An executive who has IT responsibilities for several large hospitals has phoned to enthuse over the Private Eye special report on the National Programme for IT [NPfiT]. He described it as very well informed.
Not everyone connected with the NPfIT who reads the report will be quite so enthusiastic. Whatever your reaction to the report there is one thing in particular that should be mentioned.
In the Spring of 2002 when the NPfIT was announced by ministers either they or their officials deceived Parliament, taxpayers, and the NHS. This deception has never been explained by the Department of Health. Its lack of interest in the matter could give the impression that such deceptions are the norm.
This deception was significant because it involved a document that launched the world's largest civilian IT programme, and it also triggered a public consultation over the scheme.
There were two versions of the document. Both were called Delivering 21st Century IT Support for the NHS.
The published document had an risk-assessment appendix missing. It wasn't simply removed. It was carefully cut out. The remaining appendices were then renumbered and the text of the main document which referenced the excised appendix was altered.
Private Eye uses a wonderful word to describe the removal of the document's appendix. It says: "The original version of the document setting out the scheme, it later emerged, had received an appendectomy ..."
The expunged appendix headed "Project Profile Model" gave the national programme a risk score of 53 out of a possible 72. Anything over 40 was regarded as high risk. And nothing in the assessment scored the risk of end-users - doctors and nurses - not supporting the programme.
The removed appendix put the overall cost of the programme at £5bn - more than double the sum of £2.3bn which was the first publicly quoted figure for the cost of the programme.
The risk assessment also showed that the score of 53 did not adequately reflect the scale or complexity of the national programme. For example the Project Profile Model asked officials to score risk according to the number government end-users who would be affected by the programme. If more than 10,000 were affected there should be maximum score of six. In fact the national programme affects more than 500,000 NHS personnel.
A further section of the assessment asked for a scoring of the risks related to the impact of the programme on business processes. The maximum score was six. But the programme scored only four - although the changes in business processes necessitated by the programme are pervasive.
Another section allowed a maximum score of three points if bespoke software was to be used. This was scored at "zero" for the national programme - an assumption there would be no bespoke software. We now know that software being written for the programme involves thousands of people.
So the national programme appears to have been launched on the basis of an inadequate, inaccurate and downplayed risk assessment.
And none of this is of concern to any minister.
Spot the difference. The following passages show the differences between the main text of the unexpurgated version and the official version of the documents "Delivering 21st Century Support to the NHS".
5.1.2 The Office of Government Commerce has introduced a system of gateway reviews for major public sector projects. The first step is for the Senior Responsible Owner to use the Project Profile Model to determine the overall level of risk for a given project. An assessment of the Strategic Programme against the PMDU Project Guidance for ensuring successful delivery is in hand and Appendix 3 contains the completed project profile risk model for this programme. The score of 53 highlights both the scale and complexity of this programme, and the need for careful management. 5.1.3 As soon as possible after completion of this draft of the National Strategic Programme, it will be necessary to conduct a Gateway 0 study on the overall programme.
5.1.2 The Office of Government Commerce has introduced a system of gateway reviews for major public sector projects. The first step is for the Senior Responsible Owner to use the Project Profile Model to determine the overall level of risk for a given project. An assessment of the Strategic Programme against the PMDU Project Guidance for ensuring successful delivery has been undertaken. 5.1.3 As soon as possible after completion of this draft of the National Strategic Programme, it will be necessary to conduct a Gateway 0 study on the overall programme.