Tony Collins's IT Projects Blog

Four IT project certainties - whatever the government

2009-11-20T13:58:00Z

The Taxpayers' Alliance claims that IT projects have contributed about £11bn to a total overspend of £19bn on government projects.

Will it be any different under the Tories?

One answer is that there are at least four certainties in the life of any UK or US government:

1) Over-optimism

2) A willingness to believe inspirational thought-leaders in the private sector who say that, yes, complexity in government can be simplified with technology (as opposed to changing the way things are done)

3) An insistence by ruling politicians and senior civil servants that what seems to be an IT-based disaster is, in fact, a success

4) What can be covered up will be

]]>

In short nothing is likely to change under the Tories.

[There will also be countless project successes but they will probably be smaller scale and overshadowed by lumbering giants which will, by force of Nature, head towards cliff edges].

PS: Privacyint has tweeted an important 5th:

- Dismiss their critics as luddites.

Links:

More than half of £19bn overspend on government projects due to IT projects - ComputerWeekly.com

IT projects among the Government's worst failures - Information Age

Out of control: how the government overspends on capital projects - Taxpayers' Alliance

18 truths: the long fail of complexity - Michael Krigsman

IT and its role in project failures - Arun Gupta

Reflections on project failure - Peter Salmon

A recipe for ERP failure

Simple architectures for complex enterprises - Roger Sessions

Comments of patient "victims" of smartcard security breach

2009-11-17T08:00:00Z

Patients who received a letter from NHS Hull saying that their medical records had been viewed without authorisation by a former employees have left comments on their local news media's websites.

Some of them say in effect: so what?

"So many other patients' had their records accessed, including me, but you don't see us crying to the Hull Daily Fail," said one. ]]> Others are angry.

Foster carer Angela Daddy, 47, of west Hull, said:

"It makes you think what information on me can be viewed, and by whom. NHS Hull has told me nothing was printed off or changed, but the employee could easily have written down details...I'm a foster carer so confidentiality is particularly important to me. NHS Hull must have known about this a long time ago and I think it's appalling it's taken this long to inform people."

Dawn Murray in Hull said:

"I am also one of those patients who have had their personal medical records viewed and find it distressing... I ask, why would someone want to look at personnel records when in their position of trust. Confidentiality towards others must be one of the most important parts to their job ..."

A nurse said:

"The crooked employee had access to data so it could be collated for work purposes. This person used their access to get into individual records which is quite clearly against the rules. That person, an employee of the Trust at the time when the records were accessed, broke their confidentiality undertaking. That is gross misconduct, and normally results in summary dismissal. You can't blame the Trust for malicious and/or criminal acts performed by individuals."

A patient said:

"The person who accessed the records had access ...as he worked for the IT dept within the NHS.... Around 90% of the patients affected will be genuine access for NHS purposes, not on this person's own accord. I myself have been affected by this and [I'm] aware the person did more than access my records but I do not fault NHS Hull for what has happened. They have handled the case very well and effectively. It has not taken over a year to come to light, as the person involved was only discovered in early months of this year."

Another comment:

"How did this person gain access to the records if they were not permitted to do so? Sounds as if NHS Hull is partly to blame for this little fiasco. The worrying thing about it though is this person's motive. Medical information really isn't that interesting, so I wonder if they were planning to sell people's information to someone for profit?"

Links:

thisishullandeastriding.co.uk

Police probe breach of NHS smartcard security as e-records launched in London - ComputerWeekly.com

NPfIT politics and the NHS smartcard security breach

2009-11-16T16:53:01Z

It's interesting that NHS Hull promptly answered all my questions about the breach of smartcard security until I mentioned the use by the trust of NPfIT systems.

Then all went quiet.
]]> It may be worth noting that NHS Hull and Connecting for Health have worked closely on research aspects of the NPfIT for several years.

The former employee who is being investigated by police at Humberside had authorised access to anonymised medical e-records but not to identifiable individual files.

That he did access identifiable information anyway may be a reminder that the problem of making identifiable medical records wholly anonymous has yet to be cracked.

Managers in Hull say they are "appalled" that the former employee violated the confidentiality of records.

This is an example of NHS Hull's work with NHS Connecting for Health on the NPfIT Secondary Uses Service, which holds patient records in identifiable form. The trust has "evolved" an architecture for processing SUS data and has been working to support the data's pseudonymisation.

On the implementation of pseudonymisation, NHS Hull lists problems and issues as:

- Submission of anonymous/pseudo data

- Reconciling SUS/CDS [Commissioning Data Set] and SUS/PbR [Payment by Results] and SLAM

- Continued development of data warehouse

- Training in technology:

- SQL Server 2005 environment
- Database Security

TPP, the supplier of SystmOne, said in a newsletter that NHS Hull has a "long history with the National Programme for IT".

If officials are proud of this work on the NPfIT, why do they not wish to answer any questions now about it?

Perhaps it's because the breach at NHS Hull is a reminder to CfH that no system is 100% secure and that the bigger citizen databases get the harder it will be to stop knowledgeable insiders browsing them.

Links:

Anger after medical records are viewed without permission - hullandeastriding.co.uk

Police probe NHS Security - Centennial blog

Ex-NHS CIO is new head of BCS's Health Informatics Forum

2009-11-16T14:36:00Z

Matthew Swindells, who led a Whitehall review of NHS informatics, is the new head of the British Computer Society's Health Informatics Forum. He is managing director for health at consultancy Tribal and has been NHS chief information officer.

Dr Glyn Hayes had successfully chaired the BCS's Health Informatics Forum. He led a review on NHS IT for the Tories and more recently has sat on a medical advisory board set up by iSoft, one of the NPfIT suppliers. ]]> Swindells said: "This is a crucial time for informatics and the NHS as a whole. I am looking forward to being a proactive ambassador for all branches of health informatics and BCS HIF; promoting its activities and building confidence in the ability of informatics to contribute to improving our health system."

Swindells was formerly head of IT at Guy's and St Thomas' hospital and chief executive at the Royal Surrey County Hospital.

Another leading figure in NHS IT and the NPfIT quits - IT Projects blog

Police probe breach in NHS smartcard security - ComputerWeekly.com

Compare and Contrast - the Arch blog

Police investigate NHS smartcard security breach as SCR launches in London

2009-11-16T09:39:00Z

[Summary of article on ComputerWeekly.com homepage]:

An NHS trust at the forefront of work on the £12.7bn NHS IT scheme has called in police after a breach of smartcard security compromised the confidentiality of hundreds of electronic records.

Patients in Hull have expressed their dismay that an unauthorised NHS employee has accessed their confidential records; and the local primary care trust, NHS Hull, says it is "shocked" at the breach of security by a member of staff who has since left.

Details of the breach emerged as health officials in London were, in an unrelated event, telling journalists about the start of a roll-out of electronic records across London, as part of the National Programme for IT [NPfIT].
]]> NHS Hull has refused to say which system the culprit was using but it was known that the employee used a smartcard to log in and gain access to the records. The person was authorised to view anonymised data but not identifiable information.

The employee has since left. NHS Hull is working with NHS Connecting for Health on pseudonymising information for the Secondary Uses Service database. The trust has also installed the TPP SystmOne system to share electronic patient records.

A spokeswoman for the trust declined to how an employee with a smartcard was able to access information which was beyond the person's level of authorisation.

**

NHS Hull announcement of security breach

13 November 2009

Unauthorised access to patient records in Hull

NHS Hull can confirm that a former employee has been found to have accessed a number of patient records without authorisation.

The former employee was found to have inappropriately accessed electronic medical records between May 2008 and June 2009.

The individual concerned was authorised to use collated and anonymised patient data during the course of their day-to-day work but was not permitted to access individual patient records.

A total of 358 patients across 20 GP practices have been affected by this. All patients involved have been notified in writing and given a point of contact for more information and support. All of the affected GP practices have also been informed.

Today, health managers have expressed just how appalled they are with their former employee's actions.

Kath Tanfield, Director of Performance, Governance & Informatics for NHS Hull says:

"We take patient confidentiality very seriously and are disturbed to find that patient confidentiality rules have been breached in such a manner.

"It is shocking to us that an individual who takes on a public service role and who agrees to abide by strict confidentiality agreements should go on to abuse their position and violate patients' rights to privacy.

"Patients and the public rightly expect all health service employees to protect and respect their personal information. They have every right to be outraged by this individual's actions, and as the organisation who employed this person, we too feel appalled and let down by their behaviour."

NHS Hull has conducted its own review and is cooperating fully with the police investigation which is now underway.

Links:

Full article on CompterWeekly.com

Password sharing hinders probe into serious blunder - IT Projects blog

Are e-prescriptions more important than SCR? - IT Projects blog

Nothing like deadlines to make things happen - project management and recruitment

The problem with the NPfIT is the "NP" bit - the Yorkshire Ranter

NPfIT minister reveals Lorenzo costs and payments to BT and CSC

2009-11-12T17:12:00Z

Mike O'Brien, the minister in charge of the NPfIT NHS IT scheme, has replied to questions put by Conservative MP Richard Bacon who sits on the Public Accounts Committee. These are his questions and O'Brien's answers:

]]>

NHS: Computer Software

Mr. Bacon: To ask the Secretary of State for Health how much local service providers have been paid for the (a) set-up costs and (b) running costs of each of the Lorenzo systems deployed in NHS trusts; and what his latest estimate is of the average cost per site of deploying the Lorenzo software system. [299006]

Mr. Mike O'Brien: The average agreed deployment charge per site for full deployment of all bundles of service of the Lorenzo software system, when complete, is £6.468 million. The total of payments made to the local service provider, to 30 September 2009, for deployment (set-up) activity to date for Lorenzo products is £434,400. In the same period, service charge (running cost) payments have totalled £27,117.

Mr. Bacon: To ask the Secretary of State for Health what his most recent estimate is of the highest number of live concurrent users of the Lorenzo software system at NHS Bury (a) at any one time and (b) on any one day. [299192]

Mr. Mike O'Brien: As at 9 November 2009, the highest number of live concurrent users logged into the Lorenzo software system at the NHS Bury Primary Care Trust (PCT) at any one time is 93. This occurred on the day the PCT went live with the system, on 3 November 2009.

NHS: Information and Communications Technology

Mr. Bacon: To ask the Secretary of State for Health what the projected lifetime costs are in respect of each contractor under the National Programme for IT in the NHS; and how much each such contractor had been paid on the latest date for which figures are available. [299189]

Mr. Mike O'Brien: Relevant information is contained in the following table.

National programme for IT by key elements: Projected lifetime costs and expenditure to 31 March 2009
£ million
Core contracts	Projected lifetime costs^{( 1)}	Expenditure to 31 March 2009^{( 1)}
London	1,021	326
South	1,104	133
North East	1,035	276
East	930	237
North West and West Midlands	1,042	271
Spine	889	791
N3 Network	554	554
Choose and Book	144	133
Amount retained by Accenture⁽²⁾	110	-52
Notes: 1. Figures in the two columns are not directly comparable. The projected lifetime costs are shown at 2004-05 prices, and final outturn will be higher due to inflation in subsequent years. Those for expenditure to 31 March 2009 are resource outturn figures. 2. In 2006, Accenture made arrangements to voluntarily novate the company's contract to another existing supplier under the programme. Of the £179 million Accenture had received to that point the company retained £110 million for work completed. £52 million represents the value, for accounting purposes, of moneys repaid as at 31 March 2009.

What MPs said about State IT projects in 1984

2009-11-12T08:40:19Z

The collective memory of some departments is short. Few keep records of IT failures that pre-date the general election of 1997.

So officials at the Department for Work and Pensions say they cannot recollect the aborted "Camelot" system in the 1970s to computerise welfare benefits, or its successor, the £2.6bn "Operational Strategy" in the 1980s, which was set up to give people information on all their entitlements "at the touch of a button". Opstrat, as it was called, cost three times the original estimate and the DWP has yet to integrate its welfare benefit systems.

Indeed the Department is working on its "third attempt" at integrating welfare IT systems, said the National Audit Office in a report earlier this year.

Below are excerpts from a report of the Committee of Public Accounts, 21 June 1984.

The fact that the PAC published the report 25 years ago, and has been saying much the same thing in numerous reports on IT-based change projects ever since, suggests to me that the assumption of a happy ending and a concomitant underestimation of complexity, potential problems, costs and risks is congenital to large IT projects within central government.
]]> The 1984 PAC report was deftly entitled: "Management and Control of the development of Administrative Computing in Government Departments".

It said:

"In February 1984 the C&AG [Comptroller and Auditor General - head of the National Audit Office] reported the results of a National Audit Office examination of a selection of computer projects in four departments which had encountered serious difficulties ... the C&AG identified a number of common weaknesses and concluded that across government departments as a whole much more needed to be done to improve:

strategic planning
project management
system design and development"

There was a need for "early warning of delays and difficulties" so that timely action could be taken.

These were the things that brought down the £513m C-Nomis project for prisons, and the IT £350m IT project which supported the Rural Payments Agency's Single Payments Scheme.

On those projects there were indeed warnings - but not as a basis for timely action.

The 1984 PAC report had an innovative idea which, perhaps, was too innovative to be taken seriously and hasn't been adopted even today: moving talented IT staff between departments, to where they were most needed, and rewarding them accordingly .

The 1984 report also lamented a lack of departmental action on its previous findings (the very point made by the committee in its report last month on the C-Nomis project). Other excerpts, which are relevant today, from the 1984 PAC report:

- "We were surprised that over six years only eight of the 22 major computer-using departments had completed acceptable baseline plans for their computer development programmes..."

- "[Departments should] concentrate their existing resources on those projects which offer the highest benefits and, if need be, cancel or defer lower priority schemes."

- "We noted the dangers of general over-optimism about the benefits and timescales of computer projects." [my italics]

Links:

Something must be done to break the cycle of IT failure - The Times (opinion piece by me)

Are briefings to the minister on the NPfIT too optimistic? - IT Projects Blog

Anatomy of an IT disaster - IT Projects Blog

10 [US] corporate IT failures - Computerworld

Council to re-use old IT - a social inclusion exemplar

2009-11-11T12:50:41Z

A council has ended a contract for the disposal of its used computers and plans to make the machines available to local residents, particularly the disadvantaged.

Shouldn't all organisations/IT decision-makers be doing this?

All credit to Stephen Hilton who is leading Bristol City Council's social inclusion work. He gave details of the council's plans at a social inclusion panel at the G2010 government IT conference.

Full article on ComputerWeekly.com

500k fines for data protection breaches - but what about Govt breaches?

2009-11-11T12:44:00Z

The Ministry of Justice has begun a consultation on giving the Information Commissioner's Office the power to levy penalties of up to £500,000 for the most serious breaches of the Data Protection Act.

The most serious breaches are made by government departments and agencies. So are there provisions for deterrent sanctions against them for serious breaches? Nope.

Consultation papers - Ministry of Justice website

500k fines for data protection breaches? - ComputerWeekly.com

Missing HMRC CDs - what went wrong and lessons for NPfIT and ID Cards - IT Projects Blog

The NPfIT and Cézanne compared

2009-11-10T11:53:00Z

Malcolm Gladwell, author of The Tipping Point, sees similarities between the malfunctioning NPfIT and the exploratory brushstrokes of Cézanne, the French painter whose works grew out of a slow process of refinement, trial and error.

The comparison is, perhaps, the greatest success of the NPfIT.

It may be worth noting that, at one point in his career, Cézanne, because of a shortage of models, was forced to design from his imagination.

Links:

Malcolm Gladwell: why the NHS computer programme is like Paul Cezanne - The Times

The problem with the NPfIT is the "NP" bit - Yorkshire ranter

IT procurements in the south set for January - Techmarketview

iSoft says Bury Lorenzo go-live takes healthcare to "new level"

2009-11-05T08:50:00Z

iSoft has announced in Australia -where it's based - that its latest version of Lorenzo, as installed at NHS Bury, "takes the efficient provision of healthcare in England to a new level".

The go-live more than doubles the number of Lorenzo users in England. NHS Bury and iSoft say that the go-live supports "almost" 600 users.

Version RC 1.9 is the first patient administration system under the Lorenzo banner.

Below is iSoft's announcement - which three times mentions the supplier's support for CSC, the NPfIT local service provider for England except the south.

It's conceivable that there is a little tension between CSC and iSoft and over iSoft's decision to sell Lorenzo directly to trusts in the south. Elsewhere in England, Lorenzo is sold through CSC. ]]> iSoft's announcement:

"NHS Bury Primary Care Trust Goes Live With iSOFT Group Limited Lorenzo RC 1.9

"Australia's largest listed health information technology company today announced the implementation of the latest version of its Lorenzo electronic patient record solution at NHS Bury Primary Care Trust (PCT) in Lancashire.

"NHS Bury went live on 3 November with iSOFT's Lorenzo Regional Care 1.9. The Trust, through Local Service Provider CSC, is using Lorenzo Regional Care 1.9 for referral and caseload management as well as inpatient and outpatient functionality, supporting almost 600 community-based clinical and administrative users working across two wards and 1,200 clinics. The Trust has plans to introduce clinical functionality in the coming months by using assessment functionality for orthopaedics and dietetics.

"Gary Cohen, iSOFT's Executive Chairman & CEO, says the company is committed to helping Trusts meet the IT goals set forward by the Department of Health Informatics Directorate and will remain diligent in ensuring they successful manage migrations from existing systems to Lorenzo.

"Bury PCT demonstrates a significant step forward for Lorenzo's strategic role within the National Programme for IT.

"The implementation teams have shown tenacity and determination to deliver a successful go-live and we are looking forward to further go-lives with this Trust, and a number of others, in the near future," he said.

"Adrian Stevens, Managing Director of iSOFT's UK and Ireland business, says the company remains committed to actively working with partner CSC on the delivery of Lorenzo Regional Care under the North, Midlands and East Programme for IT.

"The Bury Trust go-live is a particularly important achievement, both for iSOFT as well the National Programme, because this latest version of Lorenzo takes the efficient provision of healthcare in England to a new level. We will be closely monitoring the deployment at Bury over the coming weeks to ensure the system works well as staff continue to use this on a daily basis.

"We look forward to working with CSC and the NHS as we progress with this and further successful deployments. Looking beyond the success at Bury, iSOFT continues to actively support both CSC and NHS Connecting for Health in achieving the goals of the NPfIT and core IT strategy by continuing to deliver Lorenzo to the contracted regions in England," he said.

Links:

NPfIT executives will stand by Lorenzo - IT Projects Blog

ASCC procurements for the south - E-Health Insider

Biggest IT industry failures?

2009-11-04T12:36:00Z

... according to Jack Wallen of TechRepublic. [I don't agree with all of them - there were 119 comments on the article at last count

Windows Vista
NeXT
BeOS
Cobalt Qube
Y2K
MP3
Richard Stallman
WordPerfect
IPv6
Mesh networks

Full article

Anatomy of an IT disaster

2009-11-04T09:58:00Z

Below are key parts of today's Public Accounts Committee report on the C-Nomis report. Much the same could be said of other big IT-based change programmes such as the NPfIT.

Some will say plus ça change but some IT disasters are exposing near anarchy, and potentially worse, in some corners of government administration.

How not to develop a project

"We have taken evidence on cases of poor decision taking and weak project management on many occasions. The same lessons have still not been learnt, making the management by the National Offender Management Service (NOMS) of C-Nomis a prime example of how not to develop a project."

Beware US software which needs much rework for the UK

"From the outset those responsible failed to identify the modifications required to the
software to meet NOMS' needs. The Home Office assessed it as broadly meeting the needs of the prison service, but as a North American product the software needed to be adapted for UK legislation.

"In respect of probation, there was a serious failure to understand the magnitude and cost of the changes which would be needed, even though the Home Office recognised at the start that the software met only 29% of the needs of the Probation Service. The estimated cost of developing the C-NOMIS application rose from £99m in 2005 to £254m by July 2007 due to customisation."

Did senior civil service managers bend the truth?

"The programme team running C-NOMIS reported that the programme was delivering on time and to budget, when it was not."

"In May 2005, as part of the C-NOMIS project approval process, the Home Office's
Programme and Project Management Support Unit certified the C-NOMIS project as not suffering from the eight common causes of project failure. Subsequent analysis of the underlying causes of the costs increases and delay by the National Audit Office indicated that C-NOMIS suffered from four of the eight common causes of project failure in full and three in part."

Over-optimism and the culture of good news

"Planning for the C-NOMIS project was unrealistic, in part because of an over
optimistic 'good news' culture which was not challenged with sufficient rigour by
senior management with in-depth knowledge of the business."

"The first Senior Responsible Owner and other senior people involved with C-NOMIS demonstrated a remarkable lack of insight and rigour, coupled with naivety and over-optimism."

]]> Contracts without competitive tenders - an open door to potential corruption?

"Contracts were agreed with suppliers without testing the market through a competitive tendering process, and the contracts themselves were weak." [changes went undocumented and tens of millions of pounds cannot be accounted for]

Advice on managing projects exists - but was ignored

"To avoid repeating the mistakes of the past, Departments must use existing guidance."

Soaring costs

"The original cost estimate rose from £234 million in 2005 to £690 million in July 2007. NOMS [National Offender Management Service] agreed that, with hindsight, there had been a gross underestimate of costs and that the original cost estimates were badly prepared... The NOMIS programme was revised and scaled back to three offender databases for £513m, for delivery by 2011."

Without financial management where did this leave EDS, one of the main suppliers?

"Financial management was almost non-existent. The project did not have a dedicated
financial team until 2007 and no-one was actively monitoring the budget.

"As a result, NOMS cannot provide the detail to say what the £161m used to October 2007 was spent on, although can say in broad terms that EDS was paid £87m and the remainder went on a combination of payments to other suppliers and NOMS costs."

5 years after launch systems are still not in place

"In 2003, Lord Carter's Correctional Services Review recommended bringing together prisons and probation services and introducing 'end-to-end offender management'. This change was designed to improve the supervision of individual offenders throughout their sentence by a single offender manager ...The National Offender Management Service, initially part of the Home Office and since May 2007, part of the Ministry of Justice, was created in June 2004 to bring this about.

"Some five years later, the information systems required to support offender management are still not in place."

Nobody accountable

"The individuals who took the key decisions on C-NOMIS and were responsible for its monitoring and oversight have all retired or moved on, and no-one has been held to account for the estimated £41 million wasted due to delays and cost overruns."

Complexity underestimated

"The original concept was ambitious but still technically feasible. Problems at every level, however, led to an out of control programme which eventually NOMS could no longer afford. NOMS significantly underestimated the technical complexity of the project."

Standardize and simplify business processes - not mirror existing inefficiencies with new IT

"Rather than invest time and resources to develop and standardise the new ways of operating across its business areas, NOMS sought an IT system to unify the business and achieve end-to-end offender management.

"There was no sustained effort by NOMS to simplify and standardise its business processes reflecting management's misplaced confidence in C-NOMIS, their unrealistic expectations of what could be achieved by an IT solution and their underestimation of the time and costs to deliver it."

"NOMS should have thought through its business processes and introduced new,
standardised ways of working in conjunction with new IT support systems to
deliver end to end offender management."

"[There is a need to] standardise ways of working to avoid excessive customisation."

Bad news didn't reach top management

"Costs and progress were not monitored or reported for the first 3 years after the inception of C-NOMIS ... The Project Board, the NOMS Board, the Home Office senior management and Ministers were all unaware of the true cost and progress before May 2007."

Senior Responsible Owner didn't have time or experience

"[The] Home Office's senior management at the time was wrong to appoint somebody
as Senior Responsible Owner who did not have the skills or relevant experience, without also providing support and allowing the post holder time to carry out their responsibilities."

Two teams thought each other was watching spending

"The vacuum of leadership within NOMS contributed to confusion and created challenges for suppliers and the project team. The roles and responsibilities of the project team, the Offender Information Services (OIS) and NOMS business areas were unclear.

"For example, the part of NOMS responsible for administering the funding, the OIS, and the project team each thought the other was monitoring expenditure. The Project Board, chaired by the Senior Responsible Owner, was too large to be effective and had little contact with the project team.

"It did not actively manage delivery and it did not discuss programme finance until April 2007, almost 3 years after the start of the C-NOMIS pilot phase."

Senior managers remain positive - and talks with EDS and other suppliers over costs of the revised C-Nomis continue

"NOMS has assured us that it has implemented the changes needed to deliver the revised NOMIS programme by 2011. However, there are significant challenges yet to address including further contract negotiations with suppliers ..."

Deeply depressing repetition of mistakes

"It is deeply depressing that after numerous highly critical PAC reports on IT projects in recent years, the same mistakes have occurred once again."

Do departments have a minimum standard of competence?

"We question the purpose of our hard work if Whitehall accepts all our recommendations but still cannot ensure a minimum standard of competence."

Too much power in too few hands

"Too much rested on the performance of a few key individuals to deliver success."

Gateway review warning all but ignored

"NOMS did not respond with sufficient vigour to the Gateway review in 2006 that
raised serious concerns about the delivery of the project."

The main original objective won't be met

"Despite the intentions, there will not be an integrated information system
providing a single offender record that will be accessible by all service providers
who come into contact with an offender."

Is Ministry of Justice still being over-optimistic?

"NOMS has promised substantial progress with the NOMIS programme ..."

Out of control and unaffordable

"The original concept was ambitious but still technically feasible. Problems at every level, however, led to an out of control programme which eventually NOMS could no longer afford."

Planning done on the back of an envelope?

"Prison and probation information requirements were quite different and each of the 42 probation areas had different ways of working. End-to-end offender management was little more than a concept, and what it meant in practice and the IT needed to support it had not been worked through."

Ministers kept in the dark until 2007

"Although the NOMS Board failed to appreciate the full seriousness of the situation, it did instigate an investigation of the project's finances, which eventually led to the facts surfacing in 2007.

"Only then did the NOMS Board report the situation to ministers, recommending that a halt should be put on the whole of the programme and that the programme should be re-scoped."

"NOMS should not have been running a programme that had so little reporting to ministers or internally within the Department."

Treasury hadn't a clue until this year

"Problems with the NOMIS project were not brought to the attention of the Treasury
until February 2009."

Links:

A good news culture blighted C-Nomis say MPs - ComputerWeekly.com

Public Accounts Committee report on C-Nomis - Parliament's website

National Audit Office report on C-Nomis - March 2009

Failed £234m C-Nomis project - ministers kept in the dark - IT Projects Blog

Report: C-Nomis Prison IT system guilty of 'basic' project management failures - ComputerWeekly.com

What went wrong with C-Nomis - IT Projects blog

MPs condemn C-Nomis shambles - The Taxpayers' Alliance

Why is nobody accountable? - Kristan Smith

C-Nomis debacle - criminology, probation and stuff

NPfIT Lorenzo - £57,500 per user so far

2009-10-30T12:50:35Z

The NPfIT minister Mike O'Brien revealed in a Parliamentary reply yesterday that there are 174 regular users of the Lorenzo 1 system at five NHS trusts.

The Lorenzo system is supplied by services company CSC and software supplier iSoft under the National Programme for IT [NPfIT].

This number of users will increase when NHS Bury goes live with Lorenzo next month. But MPs are still likely to consider the number very low given the cost to taxpayers of the system.

Taking O'Brien's figure of 174 together with £2m as a conservative figure for the cost per site of installing the Lorenzo system, the cost per user of the system is about £57,000.

If you take the cost per concurrent user - 19 according to the minister - the cost per user rises to about £526,000.

It may also be worth bearing in mind that two of the five trusts have been live with Lorenzo for more than a year.

About £4bn in total has been spent centrally on the NPfIT and ministers have trumpeted the Care Records Service as the main aim of the programme.

Lorenzo is one of two main NPfIT Care Records Service products to be delivered to trusts in England, the other being Cerner's Millennium.

Lorenzo was due to have been delivered several years ago under the NPfIT. A typical NHS trust has about 1,000 to 5,000 users of its hospital administration system.

This is O'Brien's reply in full, based on a question by Conservative MP Richard Bacon, a member of the Public Accounts Committee:
]]> Richard Bacon MP: To ask the Secretary of State for Health (1) what his latest estimate is of the number of users of the Lorenzo software system at (a) Five Boroughs Partnership NHS Trust, (b) Bradford Teaching Hospitals NHS Foundation Trust, (c) University Hospitals of Morecambe Bay NHS Trust, (d) Hereford Hospitals Trust and (e) South Birmingham Primary Care Trust;

(2) what his latest estimate is of the highest number of live concurrent users of the Lorenzo software system across English NHS trusts (a) at any one time and (b) on any one day. [295790]

Mr. Mike O'Brien:

The numbers of regular users of Release 1 of the Lorenzo software system in the national health service bodies concerned are as follows:

Five Boroughs Partnership NHS Trust - 43
Bradford Teaching Hospitals NHS Foundation Trust - 12
University Hospitals of Morecambe Bay NHS Trust - 96
Hereford Hospitals NHS Trust - 7
South Birmingham Primary Care Trust -16

O'Brien added:

"These figures exclude other registered users who use the system only occasionally.

"The highest number of live concurrent users across English NHS trusts at any one time, to date, is 19.

"This occurred on 6 October 2009. The number of concurrent users of the system is lower than the aggregate number of regular users because clinicians spend the majority of their time working directly with patients.

"Time spent using the system is relatively short, and in most care settings, users will log in and log out of the system repeatedly throughout the day."

Links:

NPfIT Lorenzo - is the cost per user frightening? - IT Projects Blog

iSoft debuts Lorenzo - e-HealthNews

Use of iSoft grows at Hereford Hospitals - IT Projects Blog

NHS IT glitches force six-month wait

Minister renews faith in Lorenzo and Cerner - IT Projects Blog

Minister renews faith in Cerner and Lorenzo - but "challenges remain"

2009-10-29T11:27:00Z

Junior Treasury minister Sarah McCarthy-Fry, the Exchequer Secretary, has affirmed her Government's faith in iSoft's Lorenzo and the Cerner Millennium software, though she added that "challenges remain".

She was responding to MP Richard Bacon during a debate in the House of Commons on the work of the Public Accounts Committee. Bacon had expressed his concerns about the lateness of Lorenzo and the "havoc" caused by the Cerner systems at some hospitals.

]]>
McCarthy-Fry said: "We all acknowledge that the NHS IT project is hugely ambitious and that it is essential that we get it right. It is obvious to everybody that many challenges remain.

"We still believe that Cerner Millennium and Lorenzo will be able to support the NHS in the long term."

She expressed confidence in CSC, which is the local service provider to NHS trusts in England north of Oxford, but not quite as much overt confidence in BT, which is under contract to supply trusts in London and some in the south.

She said: "Local service providers have been set a deadline of the end of November to demonstrate significant progress in the acute sector.

"They will have to demonstrate that Lorenzo has been successfully deployed by Computer Sciences Corporation across a non-acute site and is on track to be deployed in an acute site by March 2010, and that there is a high degree of confidence in CSC's ability to deploy across the NME - north, midlands and east- area by January 2016.

"BT will have to have successfully deployed Cerner in an additional acute site, and there must be a high degree of confidence in its ability to deploy across London by October 2015...

"The Department of Health will provide a note on progress by the end of this year."

She said she would write in detail to Richard Bacon on the specific points he made about Cerner's Millennium and Lorenzo, and the value for money of the NPfIT.

Lorenzo - is the cost per user frightening? - IT Projects Blog

Health suppliers trafficking in patient data? - Health Care Renewal

iSoft to go directly to trusts in the south - Dominic Fallows