Национальный аэрокосмический университетНациональный аэрокосмический университетим. Н.Е.Жуковскогоим. Н.Е.Жуковского
«Харьковский авиационный институт»«Харьковский авиационный институт»
Кафедра компьютерных систем и сетейКафедра компьютерных систем и сетей
Научно-технический центр Научно-технический центр "DESSERT“"DESSERT“(DEpendable Systems, SERvices and Technologies(DEpendable Systems, SERvices and Technologies - -
Гарантоспособные (надежные и безопасные) системыГарантоспособные (надежные и безопасные) системы, , сервисы исервисы и технологии)технологии)
www.stc-dessert.comwww.stc-dessert.com
EPR Systems Analysis EPR Systems Analysis (GB)(GB)
Anna SyrotyukAnna Syrotyuk
NPfITNPfIT
The National Programme for IT – The National Programme for IT – NPfITNPfIT
initiative ofinitiative of National Health Service (NHS) National Health Service (NHS)
EnglandEngland
NPfIT GoalsNPfIT Goals
move towards an electronic care move towards an electronic care record for patients record for patients
connect 30,000 General practitioners connect 30,000 General practitioners to 300 hospitals to 300 hospitals
providing secure and audited access providing secure and audited access to these records by authorised health to these records by authorised health professionalsprofessionals
Programme responsible authorityProgramme responsible authority
The Department of Health agency The Department of Health agency NHS Connecting for Health NHS Connecting for Health
NHS CFHNHS CFH is responsible for delivering this is responsible for delivering this
programmeprogramme
CfH is based in Leeds, West Yorkshire.CfH is based in Leeds, West Yorkshire.
First datesFirst dates
October 2002 - formally October 2002 - formally establishedestablished
April 1, 2005 - NHS CfH was April 1, 2005 - NHS CfH was formed to deliver the programmeformed to deliver the programme
NPfITNPfIT key deliverables key deliverables The NHS Care Records ServiceThe NHS Care Records Service (NHS CRS) (NHS CRS)
Choose and BookChoose and Book, an electronic booking service, an electronic booking service
A system for the Electronic Transmission of A system for the Electronic Transmission of PrescriptionsPrescriptions (ETP) (ETP)
A new A new national national broadbandbroadband IT network for the NHS (N3) IT network for the NHS (N3) Picture Archiving and Communications Systems Picture Archiving and Communications Systems (PACS)(PACS)
IT supporting GPs including the IT supporting GPs including the Quality Management Quality Management and Analysis System (QMAS)and Analysis System (QMAS) and a system for GP to and a system for GP to GP record transferGP record transfer
NHSmailNHSmail – a central email and directory service for – a central email and directory service for the NHS. the NHS.
The SpineThe SpineA set of A set of nationalnational services used by the NHS Care Record services used by the NHS Care Record
ServiceService
The Personal Demographics Service (PDS),The Personal Demographics Service (PDS), stores basic demographic information about each stores basic demographic information about each patient and their NHS Number.patient and their NHS Number.
The Personal Spine Information Service (PSIS).The Personal Spine Information Service (PSIS). A summary of patient's clinical information, such as A summary of patient's clinical information, such as allergies and adverse reactions to medicine.allergies and adverse reactions to medicine.
The Secondary Uses Service (SUS),The Secondary Uses Service (SUS), Uses data from patient records to provide Uses data from patient records to provide anonymised and pseudonymised business reports anonymised and pseudonymised business reports and statistics for research, planning and public and statistics for research, planning and public health deliveryhealth delivery
The Spine also provides a set of security services, to The Spine also provides a set of security services, to ensure access to information stored on the Spine is ensure access to information stored on the Spine is
appropriately controlled.appropriately controlled.
Clusters and Local Service ProvidersClusters and Local Service Providers
North West & West
Midlands
London Southern
East & East
Midlands
North East
England
Local Servic
e Provid
er
Local Servic
e Provid
er
Local Service Provid
er
Local Service Provid
er
Local Servic
e Provid
er
CSC Alliance
The FujitsuAlliance
BT Health London
National Application Service National Application Service ProvidersProviders - NASPs - NASPs
Responsible for services that are common to all usersResponsible for services that are common to all users
BTBT
Atos Origin,Atos Origin, CernerCerner
Cable and Cable and WirelessWireless
NHS Care Records NHS Care Records Service and N3Service and N3
Choose & BookChoose & Book
NHSmailNHSmail
Criticisms of the programmeCriticisms of the programme (1) (1)
In In 20002000 won won "Most Heinous Government "Most Heinous Government Organisation“Organisation“ Big Brother Award Big Brother Award from Privacy International for its plans to from Privacy International for its plans to implementimplement what would become the NPfIT what would become the NPfIT
In In 20042004 won won"Most Appalling Project""Most Appalling Project" Big Brother Big Brother Award because of its plans to Award because of its plans to computerise patient recordscomputerise patient records without without putting in place adequate privacy putting in place adequate privacy safeguardssafeguards
Criticisms of the programmeCriticisms of the programme (2) (2)
InIn August 5 2005August 5 2005CClinical staff felt that linical staff felt that the programmethe programme was in was in risk of becoming risk of becoming a white elephanta white elephant
In In April 2007April 2007The Public Accounts Committee of the The Public Accounts Committee of the House of CommonsHouse of Commons issued a 175-page issued a 175-page damning report on the programme. It damning report on the programme. It concluded that, despite a probable concluded that, despite a probable expenditure of expenditure of 20 billion pounds20 billion pounds "at the "at the present rate of progress it is present rate of progress it is unlikelyunlikely that that significant clinical benefits will be deliveredsignificant clinical benefits will be delivered by the end of the contract period."by the end of the contract period."
CostsCosts
02,3
12,4
20
0
20
1 year 3 years 10 years final cost
Review ofA research article
A computer scientist’s reactions to NPfIT
By Brian Randell
School of Computing Science, University of Newcastle upon Tyne, Newcastle upon Tyne, UK
What paper containsWhat paper contains
A paper contains a set of personal views relating to NHS CfH’s NPfIT,
Written from the point of view of a computer scientist, not a medical informatics expert.
NPfIT and the NPfIT and the current scepticism surrounding it
The Programme could revolutionise the way the NHS in England uses information, and make significant improvements to the quality of patient care.
Make key elements of a patient’s clinical record available electronically throughout England
The medical world sceptisism reasonsThe medical world sceptisism reasons Many occurrences of widely publicised
failures of large IT systems
It’s easy to reporters and inquiry agents to obtain information from the Police National Computer System and other allegedly secure government systems
The humiliating suspension of the Medical Training Application Service (MTAS) in May 2007, when confidential personal data from hundreds of junior doctors’ job applications were made available on the Internet
We are for detailed SpecificationsWe are for detailed Specifications
Medical IT system safety depends both on how well the system requirements have been identified and specified, and how well the system meets these requirements, that is, how reliable and secure it is.
For any significant safety-critical system, the norm is to require that the system suppliers provide a comprehensive and well-argued set of documents
It is vital to have a detailed specification
System reliability and security specifications, like the functional specifications are necessary at each stage
NPfIT own problemsNPfIT own problems
Numerous reported reliability problems (including privacy failures)
CfH themselves do not have detailed reliability and security specifications for the various major NPfIT systems
Medical and computer experts issuersMedical and computer experts issuers
Identifying a medical information system’s possible
safety hazards
medical experts issues
Achieving IT system reliability and security in pursuit of safety
Provide guidelines as to what levels of reliability and security are achievable
computer experts issues
The impact of centralisation Physically and logically distributed systems,
employing carefully architected redundancy and diversity measures, are greatly to be preferred.
A single careless or malicious act, affecting a central server and its network could have a disastrous effect on all the surgeries and all their patients, in a whole region. (The recent failure at CSC’s Maidstone data centre left clinicians throughout the West Midlands and the North-West without access to their patients’ computer records for the entire 2-day outage)
However, centralised back-up facilities, for example, could be very valuable, especially if the backed-up data are encrypted, and all the key holders can be trusted.
NPfIT Fundamental security dilemma
Fundamental security dilemma facing NPfIT is that one can (with difficulty) achieve any two of
(a) high security, (b) sophisticated functionality, and (c) great scale
but achieving all three is currently (and may well remain) beyond the state of the art.
Achieving public trust and confidence
The general public needs to trust - IT systems, - The medical staff and - Government officials
Trust is gained slowly and can be lost abruptly
General public’s trust in the medical profession.This provides an excellent basis on which to build an IT system that will also gain the public’s trust
Recommendations (1)Recommendations (1) There is a vital urgent need for an open constructive
review of NPfIT by independent experts.
A review would provide support for indeed many people’s view that specifying, implementing, deploying and evaluating a sequence of ever more complete IT systems is the best way of ending up with well-accepted and well-trusted systems
The review would be best carried out by a smallish team, no more than six people operating full-time at least initially, who between them have expertise in all the main areas – medical informatics, computer system dependability, usability, privacy, etc.
Recommendations (2)Recommendations (2)
There is thus a need for central standards for interoperability of local systems, standards that will encourage development of improved functionality and usability of the systems.
Allow patients to decide (typically via their GPs) the extent to which information about them should be made widely available
Thank you Thank you for your attention!for your attention!