If CfH were to do it all again, Denwood said they'd not only better engage clinicians in the process, but also reprioritise the software deployment, so the most useful bits got rolled out first making for better headlines and happy doctors.
"Clinicians want to go from seeing IT to it doing the job on their desk right away," Denwood said. "But we had to catch up and deliver 20 years of infrastructure in a short time."
In addition to those two main lessons learned, Denwood admitted that CfH could have been "a little more transparent around delivery." Given the troubles with suppliers, this lesson should probably be learned sooner rather than later.
The database issue
Criticisms haven't just focused on the implementation, but on the centre of the programme: the database. Given this government's love for centralised databases, it should come as no surprise that the NHS system will have one at its core nor should it come as a surprise that such a plan is attracting similar criticisms as the besieged national ID card.
A Royal College of Nursing study last year showed that nurses weren't sure what the benefits of such a system would be, and though they hoped it would get rolled out, they didn't believe it ever would.
And earlier this year, the vast majority of doctors surveyed by the British Medical Association said they didn't believe such a database could ever be secure.
Keeping the NHS on paper records would not have been sustainable. Alternative routes could have been taken arguably, should have been taken but the millions of people who access public healthcare could not have been efficiently treated using paper records. Paper might offer some benefits, but there's a reason every major firm has moved to its operations onto networks, and a reason every office worker has a computer on his or her desk, and a reason police officers are getting kitted out with BlackBerrys. Pair that with the financial strain facing any government operation and the operational efficiencies IT can offer, and the NHS needed such a programme.
For management and communication, computerised systems are not the best choice, but the only one. "Clinicians don't want to go back to wet film x-rays, or sending records through the post," said Denwood.
But computerised systems need not be centralised, notes NO2ID's Guy Herbert. "Digitising records is not what it's about," he told IT PRO. "They don't have to be centralised, just standardisedThey don't have to be unique and unpartitioned." For example, he said sexual health records could be held separately, if a patient desired, and that a patient's records could be held by the patient, instead of by the NHS or even doctors.
A centralised, monolithic system "has vast political implications as well as clinical and personal ones in a way that a more federated system wouldn't," he added.
NHS patients as in, you will be able to view records via the Healthspace system, and even upload information such as blood pressure and sugar levels, lifestyle habits, and update their basic personal information and leave comments on their file. But that's a far cry from patient-controlled records systems have been released by such tech giants as Google and Microsoft in the US. Such systems rely on standardisation and interoperability to allow patients to send their records to the hospital, GP or insurance company at their own choosing.
Keeping it all secure
With laptops seem to get nicked from an NHS hospital on a near-weekly basis, cynics may say it's only a matter of time before the NHS is hit by a data breach on par with HM Revenue and Custom's breach blunder last year, given how much information will soon be moving off paper and onto computers and networks.
Being a bit proactive, earlier this year, the department bought encryption software for every NHS organisation some 700,000 licences of McAfee Boot. It hasn't been rolled out everywhere yet, but central systems are at least covered. "It's now being deployed by local NHS, primary care and secondary care units," Denwood said. He admitted there was some delay in getting it to all 8,400 GPs so far, mostly owing to a shortage of technicians to install it.
Surprsingly perhaps, given the game of catch-up the NHS is playing with IT across the board, it is according to CfH the only national IT programme to meet top security levels. It's been awarded Level 3 of the e-Government Interoperability Framework. CfH's Denwood suggested this is largely because of the use of two-factor authentication to access any system. "All of our systems require chip and pin with a smartcard," he explained.
