Summary: Only a week ago a deal aimed at rescuing the NHS’s National Programme for IT in the south of England seemed imminent… But at what one NHS official said was the “59th minute of the eleventh hour” Fujitsu informed Nicholson that it was withdrawing from the negotiations…All that the NHS had been relieved to negotiate in the contract re-set has evaporated… It will be of little comfort to the Department of Health and ministers that Computer Weekly warned them in 2002 and 2003 that the NPfIT was too ambitious to be achievable, and that the programme incorporated some of the biggest mistakes of the past. For this warning ministers and some parts of the media branded us doom-mongers.
We still hope our critics will prove us wrong. But it’s six years since the NPfIT was announced. How much longer do they need?
[Not the shortest of headlines]
Summary: The lead for Birmingham City Council’s IT-based transformation programme said of the unpaid invoices after go-live with a SAP-based financial system: “What has led to a larger backlog than we originally anticipated is a combination of all these factors. We probably anticipated every one of them but what we didn’t take into account was the cumulative effect.”
The lead for an IT transformation scheme at Europe’s largest local authority, Birmingham City Council, has expressed “regret” after the troubled go-live of a SAP-based system left a backlog of more than 18,000 unpaid invoices.
Summary: When advisers to ministers write replies to Parliamentary questions they have no legal duty to be candid. Within reason they can say what they like. So for them answering written Parliamentary questions may be no more challenging than playing tennis with the net down.
Indeed, when asked about the NHS’s National Programme for IT [NPfIT], ministerial advisers can use Parliamentary replies to make light of the concerns of clinicians and others. And this is what happened when Worthing MP Peter Bottomley put a question about Cerner sites to Ben Bradshaw, who’s the latest in a series of ministers to be put in charge of the NPfIT…
If ministers and officials continue to play down the problems of NPfIT implementations they’ll carry on alienating clinicians and other NHS staff whose support they need to make a success of the programme. Ministers and NHS Connecting for Health, which runs part of the NPfIT, do not need to put the programme in a zoo enclosure marked “Say kind things only – this enclosure is for the worried and nervous”.
Summary: The sharing of passwords on a hospital x-ray system at a hospital in Devon has made it difficult to identify which doctor wrongly verified the treatment of a patient who died after a blunder.
The case sheds light on the collision between the culture of the NHS – where the sharing of passwords is said to be common practice – and the high security needed when NHS staff and doctors access large databases of confidential patient information under the £12.7bn National Programme for IT [NPfIT]…
Officials at NHS Connecting for Health who help run the NPfIT have said that national systems are more secure than paper records, in part because audit trials show who has viewed what patient records…. But in the latest instance of password-sharing the audit trials caused some confusion because several clinicians were sharing the same passwords. The result is that investigators at Derriford Hospital in Plymouth in Devon have been unable to identify a doctor who was involved in the care of Muriel Elliott. She had a feeding tube wrongly inserted into her lung instead of her stomach and died 13 days later, in September last year.
Summary: Now that a memorandum of understanding between Fujitsu and the NHS has expired the two sides have reverted to the original contract – which both view as obsolete.
The timetables and products set out in the contract are seen as irrelevant, even obstructive, superseded by changes in the NHS… The boards of several NHS trusts were hoping that a contract “reset” would put right everything from a lack of clarity over information governance to data protection and financial matters…
Jim Easton, Chief Executive of NHS South Central, said that contract reset was key to the future success of the IT programme [my emphasis]
Summary: For those who’d rather not read the 250 pages of the latest Wanless report the following paragraphs are excerpts that relate directly or indirectly to the NHS’s National Programme for IT [NPfIT].
“… The well-documented problems and delays that have beset the NPfIT have the potential to undermine seriously the productivity gains envisaged by the 2002 review…
“ICT deliverables are critical to many future productivity and service enhancements. However, despite some positive developments, there have been serious criticisms about the implementation of the Connecting for Health programme. Connecting for Health should be subject to detailed external scrutiny and reporting so that forecasts of long-term costs and benefits can be made with more confidence. …
“There is as yet no convincing evidence that the benefits will outweigh the costs of this substantial investment.”
[My comment: There has been some detailed external scrutiny of the NPfIT by the National Audit Office. A report of the Public Accounts Committee, based on the NAO’s findings, is expected to be published early this year.]
Summary: The board of an NHS trust has learned of a “significant” risk of Fujitsu ending its £900m contract to supply and implement hospital systems across Southern England as part of the National Programme for IT [NPfIT].
The warning was issued to the board of the Royal United Hospital Bath which has waited nearly three years to go live with systems under the NHS’s National Programme for IT [NPfIT]
…The trust still has concerns about Cerner’s Millennium software. It has also also categorised as “significant” a risk of “further delays if Fujitsu ceases to be the local service provider for the South of England”. The trust’s staff are involved in the contract reset.
Summary: The practice of sending across the country unencrypted, CD-based files on millions of child benefit claimants could have continued indefinitely if the discs hadn’t gone missing, we have learned.
Seven months before the CDs went missing, HM Revenue and Customs had already established a practice of transferring onto CD, for despatch by post, insecure, though password-protected, files on millions of child benefit claimants…
The government is planning bigger databases – the NHS’s database of medical records is expected to hold details on 50 million people in England. The ID cards database will hold details on many more people. We are being told – and will be told repeatedly – that a major security breach cannot happen. The HMRC incident shows that government assurances about the security of citizen data may mean little or nothing in practice.
[This HMRC post was dated 2007 but was one of the most-read articles in 2008]
Summary: Barts and the London NHS trust ended up in “The Sun” newspaper yesterday [9 April 2008] after going live with a basic version of Cerner’s “Millennium” Care Records Service under the NHS’s London Programme for IT.
The newspaper claimed that “two top hospitals descended into chaos last night as a multimillion pound computer scheme crashed on launch day” . It said the system should hold all patient records and bookings of operations, but it “failed, forcing doctors at the Royal London and Barts hospitals in East London to write notes on slips of paper.”
The trust’s statement gave the impression of minor problems only, saying the “majority” of issues had been resolved within 24 hours. It apologised to patients for a “slight delay” while staff familiarised themselves with the systems.
[My comment: In fact serious problems at Barts have continued since this article in April 2008.]
Summary: The Department of Health has appointed Christine Connelly, a former chief information officer at Cadbury Schweppes, as the first CIO for Health, in a job expected to have a salary of at least £200,000. The NHS’s £12.7bn National Programme for IT [NPfIT] – the UK’s largest IT programme – will be only part of her responsibilities.
David Nicholson, Chief Executive of the NHS, is expected to remain as the overall senior responsible owner of the NPfIT. This means that the NPfIT still has no full-time overall senor responsible owner…
Summary: After Elizabeth Dove saw her GP about suspected depression she was dismayed and angry to find that her sensitive NHS records were put on a database which was shared with staff at the local council… Dove contacted Computer Weekly’s IT Projects blog to say that the transfer of her medical information to a council social care system “Swift” has caused her considerable distress and upset. Her records were marked “private and confidential”. The Swift system is used widely by local authorities.
“I am pleased you will be highlighting this issue,” she said, “I think there are some very important principles here that affect us all and a person’s right to privacy and confidentiality … It is worrying. It is scary. Nobody has bothered to inform the general public to see what they think or seek their permission in the release and sharing of their personal medical information. This is wrong.”
Dove has raised the matter with the Information Commissioner. She says the Isle of Wight Primary Care Trust has betrayed the trust she placed in the NHS to keep her medical information secret; and that it’s unfair that because she went to her GP about suspected depression – and has never been trouble with police, is not a paedophile, is not schizophrenic, and has never shown any signs of violence to her or society – she has had her right to privacy removed. She was not asked if she wanted her medical records shared with the council.
Summary: Now that the Labour Party’s conference has finished, I’ve looked at the lessons and what went wrong on 13 large, government IT-based projects and programmes:
- Magistrates’ courts
- Intelligence Services
- Passport Service
- National Health Service
- Rural Payments Agency
- Criminal Records Bureau
- HM Revenue and Customs
- Department for Work and Pensions
- Department of Health
- Department for Innovation Universities Skills
- Ministry of Defence
The analysis is tied in with an analysis and comment, to be published in Computer Weekly this week, on Labour’s track record on managing big IT-based projects and programmes.