The risks involved in rolling out the world’s biggest civil IT programme were significantly underestimated when ministers initiated the project in 2002, according to evidence unearthed by Computer Weekly.
The evidence raises questions about whether Connecting for Health, formerly the national programme for IT in the NHS, was initiated by Downing Street on a false basis – that it would be easier to implement than has proved to be the case.
Computer Weekly has also learned that the timescale was underestimated. The project was originally to be undertaken in two years and nine months, beginning in April 2003. It has since become a 10-year programme.
Downing Street has refused a request by Computer Weekly under the Freedom of Information Act for the minutes of a meeting on 18 February 2002, chaired by the prime minister Tony Blair, at which the IT-led modernisation of the NHS was initiated.
But a profile of the project, which was drawn up within a month of the meeting at Downing Street, has revealed that there was no category for calculating one of the greatest risks to the project – that doctors and nurses would not accept the new systems.
The specific risks and complexities of the IT programme that were evaluated were given a points score which bore little relation to the magnitude of the scheme.
The “Project Profile Model” was based on a template of the Office of Government Commerce, and was originally an appendix of Delivering 21st Century IT Support for the NHS, a document which formed part of the launch of the programme in June 2002.
This appendix was omitted in the official version of the 21st Century IT document which is published on the Connecting for Health website.
The aim of the project profile model is to assess the risks and complexity of a project. In each category, a points score was given to the national programme according to the degree of complexity or risk.
The model gave a maximum risk score of three points if the number of IT practitioners involved was more than 100. But the national technology-led modernisation of the NHS involves far larger numbers – 20,000 health service IT staff and 10,000 people in the private sector. Other areas also showed a significant underestimation of potential risk:
- Total IT costs: this was scored as four out of four. Maximum points were to be given if the project cost more than £100m. The national programme is projected to cost between £18.6bn and £31bn over its 10-year life (see story, p4).
- Business costs excluding IT: this was scored as four out of four. Maximum points were to be given if the business costs were more than £50m. The national programme’s business costs are projected to be billions of pounds.
- Number of individuals affected within government: this was scored at six out of six. Maximum points were to be given if the scheme affected more than 10,000 people. The national programme affects at least 800,000 staff.
- Impact on business processes: this was scored at four out of six.
- Impact on other projects and changes: three out of eight.
- Degree of innovation: this was scored at three out of four.
- Scope of IT supply: scored at zero. A maximum of three points was to be given if the plan was to “deliver bespoke application”.
- Complexity of the client-side arrangements: two out of four.
In total, the national IT scheme scored 53 out of a maximum 72 points. The OGC said anything over 40 is “high risk”.
Specialists say the underestimate partly explains why, three years after its launch, the scheme has been hit by interfacing and other technical difficulties, delays in implementations and uncertainties over future funding.
Jean Roberts, lead for policy on the Health Informatics Forum of the BCS, said the profile model underestimated the risks and complexity and treated the scheme as an IT programme rather than a change management initiative. She said the scoring appears to “bear little relevance to the actual scale and complexity of the programme in practice, and many issues which have yet to be resolved tactically at local level”.
A spokesman for Connecting for Heath cited the way the procurement was run as a model for other parts of the public sector. “What is being referred to is an early scoping document which was initiated before the national programme came into being. This followed OGC guidelines for major projects. This was an early analysis which fed into Delivering 21st Century IT, which was the definitive strategy document.
“It indicated that the project was, unsurprisingly, high-risk, given the criteria laid down by OGC for assessing a project against. It indicated that the project should go through external Gateway reviews, which the national programme has done.”
He added, “It is well known to anyone with experience of large projects that risks and issues are part of normal programme management. Ministers and senior officials have stated publicly that it would not be possible to deliver a programme of this size and complexity without encountering issues along the way.”
If ministers approved an IT plan knowing it would be more risky and complex than stated, this would not be the first time.
A financial and managerial audit by consultancy Arthur D Little into an IT project to deliver new air traffic control systems found there was a perception among officials, which was “unsupported by any unequivocal documentary evidence”, that ministers would not approve the project if they knew the whole truth.
Officials set an artificially short deadline for implementation because they feared the government would otherwise “not agree to funding of the project at all”. In fact, systems took more than 10 years to deliver, instead of the projected five years.