh-pressed, brown shirt. Computer security issues are treated like old-boys network secrets.

Yet the NAO's intervention into this secretive world has reminded us that corporations participate not only so that each part of the economy might itself be, holistically, more secure.

If it is known precisely what these "attacks" are, it can be known precisely what this threat to national security is, so that it can be dealt with appropriately in the national interest, and not used as just another excuse for an arms race, or a land grab by some civil agency or industry.

Vague threat

Others have noted how unsatisfactorily vague it has all been so far beyond the work of the specific agencies charged with tackling some identifiable parts of "the threat" - namely the National Fraud Agency, which stops people nicking money off your credit card, and the Child Protection Agency, which stops paedos phishing for little kiddies (1,300 reports a month, apparently).

"If cyber attacks do not occur, it will be difficult to establish the extent to which that was due to the success of the strategy and its implementation," said the NAO today.

It was trying to get the government to conduct its cyber strategy robustly, it said, in a manner that could be audited. It could be deduced that approximately two hundred million pounds had already been spent in a manner that could not be audited.

It wanted to see the cyber security fog "defined" properly, and "clarity" applied to the logic that those conducting these initiatives have used to justify themselves and their budgets. The NAO had for example been forbidden scrutiny of the £470m that intelligence and defence agencies got for civil cyber security.

Official UK agencies have chucked out some dodgy statistics on cyber "attacks" before now. Computer Weekly has asked for details in the past and been refused.

The computer industry's accounts of the "threat" have been similarly self-serving. The NAO said such data should be treated with caution, noting a claim by Kaspersky Labs, a computer software company, that "the UK suffered around 44 million cyber attacks in 2011, compared with one billion attacks across the world".

So there are two things that are certain after the publication today of the NAO's plan to survey cyber security.

The other is that it is about time an official body started picking apart the weakly tangled web the security services and computer industry have weaved around this cyber stuff.

An official audit has raised doubts about the coalition government's claim to have squeezed £800m of savings out of the ICT "oligopoly" immediately after it came to power in 2010.

After making two years of misleading reports to parliament about the contract savings, Francis Maude and his Cabinet Office's Efficiency and Reform Group have been unable to stand the numbers up.

Unsubstantiated savings total £1.2bn so far, putting a big whole in £8.8bn central government cuts the Cabinet Office has claimed thus far.

The immense size of the unreliable figure raises serious doubts about the rest of the cuts, which Cabinet Office claimed it made through a combination of hard-ball contract negotiations, ruthless curtailment of IT projects, wily penny pinching, and general derision of the large suppliers that dominate public sector IT.

The National Audit Office told Computer Weekly that of £1.2bn the Cabinet Office said it cut after negotiations with the major suppliers in 2010, it has not been able to substantiate a single penny.

It had been unable to examine the £800m savings the Cabinet Office claimed it made in 2010 after urgent negotiations with the 19 largest suppliers, when it imposed an unprecedented moratorium on ICT spending across central government.

It was able to examine instead another £417m the Cabinet Office claimed it made in 2011 by holding the same 19 suppliers to the same tough terms it renegotiated in 2010. This number did not stand up.

"We couldn't look at the 2010/2011 numbers," said an NAO spokesman, referring to the £800m, for which the Cabinet Office had claimed and won favour in that crucial honeymoon period after the 2010 election.

"The £800m has not been audited," he said. "They made that claim, and then the first bit we audited they couldn't stand it up.

"That was the first opportunity we had to audit those figures," he said.

The Cabinet Office made the last concrete claim for its contract negotiations in August last year. It said: "Contract renegotiations in 2010/11 delivered £800 million of savings across suppliers and £437 million were delivered in 2011/12."

Maude and his Cabinet Office officials have made numerous misleading statements about the savings they got from their renegotiations of major contracts, most of which were IT projects. His office meanwhile ignored Computer Weekly's requests for justification of the number.

"Savings"

Maude's first official claim was on 20 October 2010, when he told Parliament that his negotiations with the major suppliers would "deliver some £800 million-worth of savings in this financial year alone". This was all part of very important programme of cuts the chancellor instigated on taking office. Maude told The Telegraph newspaper a month later his office had actually already delivered more than £800m. Parliament and public heard similarly.

Yet Maude's Office told the official auditor in February 2011 that the £800m was still only a "potential" saving for the year to April 2011. And then it carried on telling the public that it had already done it. That's what Maude told Parliament, twice. That's what Ian Watmore, then his chief operating officer, told the Public Accounts Committee. And so on.

Then someone seemed to have taken a dose of salts. In May 2012 the Cabinet Office said it had only managed £570m of the £800m after all.

Incredibly, it then claimed in August it not only saved £800m in 2010/11, but that those same talks saved another £437 million in the following year to April 2012.

This is where the NAO stepped in.

The NAO couldn't look at the £800m, probably because it induced sea-sickness. So it looked at the £437m the Cabinet Office said derived from its same contract squeeze the following year. It examined specific claims totalling £348m. None of the evidence stood up.

Yet this groundless claim had formed part of £5.5bn of savings the Cabinet Office claimed it made in the year to April 2012.

The Cabinet Office drew applause from the trade press last week when the NAO confirmed another £316m of ICT savings it claimed for 2011 where in fact genuine. It was as though the Cabinet Office had not only saved £800m in 2010 (though it hadn't) and £437m in 2011 (though it hadn't), it had saved another £316m on top of all that. Maude's unending line of cuts was in fact like a circus train with the clowns at the front and the doo-doo at the back.

The NAO went to great lengths to excuse Maude's shoddy book-keeping. The Cabinet Office had not had a chance to develop a way of keeping credible records, it said. The Cabinet Office might have been established 1916, but it only started this particular round of contract negotiations in 2010. And then it had to replace some staff in 2011, explained the NAO, though this happened in the calendar-year following 2010 when the Cabinet Office established the measures on which it based both the vaporous £800m contract savings claim and the incredible £437m.

The Cabinet Office's cuts for coming years looked more credible, said the NAO. They looked a lot smaller too.

70,000 civil service posts face the chop under a government plan to move its administration online, Computer Weekly can reveal.

The Cabinet Office has obscured the true extent of the impending civil service cull by using calculations that downplay just how many posts really do face the axe. It has meanwhile kept quiet about job cuts while promoting its Digital Strategy since its launch in November.

But many more civil servants may face the chop if the Cabinet Office plan is followed through to its declared aim of making all government services "digital by default".

Even more than 200,000 civil service posts may be axed in just a few years, based on estimates of similar automation projects carried out by central government departments.

The initiative may leave a stump where the civil service exists today, where nearly 60 per cent of all staff work in "operational delivery", carrying out tasks that may be automated by Computer.

Promoting the Digital Strategy to civil servants at a conference in Westminster this week, Cabinet Office minister Francis Maude repeated the headline enticement his strategy set out in November: that it would cut central government costs by £1.7bn-a-year from 2015.

He and other officials refused to say where the saving would be made. They specifically refused to say how much of the £1.7bn would come from job cuts.

They have meanwhile sustained a stream of reports and media appearances portraying the UK civil service as expensive, bloated and bureaucratic. Maude and his Cabinet Office claim these ailments call for a "culture change" in the civil service. That change, as Maude repeated Monday, would mean shaking it up so it accords with the digital age. What he really means is it must be cut up, and replaced it with digital technology.

Job cuts will count for 78 per cent of the £1.7bn saving the Cabinet Office says its Digital Strategy will make.

After Maude and his officials refused to discuss jobs, Computer Weekly took the matter up with his office and was told days later that the £1.7bn target was based on cuts detailed in a backgrounder, called the Digital Efficiency Report, that accompanied the publication of its Digital Strategy in November.

The report claimed 40,000 civil service posts would be cut to make the £1.7bn saving. But its calculations were dubious.

Its estimate was based on an average full-time civil service salary of £36,000. But the median civil service salary is £23,900, according to the Office of National Statistics. Moreover, the average salary of those administrators doing the "transactional" tasks being digitized under the Cabinet Office strategy is £18,865.

The Digital Strategy would retire more than 70,000 civil service posts if its estimates were based on realistic salaries for administrators. That is over 25 per cent of all operations posts across the entire civil service, including agencies not likely to be targeted by the digital cull.

The Cabinet Office could have used detailed data from the Office of National Statistics to accurately depict where the axe would fall. But it did not.

Its background report did however include a case study in which more than 80 per cent of 400 posts were retired at the Driving Standards Agency, an agency of the DVLA. Those people had been processing requests for driving tests. Their positions were closed between 2003 and 2012, according to the Cabinet Office.

A whopping 216,932 posts would face the chop if the DVLA example did work similarly across the entire civil service, where 271,166 people are presently employed in operational delivery.

The Cabinet Office Digital Efficiency Report said the the DVLA case study "supported these findings", that 78 per cent of its £1.7bn saving would come from staff cuts. Its 78 per cent staff saving correlates closely with the Driving Agency axing 80 per cent of operational posts. It has decreed that its Digital Strategy should be applied across the entire civil service.

The government digital service launched the cost per transaction of government services as part of its "open data" initiative last week, as Maude was doing the rounds with his tale of Whitehall's obstinate bureaucracy.

Overseen by Mike Bracken, head of the Government Digital Service, and former head of digital for The Guardian newspaper, the transaction data did not give any information about the number of posts involved in processing those transactions.

The human cost of digitization has been bowled aside by the Cabinet Office's attempt to portray the digitization plan as a stridently progressive digital reform of unquestionably good morality.

But the evil in this Cabinet Office story is the civil service itself, as portrayed by Maude in his depictions of its bureaucratic obstruction of his reforms.

"Get on board, be radical, pioneering, and ambitious and build a digital revolution in Whitehall," Maude urged digital executives of the civil service at Westminster's QEII Conference Centre on Monday, a week after he primed the media with complaints about recalcitrant Whitehall bureaucracy.

"We are at a special moment where things can be done in a way they have never been done before, and at a dramatically lower cost.

"Success hinges on bringing about a culture change in every corner of Whitehall. How many times have those words been said? And how difficult is it to do?

Maude urged departments to implement digital leaders and he said: "Those leaders will need to be bold, pioneering and ready to challenge the status quo."

Maude's speech hailed the £1.7bn saving but neglected to say where it would be made. The same was true of the speech he made when launching the strategy in November. And the Digital Strategy itself says nothing of the dirty business that must be done to see these white hot reforms through.

Approached by Computer Weekly and asked to explain where the £1.7bn saving would be made, Maude would not comment. Neither would he talk specifically about what jobs must be cut to save the money.

Liam Maxwell, government chief technology officer, also refused to comment on jobs or the £1.7bn. But he did say the Cabinet Office wanted other departments to follow its lead by replacing their chief information officers with a combination of technology officer and operations officer.

CIOs, with their big departmental fiefdoms, may be a hindrance to the Cabinet Office plan to reform public sector IT. It is said lately that too many government systems are old and outmoded, based on paper processes - and that they could be so much more efficient if they were wholly digital.

Maude has proposed instead putting digital skills on the curriculum for training across the entire public sector. Or what is left of it.

Somerset County Council is fight a High Court battle with IBM over their failed Southwest One outsource venture.

Their conflict will reach this dramatic conclusion in November, four years after Somerset started trying to pare back the £400m, ten-year contract it struck with IBM in 2007.

Somerset confirmed the court date in answer to a Freedom of Information request made by David Orr, a local campaigner.

A Somerset spokesman said in a written statement it was defending legal action brought by Southwest One, which is 75 per cent owned by IBM.

SW1 thought the public authority should pay it more money, according to terms established in their contract for outsourced backoffice, procurement and IT services.

Somerset had replied by suing SW1, in which it has a 17.5 per cent stake of its own. It's counter-attack concerned "performance and quality", said Somerset's statement.

A spokeswoman for Southwest One, said it was suing Somerset for bonus payments it thought were due under its contract with Somerset.

"Despite extensive efforts, South West One has been unable to resolve the matter satisfactorily and is now looking for the Court to determine the issues in accordance with the agreed dispute resolution procedure," said her statement.

It insisted Southwest One provided a "robust service" and "substantial benefits for taxpayers".

Both parties said the court action forbade them from commenting on the dispute any further. Neither statement was any more or less informative than they had made about their troubled contract before it degenerated into a legal battle.

Both have for months now refused requests for copies or references to public documents of their dispute over public money.

Somerset Council is however required by law to answer Freedom of Information requests. Though it is allowed to take its time. David Orr filed his formal request for information about the dispute on 13 December. He did not receive a reply until yesterday, after the statutory time limit for a response had passed.

Southwest One is not required to answer public requests for information, though it is 25 per cent owned by the public. The IBM joint venture has still not answered questions relating to financial irregularities exposed by a Computer Weekly investigation last year.

Southwest One's spokeswoman, who is on secondment from Taunton Deane District Council (which itself owns 12.5 per cent of the venture) insisted it was due more money from Somerset because it had identified savings the Council might make in its procurement - by buying pens and napkins differently, that sort of thing.

It did not claim to have delivered these savings under the procurement part of its contract. It had identified them. It could be deduced that Somerset hadn't actually realised them, or had perhaps not taken them up.

"South West One has secured procurement savings that amount to £24.5 million," said Southwest One's written statement.

It did not say how this compared to its targets and why it should be the subject of a legal dispute. Nor did it say how much money it was owed. Nor why it had not been paid. Nor why it believed it was due. It just bragged about identified procurement savings.

"South West One has also successfully achieved external recognition from the Cabinet Office for Customer Service Excellence and operates an award-winning Customer Contact Centre," it said.

Southwest One said in its problematic 2010 accounts that it had met 91 per cent of Key Performance Indicators specified in its contract with Somerset. It had delivered £7.6m of savings to the Council. It had promised £190m of savings by 2017. It's 2010 statement said it had identified another £139m of savings. Somerset has been cutting off payments to Southwest One since a Conservative council came to power in 2009. Earlier this year it took some of SW1's services back in house after two years of negotiation.

CSC UK said last week it was cutting costs in the UK by moving jobs offshore, after posting a loss of nearly £1bn.

It also revealed declining profits at its flagship, 10-year outsource with Royal Mail, which Computer Weekly revealed recently had avoided paying tax by front-loading contract costs.

Directors said the UK group's profits would show a hit again next year, when it publishes results for the financial period about to end in March 2013.

Those numbers would be marred by the cost of restructuring this year to cushion the NHS loss, in addition to measures taken as part of a turnaround plan instigated last summer by Mike Lawrie, who has been shaking things up at the troubled supplier since he joined last March.

Wiped off

The UK group posted a loss of £929m for the year ended 30 March 2012. This hole matched the £953m it wrote-off after the collapse of its £2.9bn NHS contract last year. But even without this mishap, its income would have been perilously flat.

The NHS write-off wiped out the balance of work in progress at CSC UK almost entirely. It amounted to 99.6 per cent of work in progress at at the group company, CSC Computer Sciences Limited.

The company had begun remedial restructuring even before the end of March 2012, said CSC UK director Andrew Thompson in the report.

The restructuring would "increase use of lower-cost offshore resources", he said. This had involved 655 job cuts in the year to April 2013, a redundancy bill of £41m and other restructuring charges of £13.9m. The highest paid UK director received £530,000 in fiscal 2012.

Guy Hains, CSC director who had overseen the NHS programme since its inception in 2003 but was due to leave at the end of December, said last April CSC had redeployed or discharged 30 per cent of staff working on the NHS contract. This was intended to cut costs, he said, but they were staff who would have been moved anyway because their work on the project was complete.   

More to follow

CSC warned of further hits on its profits due to restructuring this year. It denied one analyst report that most of its major contacts - including including UK Visas, UK Atomic Energy Agency and Network Rail - were due to terminate in 2012. Royal Mail was due to terminate in 2013, but had been extended.

"We absolutely have a good story to tell on the year ahead," said a CSC spokeswoman. CSC did score a major contract win for its 2013 period, a £303m to run veterans payments for the Ministry of Defence.

Kable Research has reported that 60 per cent of the UK's public sector IT budget was held by the two big departments of state: DWP and HMRC, and most of their spend was tied up with IBM, HP and Capgemini under long term contracts.

Most public spend was now in local government, where there was much backoffice and IT that is theoretically now earmarked for outsourcing to the likes of CSC. But it was also where CSC had suffered a knock on its reputation through work in the defence sector that had linked it to the US Central Intelligence Agency's illegal "rendition" of people from European countries in the "War on Terror". CSC's links to "torture flights" had become a factor in its bid for work in Cornwall recently. CSC pulled out of bidding at the last moment, leaving the work to BT.

Torture

Lawrie's turnaround plan involved cutting under-performing contracts. It has cut £16m of profit off two unnamed contracts. The implication was that they were either under-performing and this had not been reflected in CSC's numbers, or they had been overstated in the first place. The accounts did not give an explanation.

CSC is still subject of a fraud investigation by the financial regulator that includes its UK business - and until it defunkt, had also implicated its NHS contract. The UK accounts made no mention of irregularities.

The contract readjustments would be shown in the next set of accounts, but had been dragged up from three years ago.

"The future losses on onerous contracts arose from the restructuring exercise completed during the financial year period ending 28 March 2008," said the 2012 accounts.

Royal Mail

The accounts meanwhile marked as "principle risks" both its remaining most major contracts - its recast contracts with Royal Mail and the NHS. It could only now book revenue on these contracts once it delivered the goods. If its costs turned out to be higher than anticipated it could not pass them on to the customer. It would have to swallow them.

It's Royal Mail contract had already seen gross profit plunge 31 per cent between fiscal 2011 and 2012. It booked 8 per cent less business with Royal Mail in the year to 30 March 2012, in separate accounts published for CSC Business Systems Limited, the unit it acquired from Royal Mail in 2003.

CSC didn't manage to cut costs in the Royal Mail unit as quickly as its sales dropped this year, with the accounts showing costs down only 5 per cent. It has lost lost £2.89m over the life of the contract to date, according to Computer Weekly's analysis of the unit's annual accounts since 2003.

Computer Weekly recently demonstrated how CSC had claimed tax breaks on the Royal Mail contract by loading losses to the front of the contract. To date, after nearly the full 10 year term, it has claimed tax credits of amounting to 3.8 per cent of its £1.6bn turnover. The payment of charges between CSC subsidiaries is hidden under UK rules. It may be impossible to determine how much of CSC's Royal Mail income was paid to other CSC companies as costs, and how these payments would have been justified, before it calculated its tax obligations.  

The Royal Mail deal was due to expire in May 2013. Royal Mail has been unable to provide details of its public contract with CSC. Details of the extension are apparently unavailable either on contractual database of the Official Journal of the European Union, the official record of public contracts.

CSC was unavailable for comment.

We know what we don't want. But we don't know what we do.

Thus have anti-outsourcers in Barnet and Cornwall begun the new year: with too little momentum to make something substantial of the astounding victories they won over privatizing council executives in 2012.

Their council authorities are pressing on with their respective back-office privatizations with the determination of Panzer tanks.

Barnet is preparing to sign its outsource contract with Capita at the end of January, having reached another milestone in the procurement yesterday.

Cornwall expects simultaneously to be putting its final, revised outsource plan to a council vote. The game could be over, in effect, by February - the last hopes for non-profit government and social administration trampled under the caterpillar wheels of capitalism.

Two events betray this all for the tragedy it is.

The first is the exit of Kevin Lavery, who as Cornwall CEO put the County on the road to privatization. The announcement of his departure on 24 December left a smell of magnesium in the air, as after the stage flash that obscures the defeated villain as he exits stage left in the Christmas panto.

That was how it looked after events in Cornwall that culminated on 11 December with a rebellion in the elected chamber that tore up Lavery's plans to privatize 70 per cent of Cornwall council services in a deal with BT. The same rebellion had already deposed the council leader. Now perhaps it has had Lavery's scalp too. It was cause to celebrate the revival of democratic power in the regions.

Oh no he isn't

But Lavery was not really defeated. The council threw out his plan and opted instead for a fudge that will end up being worse for Cornwall.

What councillors went for instead Lavery had dubbed 'BT Lite'. It meant, in the most shallow terms of comprehension available to your typical pantomime hero, outsourcing some council services but not as many as originally planned. It is really 'BT lean'.

BT's Cornwall venture will be all the fitter for it. Cornwall's public authority will be all the worse.

The new deal involves Cornwall investing its most valuable and potent resources in BT Lean. You wouldn't think it if you were a local government traditionalist waving a protest placard about job cuts at the council gates as Lavery swept through in his executive saloon car, but the council's most valuable resources are in its IT department and systems.

Or they at least form the crucible of its potential and its power. And that is the core of what Cornwall is selling to BT: ICT and document systems, and Cornwall's rights to operate telehealth services. Only the brains, that is, of the public authority.

The fudge Cornwall councillors claimed as a victory for democracy on 11 December was a plan to retain "in-house" all the flabby council functions that have been allotted by fate for digital servitude and cuts cuts and more cuts.

Cornwall kept the people-intensive call-centre, libraries, benefits and council tax processing, and local drop in centres called One-Stop Shops that Lavery had originally planned to throw in the BT deal.

Only the bits, that is, that are being digitized and closed down.

Abracadabra

Lavery's original outsource plan embodied a quid pro quo for Cornwall.

BT would get all the valuable digital stuff it really wants only on condition that it took the flabby people bits as well, and managed their redundancies as it automated their functions.

Now BT gets the fruits and leaves the council with the labour and the pain of either dismantling it or carrying its cost. Or perhaps it might manage the digitization of these old-world departments itself? After it sold its IT department and document systems under BT Lite?

Lavery has done the sensible thing and arranged to leave the country.

The privatizing CEO has done all he set out to do in Cornwall. Now imagine the Cornwall he leaves behind: a council that will in future conduct most of its business digitally, to people using websites and smart phones, using functions shaped and administered by a private company.

Enquiries, payments, reports, complaints, and so on as you name it will be presented in a standard user interface that behaves in a bog-standard manner defined by whatever gruel-like, proprietary computer system BT delivers up under its contract to Cornwall and numerous other local authorities.

It's all the same anyway, human life. The same council enquiries, payments, reports, complaints, and so on as you name it. The same births and deaths - that's the idea.

The same problems with foxes and dustbins. The same problems trying to find somewhere to dump your old sofa, mattress and CRT television. The same problems with newsy neighbours who don't like bass music. The same problems trying to dodge council tax bailiffs and make your shitty little social benefit stretch to an eighth of a bag of bad weed - if only the rozzers hadn't cut off the decent supplies of resin there wouldn't be all this hydroponic brain damage rotting the streets.

Look behind you

Imagine a future where human failure and malfunction were administered by computer as well. That is how it will now be administered specifically in Cornwall, under the arrangement the council rubber-stamped on 11 December, by BT Telehealth. Maybe not today. Maybe not tomorrow. But one day soon.

BT Telehealth: which will have a base in Cornwall after acquiring under 'BT Lite' the digital health contracts and interests of the council and the county's three health trusts. That's the second of three major bits of the 'BT Lite' deal Cornwall councillors scored on 11 December.

Now imagine also a future NHS, prepared for privatization by the coalition government, then engulfed by the tide of private suppliers getting in on the telehealth game.

Health will in coming years be administered increasingly by systems that automate diagnosis, monitoring, drug administration, emergency procedures, and so on. It will be done by systems designed and operated by whichever private companies are first to move this year, the pilot year of the Department for Health's telehealth programme. This year, during what will be known by history as the period of wholesale privatization of Britain's public sector as a by-product of automation.

The revised BT Cornwall deal ensures the council and regional health bodies not only give up their means and rights to do telehealth, but that they tie their fates with BT's in a joint venture.

BT gets a telehealth monopoly in Cornwall by eliminating any possibility that the public health service might develop its own telehealth faculties, and the possibility that it might procure them from one of BT's competitors. The pilot market alone is worth up to £23bn nationally.

Nyah-ha haaah

The tragedy is how Lavery gets to clear off and do this in his new job in New Zealand without ever having made the case for why automation should involve privatization here at all.

His pitch to councillors and public in Cornwall was simply that the BT deal would cut costs and create jobs, as though they were children at the fun fair who couldn't see beyond the bright lights to the grime and throttling mechanics that turns the Wurlitzer. Just give us your three quid and get on the ride.

The greater tragedy was illustrated by two legal challenges in Barnet, where the council arranged before Christmas initial approval to sell its services to Capita. It's roughly the same deal as in Cornwall: private company takes on people-intensive council services, digitizes them, sacks lots of people, makes lots of money.

Two Barnet residents applied to the High Court for judicial reviews of the Capita deal on basis that include the claim that the council had neglected its statutory duty to get the best value for money.

They claimed that since the council had, like Cornwall, not even bothered to consider whether and how well it might manage the digital transition itself, then it would have no idea how good a deal it was getting for selling the means and the responsibility to Capita.

Besides the usual kiddy baubles Barnet has used to sell the idea to councillors and residents, the deal looks like nothing more than a way to pass the buck for sacking people no longer needed when computers automate their jobs.

The tragedy is that no-one has articulated an alternative path. Yet the alternative is here for the taking, and promises to be much healthier for local people, polity and economy.

Happy ever after

The alternative has sort of been articulated by the Barnet branch of the union Unison, which says that instead of having poor services run by ignorant frontline people in call centres, you should embed frontline people in the services themselves - distribute them, and have services speak and think for themselves.

Empower organisations, that is: from the bottom up, instead of asset stripping their nous and concentrating it in an offshore centre or somesuch racket under an outsourcing deal.

The means of this alternative has been articulated, and demonstrated, by the open source computing movement that the coalition government courted while it sought power and since abandoned for wholesale privatization.

It is in the 'lean' process philosophy espoused now, too late, by the unions: the authorised organisational theory by which empowerment is meant to happen.

<Yawn>

It is to be found here and there in this world in which power is being distributed over networks. The internet is both the means and the metaphor for the effect it is having on organisations. The internet's technical philosophy is that the network is dumb and all the intelligence resides at the nodes on the end of each line attached to it. It's greater strength comes from the sum of its innumerable lesser parts.

The organisational metaphor is of a well educated, skilled, empowered workforce, collaborating with functional peers across the entire public sector, all mucking in to ensure the whole adapts intelligently to changing circumstances: the sort of union body that might have come about had the workers' movement been embraced and not crushed by government and management in the 1980s.

La la land

The tragedy is that the public sector had the means to do this. If you take everyone in HR, for example - in health, education, police, local government and so on - empower them with embedded techies, perhaps trained up from IT teams already operating within, and get them to collaborate on the production of open source systems over which all participants have a say in the design and a part in the build, then it stands to reason, does it not, that the result will be an organisation that digitizes itself, and makes itself more resilient and integral in the process.

It is easy to imagine the result of such a venture in the terms of the lean, network, and open source tools we have today, and in terms of the complexity science that explains them as potent organic phenomena like the human brain: dense, networked nodes that make something far greater than the sum of their parts.

Barnet and Cornwall have already spent, according to an accumulation of official and unoffical sources, more than £17m on their plans to outsource their selves. What might they have achieved if they had spent this on skilling themselves up, and muscling up the network paths that form the skeleton of organisational and cross-organisation bodies?

Terra firma

On the other hand, what would you get if you just flog it all off and rent it back as a cheap-as-chips easyGov service: a flat-pack chipboard & corrugated-iron public sector, bodged together by some outsourcer that's run by accountants for the sake of a bourgeois pension fund and handful of latter-day aristocrats' opulent offshore bank accounts?

We will find out unless the sensible people of Barnet manage to convince a high court judge that what seems bleedin obvious might deserve a closer look before the whole of Britain's public life is run by private security guards and peevish penny pinchers who carry tablet computers instead of clipboards and have a penchant for penalising people who don't conform with the way the offshore computer deems they should be.

That is what Barnet and Cornwall deemed the way to go: the easy way laid out for them by the outsource sales bods at BT and Capita. And if the judges concede with the appeals, what then?

Barnet union Unison dont know nuffink abiairt wot Barnet ciairnsul is doin wiv iss IT, wot iss aiartsoouwcin ter Capi'ah in a deal wuss guouner cost nearly four undred milwion quid.

But that dont ma'ah couz no-one knows nuffink abiairt it. Compoo'er Weekly spoke ter loadsa people an no-one knew nuffink abiairt no IT.

IT is supposed ter be wot is alliarin Barnet ter do iss aiartsoouwce inner first place. Iss got this plan ter sack evryone an replace em wiv bleedin compoo'ers, aint it?

Capi'ah, woss the company woss gettinner contract ter sack evryone, is guouner throw aiart all Barnet's compoo'er systems, wot iss already spent milwions on, annen iss guouner run Barnet wiv iss own compoo'ers from bleedin Belfast or sumink.

Compoo'er Weekly already fiairnd aiart aiar officers doin Barnet's aiartsoouwce wiv Capi'ah dont know nuffink abiairt no IT. So niair wees fiairnd aiart aiar the union wot opposes em don't know nuffink abairt it neiver.

John Burgess, oose like the union bloke diairn Barnet, goes ter Compoo'er Weekly: "I dont know nuffink abiairt it."

But ee says though: Ee says, "I can ava word wiv the bloke wot does the IT diairn aiar office though," ee says. "Couz ee used ter fix compoo'ers riairnd the ciairnsul," ee says.

"But then ee got fed up wivem. Couz they wiairnd im up, couz they wouza buncha prats or sumink. But ee might still know someone oo knows sumink."

Ter be fair though, Unison reckons it don't know nuffink cos the bleedin ciairnsul wont tell em nuffink.

But thass no wunder couz evenner ciairnslers at the bleedin ciairnsul don't know nuffink abiairt it.

Youre aviner larf, intcha?

So whennay approved the aiartsoouwce last week, they made thiss right song n dance abiairt aiar they wouz approvin some offishal document or sumink, right, but the bleedin document didnt say nuffink abiairt no IT neiver, did it? Annat wouz supposed ter be ther impoouwtant bit, couz it wouz the IT wot wouz guouner allaiarem ter sack evryone inner first place!

So you gotter ask, intcha? You gotter ask. Aiar come the ciairnsul an evryfin, right? Well aiar come the ciairnsul - if it dont know nuffink abiairt no IT - aiar come it can say, right, wot it says? You know like when it says aiar the best fing wot it can do is get Capi'ah ter sack evryone annat? Annen it says iss guouner run Barnet onnese compoo'ers in bleedin Belfast - bleedin Belfast, right. Well aiar come it can say that when it aint got no-one oo knows nuffink abiairt bleedin compoo'ers?

Well I'll tell yer. Couz that bloke Burgess reckons Barnet spent nearly fifteen milwion piairnds on consul'unts fer thiss One Barnet fing.

An you can imagine wot the consul'unts says, cuountcha? They prolly goes sumink like, well youv got all these ponsy twats workin at the ciairnsul these days, intcha? All universi'y educated, int they? An none of em can afford ter live in fackin Liainden no more. So theyre gettiner bit antsy, finkin they should ava say in aiar fings is run.

Anney wont put up wiv no crap Capi'ah call centa job or nuffink, where youz suprluss ter requirements if you fink fer yerself - not less you catchem young enuff, so you can train em not ter fink feremselves before they start finkin feremselves, so they dont know wot theyre missin, an you juss avem lined up like bleedin cattle chewn onniair fones like they wouz clumps of grass, right?

So the consul'unts says, sod all this, right. They says, get our mates at Capi'ah ter sack evryone, annen we can move all their jobs ter bleedin Belfast. But thass alwight couz at ll stop evryone in Belfast from killin each uvver, because crap jobs is better than no jobs, an we get ter sell off the ciairnsul at the same time, dunt we? Which is cushty, innit?

Leave it aiart!

It's like wot they call social conservatism, intit? Spread the crap jobs abiairt n keep the wealth fer yerself.

Couwse, youv gotter turn good jobs inter crap jobs first, intcha? Barnet management ll be well appy abiairt that couz it means theyll av more money feremselves nniair bleedin fat cat salaries, wunt they?

But niair Burgess reckons evryones still up in arms abiairt the aiartsoouwce though. Ee might not ava clue wuss goin on. But ee still finks the ciairnsul shouldnt sack evryone. Ee says ee keeps sayin ter the ciairnsul, juss work wiv us, like, an we'll sort somefin aiart.

"I keeps sayin terem," ee goes. "I keeps sayin terem, 'Work wiv us, an we'll sort somefin aiart'."

He reckons ees been bangin on at the ciairnsul abiairt this Lean Process Reingineerin fing. Thass suouw'er like this workplace democracy fing, innit? Iss the latest cost-cuttin fad fing, aint it? Evryones at it, int they?

But ee says the ciairnsul dont wanner know abiairt it. They juss wanner sack evryone an juss sell evryfink off. So whenniair finished it ll juss be em inniair fat cat offices anner buncha prats in some bleedin call centa in bleedin Belfast pressin buttons an fobbin you off when you fone ter complain abiairt aiar crap evryfin is in Barnet.

But even if Barnet tells Capi'ah where ter stick it, youv still got this web bisniss, where the ciairnsul's tryin ter get evryone in Barnet usin some ponsy website insteada goin diairner ciairnsul offices whenney wanner complain abiairt aiar crap evryfin is. So you gotter sack people if you do that, intcha?

You wot?

Annen theres this Lean Process Reeingineerin fing aswell.

You gotter sack people if you do that. Couz the ole point wiv the Lean fing is that no-one's allowed ter dick abiairt no more. So you dont need as many people onner job. An so couz this Lean fing is this bottom up, self-organisin fing, it means evryone aser say on oo gets the sack. So like evryone aster sack their own mates, like evryone's a scab.

Annener fat cats are still oggin all the wages aswell. So you avter sack people so there's enuff money fer em. So iss not like theres enuf money ter pay people anyway. So you might as well let Capi'ah do it an save ther bovver, innit?

So if you ask Burgess abiairt this, ee says aiar ee dont know nuffink abiairt that niever.

"You wot?" ee goes. "You wot?"

So I says, though, finkin I was all clever annat, well if evryones usiner internet annat, an if compoo'ers mean you can like merge all the backoffices wiv HR annat, an all the rest of it aswell, then thass alwight then? An ee says, yeah.

Ah well then, I says. Youre guouner avter sack evryone then intcha?

Dont be stupid, ee says. You dont avter sack evryone, do yer? Like, is not like if we ad a choice weed move all the Barnet jobs ter bleedin Belfast, is it?

So I goes, finking I was all clever annat (couz I ad my eye on a wikid story, see: Barnet union bloke reckons you should sack evryone aswell, innit? So woss the diffrence if Capi'ah sacks em?).. so I says, aiar many people should you sack then?

But ee says ee dont know aiar many people the ciairnsul should sack.

Alwight annat, ee says, we do avter sack people. But we dont know aiar many people couz the bleedin ciairnsul wont tell us nuffink.

Well do yer or dontcha?

An anyway, ee goes, the ole idea wiv Lean wouz evryone mucks in an works aiart aiarter save money, dunt they? You dont avter move two undred jobs ter some bleedin call centa in bleedin Belfast. You juss work it aiart so fings work be'ah, duntcha?

So Burgess reckons iss be'ah not ter stickem in some call centa inner first place. Couz then you juss get a load of people oo dont know wot theyre talkin abiairt. Like you fone up the ciairnsul an say, wot newspapers av they got diairner Libry annat, nney say, 'I dont know couz I dont work at the Libry, do I?'. So thennay avter phone up the Libry an ask em, annennay avter fone you back. An thass why they call it a call centa. But it sorter defeats the object, dont it?

Burgess reckons you should juss avan extra person at the Libry oo knows wot theyre talkin abiairt. But thennay guouner close the Libry anyway, int they?

Get this though.

Apparently, Barnet's juss got anuvver ten milwion piairnds fer more consul'unts ter tell it aiar ter sack more people. That siairnds completely mental. Iss prolly a good fing that Burgess is abiairt then, couz is day job is in mental elf, innit?

Burgess migh'er come in andy last week wenner ciairnsul Cabinet wouz signin the offishal approval for the Capi'ah aiartsoouwce. Couz it went completely mental.

A loaduv is mates went diairner ciairnsul offices and wouz wavin an shou'in annat, an all these li'le grey-aiared old ladies and old biddies annat started avin a go, anner ciairnsul Cabinet run off inter some panic room or sumink. Anenney signed it off anyway. But they put on a good show though, didnney?

Blame computers for Barnet Council's plan to axe 70 per cent of backoffice jobs in an outsource deal with Capita.

Blame the internet. The council plans to automate backoffice services and have them delivered to people's web browsers and mobile phones. It won't need staff to serve citizens who serve themselves.

Blame also the executives who dreamed up this inherently stupid plan. That's not to say Barnet's executives are actually stupid. Nor is the idea of internet self-service.

But One Barnet, as it is called, is an inherently stupid plan, or a plan for inherent stupidity. It will render Barnet Borough stupid. And that is stupid.

That plan, to be approved by Barnet Council Cabinet this evening, is essentially a major transplant operation of immense folly. The council will rip out its beating heart - its back office of 515 staff - and flog it to Capita. Capita will replace it with a computer system, which it owns, and then run it from another part of the country.

IT-led but not led by IT

It is a plan in which Capita's computer system becomes the instrument of a radical, IT-led restructure of the council and its its relations with local people. Yet it is one that has never had an IT expert on the project board.

The project is led by commercial director Craig Cooper. He has ultimate responsibility for Barnet's IT department, but doesn't actually know very much about IT.

"He doesn't have huge knowledge of IT," says Barnet's press department. "What he knows is people and budgets."

Hence, Barnet is flogging Barnet's IT assets to Capita. The plan has been ticked off by Andrew Gee, the council's interim head of IT. His position is interim perhaps until his department has been flogged off.

This also explains why Barnet's transformation plan actually says very little about IT. It's a plan to manage people and budgets, in a time of austerity, by officers who know nothing but people and budgets. It involves getting rid of people, to cut budgets.

Crown jewels

Public computing is meanwhile undergoing an unprecedented revolution, where we are told projects like the Cabinet Office Government Digital Service have been flung together at a fraction of the time and cost, and with a fraction of the people it had taken to run the government's last website. The GDS project had been floated on the back of stories about outsource suppliers charging outrageous sums of money to make changes to websites they ran for public authorities.

At a time when cheap, powerful computing could newly empower public IT departments, giving public authorities a strong centre of gravity in a difficult time of change, councils like Barnet are ploughing ahead with blockhead outsources in the old vein.

Their lack of foresight and ambition is apparent from their published proposals: at best, soulless documents that don't do residents the justice even of an adequate justification.

The "Full Business Case" for Barnet's Capita outsource, which Council Cabinet is scheduled to vote on this evening, barely constitutes a proposal. It is more a cursory justification: template filled, boxes ticked, sign if off, bang it out, Cabinet approves, job done.

The council will save £70m by flogging its backoffice, apparently. Computer Weekly quizzed Barnet's press office about the numbers. How are they derived? It's all in the report, insisted a spokesman. But it is not. It's just the headline numbers, with some detail essential to persuade, and not sufficient to inform. It's a bit of a cut & paste job.

It lacks soul because it is a proposal to sell Barnet's soul. It lacks vision because it is a proposal to surrogate Barnet's vision.

Even commercially, the deal doesn't seem worth the trouble. The council expects to be saving nearly £9m-a-year by the end of Capita's 10-year contract term. It is bound to lose this piffling short term gain when it learns it's got nothing to sell next time round, and the heart and soul of public sector IT - the IT skills, the systems, the intelligence - is all owned by a handful of large suppliers who will rent it back only for an extortionate fee. The creative core of public computing and of public service will, at this time of its greatest potential, have been sold off to a firm with limited interest in Barnet's future.

The cards were stacked against Cornwall Council when councillors met on Monday to discuss their chief executive's proposal to sell key services to BT.

But Cornwall's head of ICT and three other directors presented back-of-the-envelope estimates that showed how they could still cut costs if they kept council services in public hands.

Council IT, call-centre and procurement departments could cut costs by £600,000 in a year - half the savings BT had promised it would give the council at the start of its contract, they said.

Councillor Andrew Wallis, who raised the public petition that halted the outsource last month, said the heads of department had shown how it could be viable for the council to go on running its own services - or at least that it should be given more time to show that if it went on running its own services, it might do it as cheaply as BT had promised to do.

It showed how the tables have been turned on Cornwall Council. Just two months ago BT and CSC were bidding in competition to acquire £800m of the council, and for a contract to rent it back to Cornwall at a fixed fee for 10 years.

Now the council is being asked to justify itself. And BT's bid is the criterion.

Cost criterion

Councillors must decide how they measure up in a vote on 11 December, just seven weeks after they ordered chief executive Kevin Lavery to consider alternatives to BT's proposal.

Never mind that BT's proposal included numbers that didn't add up - and was the only bid on the table after CSC pulled out. Never mind either the poor example of similar outsources like Somerset's.

The criterion is cost. And BT reckons it can cut the cost of Cornwall's council services by 20 per cent in a year. And then by 2.5 per cent every year for 10 years. Quality, it has promised, will improve. But its proposal offered no yardstick or target for that.

Council department heads said they could make half the cost cuts BT had forecast in the first year, without sacking staff, and after only a hurried audit.

They could cut a combined £600,000 in 2012-2013, said these lieutenants on Lavery's top team: David Picknett, Head of ICT, and the heads also of Cornwall's council call-centre and procurement departments.

The idea was that, given time, they might devise a long-term plan to win the prize promised by BT and other agents of backoffice computer automation: they would improve services even as they cut costs.

Mismatch

But the department heads may have been foolish to try and match BT's promise of cuts. It would indeed be misleading to compare the council's one-year plan to BT's long-term contract proposal.

As Royal Mail's 10-year, 2003 outsource with CSC demonstrated, outsource suppliers routinely front-load their cost-cutting at the start of a contract. This also starts them off with a massive deficit. They spend the next 10 years clawing their way to profitability.

Council and contractor set their outsource contract with an annual fee that incorporates the 20 per cent cut in costs from day one. If the outsourcer doesn't make all the cuts in year one it will never make a profit in year ten.

BT's promise that it would cut costs 20 per cent in year one is really a promise to make cuts so huge that they only balance out after 10 years.

Cornwall's hurried attempt to match this with an in-house plan that saw no further than the end of the year would not only be meaningless. It would be reckless.

What resources might the council axe hurriedly that might with some thought be more meaningfully deployed to serve local needs? What fruitful collaborations might different public authorities muster if the hearts of their executives were not set on privatisation?

Stacked

Lavery spent more than two years and £2m developing (pdf) the proposal for the BT outsource. Last month he asked Paul Masters, his executive assistant, to flesh out 14 alternative ideas to satisfy his opponents in the elected chamber.

Masters will have had to churn through two proposals every week to have his report finished in time for the council vote on 11 December.

Yet his terms of reference were biased mildly against anything but privatisation from the outset. Lavery relayed them in a letter to councillors a fortnight ago, in which he set out the alternatives he thought worthy of Masters' attention.

Of 14 brief proposals, all but the privatisation options were described with downside risks.

The idea that the council could go on running its own services - the "traditional" option - would depend on the council finding "significant" investment, said Lavery.

Another option was that Cornwall might merge its departments with other public authorities (what they call shared services). But this "would not be able to trade", Lavery warned, again implying a deficit. It was not actually true. But Lavery's disfavour was clear all the same.

Mutual

Employees might on the other hand form a mutual, he said. But they would "require support from external funders": "significant" support, is how it had been primed.

But the outlook was altogether more rosy if the council sold its services to a private company. The private company "would help them improve services". The joint venture would be able to "trade". It would "collaborate" with the council. They would act in "partnership".

Privatisation was inherently hopeful, by Lavery's reckoning. Everything else was inherently depressing and fraught with problems.

It all gave the impression that the council executive was treating the order it had received from its elected masters to look at alternatives as something of a formality.

Still, Lavery reassured councillors, Masters would use a tried and tested method of ensuring the options were "fairly assessed" against criteria.

Those criteria were abandoned on Monday, reported Councillor Jude Robinson, who had with Wallis and others written the resolution that suspended Lavery's privatisation. They had not been deemed fair.

Mutiny

Meanwhile, there was "no clamour from employees or managers to take over the services".

There wouldn't be, not without someone in the executive to champion the idea of in-house reform. Someone with a contemporary vision of cross-organisational public sector collaboration: the sort of networked organisational reforms being brought about by the computing and process technologies of today. Not the kind of reforms invested in the outsource business model 20 years ago.

Leaderless, such a clamour would be like a mutiny on a mid-Atlantic slave ship. The captain would fulfil his promise to steer them back to dry land alright: straight into the hands of the plantation owner waiting with his wad of cash.

While Cornwall's executive is hell bent on privatisation the Council's fate is decided. The elected chamber's opposition is like an awakening rushing upon an old sailor before he takes his final breath.

The council's head is set on a sell off and its heart is set on the past. It's easy pickings for a powerful company that knows where it is going and how it wants to get there.

See below for the most comprehensive list of mandatory open standards known to man: the software standards Portugal passed into law this week.

While the UK left punters wondering how it would enforce its own open standards mandate, in Portugal it is now illegal to do anything else. If you do business in Portugal - and some people do - and you do business in the public sector - and a lot of those who do, do - this is how you do it henceforward. If you don't the government will simply be unable to buy your software.

It took Portugal's administration a year to put the finishing touches to this list, following an extensive public consultation - about two to three years work in all. But when you get down to the nitty gritty, is it just a statement of the bleedin' obvious?

What difference does it ma-a-ake

ODF was the acronym on everyone's lips when Portugal published the list this week. The mandation of an open document standard might have wide repurcussions in a world where local authorities like Bristol have claimed they can't use anything but Microsoft because all their major business systems communicate using Microsoft's proprietary document format. The UK's coalition government has been harping on about this since before it came to power in 2010. It still hasn't simply mandated ODF.

Some of Portugal's other prescribed standards will also make a difference, insists Gustavo Homem, president of the Portuguese Open Source Business Association (ESOP).

"Email/groupware servers will have to offer SMTP, IMAP, CALDAV and LDAP, so you can't lock things up in a single brand "server + client" monolith," he says. "Public websites have to comply to HTML+CSS. There can be no excuses now for IE-only websites."

Portugal hopes also that its GIS standards will lead to raw GIS data becoming a common public currency.

Homem says it shows government is taking IT reform seriously. "This is incomparable to the situation 5 years ago," he says. Now the country only has to change the idiotic purchasing habits of an entire generation.

Oh-oh-oh

Even in the UK, where the open standards policy relies for its fate entirely on the strength of the Cabinet Office, there is hope from even the most wisened quarters that its a step that will be followed by other steps in the right direction.

"I'd like to put it down as a good start," says Gerry Gavigan, chairman of the Open Source Consortium, a UK trade body.

In Portugal, like the UK, government policy was said to have been derailed by intense lobbying from proprietary software vendors, led by Microsoft, whose cash cow is its hold over the standards of communication in public computing. That's why it took so long. Because the devil will find work for idle hands to do.

But that's just ODF. There are 30 standards in this list. They form the architectural blueprint for the future of public computing. That's the idea, anyway.

Data formats, including codes of characters, sound formats and images (still and moving), audio, graphic data

Standard	Description	Status	Deadline	Info
SQL	Structured Query Language	Obligatory	6 February 2013	http://www.w3schools.com/sql/default.asp
PNG	Portable Network Graphics	Recommended	n/a	http://www.w3.org/TR/PNG
SVG	Scalable Vector Graphics	Obligatory	6 February 2013	http://www.w3.org/TR/SVG
XML	Extensible Markup Language	Obligatory	6 February 2013	http://www.w3.org/TR/REC-xml/
XSLT 2.0	XSL Transformations	Obligatory	6 February 2013	http://www.w3.org/TR/xslt20/
XSD	XML Schema Definition	Obligatory	6 February 2013	http://www.w3.org/TR/xmlschema-0/ http://www.w3.org/TR/2004/REC-xmlschema-1-20041028/structures.html http://www.w3.org/TR/2004/REC-xmlschema-2-20041028/datatypes.html
XSL 1.1	Extensible Stylesheet Language	Obligatory	6 February 2013	http://www.w3.org/Style/XSL/
XMPP	Extensible Messaging and Presence Protocol	Obligatory	6 February 2013	http://xmpp.org/rfcs/rfc6120.html
UTF-8	8-bit Unicode Transformation Format	Obligatory	6 February 2013	http://tools.ietf.org/html/rfc3629

Document formats (structured and unstructured) and content management, including document management

Standard	Description	Status	Deadline	Info
ODF 1.1	Open Document Format v1.1 (Second Edition)	Obligatory	Citizen Docs: 6 February 2013 / Other docs: 1 July 2014	http://docs.oasis-open.org/office/v1.1/OS/OpenDocument-v1.1.pdf
PDF 1.7	Portable Document Format	Obligatory	6 February 2013	http://wwwimages.adobe.com/www.adobe.com/content/dam/Adobe/en/devnet/pdf/pdfs/PDF32000_2008.pdf
XML 1.0	Extensible Markup Language	Obligatory	6 February 2013	http://www.w3.org/TR/REC-xml/
HTML 4.01	Hypertext Markup Language	Obligatory	6 February 2013	http://www.w3.org/TR/html401/

Technologies web interface, including accessibility, ergonomics, compatibility and integration services

Standard	Description	Status	Deadline	Info
ATOM 1.0	Atom Syndication Format 1.0	Obligatory	6 February 2013	http://tools.ietf.org/html/rfc4287
CalDav	Calendaring Extensions to web DAV (CalDAV)	Obligatory	1 July 2014 2014	http://tools.ietf.org/html/rfc4791
CSS2.1	Cascading Style Sheets 2.1	Obligatory	6 February 2013	http://www.w3.org/TR/REC-CSS2
HTML 4.01	Hypertext Markup Language	Obligatory	6 February 2013	http://www.w3.org/TR/html401/
HTTP/1.1	Hypertext Transfer Protocol	Obligatory	6 February 2013	http://tools.ietf.org/html/rfc2616
HTTPS	Hypertext Transfer Protocol Secure	Obligatory	6 February 2013	http://tools.ietf.org/html/rfc2818
Javascript 1.5	Javascript 1.5	Recommended	n/a	Website
WCAG 2.0 -- nível «A»	Web Content Accessibility Guidelines 2.0 -- nível «A»	Obligatory	6 February 2013	http://www.w3.org/TR/WCAG20
WCAG 2.0 -- nível «AA»	Web Content Accessibility Guidelines 2.0 -- nível «AA»	Obligatory	6 February 2013	http://www.w3.org/TR/WCAG20
WCAG 2.0 -- nível «AA» ou «AAA»	Web Content Accessibility Guidelines 2.0 -- nível «AA» ou «AAA»	Recommended	n/a	http://www.w3.org/TR/WCAG20
WCAG 2.0 -- nível «AAA»	Web Content Accessibility Guidelines 2.0 -- nível «AAA»	Recommended	n/a	http://www.w3.org/TR/WCAG20
WebDAV	Web Distributed Authoring and Versioning Access Control Protocol	Recommended	n/a	http://tools.ietf.org/html/rfc3744
XML 1.0	Extensible Markup Language	Obligatory	6 February 2013	http://www.w3.org/TR/REC-xml/
XSL v1.1	XML stylesheet language XSL v1.1	Obligatory	6 February 2013	http://www.w3.org/TR/2006/REC-xsl11-20061205

Streaming protocols for transmission of sound and moving images in real time, including transportation and distribution of content and services point to point

Standard	Description	Status	Deadline	Info
RTSP	Real Time Streaming Protocol	Obligatory	6 February 2013	http://www.ietf.org/rfc/rfc2326.txt

Electronic mail protocols, including access to content and extensions, and instant messaging services

Standard	Description	Status	Deadline	Info
IMAP 4	Internet Message Access Protocol	Obligatory	6 February 2013	http://tools.ietf.org/html/rfc3501
MIME	RFC 2045, 2046, 2047 -- Multipurpose Internet Mail Extensions	Obligatory	6 February 2013	http://tools.ietf.org/html/
POP3	RFC 1939 -- Post Office Protocol	Obligatory	6 February 2013	http://www.ietf.org/rfc/rfc1939.txt
POP3S, IMAPS	RFC 2595 Using TLS with IMAP, POP3 and ACAP	Recommended	n/a	http://tools.ietf.org/html/rfc2595
SMTP	Simple Mail Transfer Protocol -- RFC 5321	Obligatory	6 February 2013	http://www.ietf.org/rfc/rfc2821.txt
SMTPS	RFC 3207 SMTP Service Extension for Secure SMTP over Transport Layer Security - http://www.ietf.org/rfc/rfc3207.txt	Recommended	n/a	http://www.ietf.org/rfc/rfc3207.txt

Geographic information systems, including cartography, digital cadastre, surveying and modeling

Standard	Description	Status	Deadline	Info
WCS	Web Coverage Service	Obligatory	6 February 2013	http://www.opengeos-patial.org/standards/wcs
WFS	Web Feature Service	Obligatory	6 February 2013	http://www.opengeospatial.org/standards/wfs
WMS	Web Map Service	Obligatory	6 February 2013	http://www.opengeospatial.org/standards/wms
WPS	Web Processing Service	Obligatory	6 February 2013	http://www.opengeospatial.org/standards/wps

Technical specifications and communication protocols in computer networks

Standard	Description	Status	Deadline	Info
IPV6	Internet Protocol, Version 6 (IPv6)	Recommended	n/a	http://tools.ietf.org/html/rfc2460

Technical specifications of security for networks, services, applications and documents

Standard	Description	Status	Deadline	Info
TLS 1.0	Transport Layer Security	Obligatory	1 January 2014	http://tools.ietf.org/html/rfc2246

Technical specifications and integration protocols, data exchange and process orchestration inter-agency business integration

Standard	Description	Status	Deadline	Info
BPMN 2.0	Business Process Model and Notation	Recommended	n/a	http://www.omg.org/spec/BPMN/2.0
HTTP/1.1	Hypertext Transfer Protocol	Obligatory	6 February 2013	http://tools.ietf.org/html/rfc2616
HTTPS	Hypertext Transfer Protocol Secure	Obligatory	6 February 2013	http://tools.ietf.org/html/rfc2818
LDAP	Lightweight Directory Access Protocol	Obligatory	6 February 2013	http://www.ietf.org/rfc/rfc1777.txt
SAML 2.0	Security Assertion Markup Language 2.0	Obligatory	6 February 2013	http://docs.oasis-open.org/security/saml/v2.0/
SOAP 1.1	Simple Object Access Protocol 1.1	Obligatory	6 February 2013	http://www.w3.org/TR/2000/NOTE-SOAP-20000508/
WS-Addressing 1.0	Web Services Addressing	Obligatory	6 February 2013	http://www.w3.org/TR/ws-addr-core/
WS-RM 1.1	WS-Reliable Messaging 1.1	Recommended	n/a	http://docs.oasis-open.org/ws-rx/wsrm/200702/wsrm-1.1-spec-os-01.pdf
WS-Security 1.2	Web Services Security 1.2	Recommended	n/a	http://docs.oasis-open.org/ws-sx/ws-security-policy/v1.2/ws-securitypolicy.html
WS-Security Username Token Profile 1.0	WS-Security Username Token Profile 1.0	Recommended	n/a	http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf