I assumed that the point of the PAC meeting was to the have questions posed by the committee to the supplier representatives and DOH. My assumptions where met. However, to my dismay, this was clearly not the same assumptions which the "witnesses" had.

In this document I will attempt to explain in, simple terms, the key areas of disconnect between what was required and what was delivered. The areas which were and have still not been addressed, in relation to the Care Record at the detail and summary level. The technologies available in 2003 and how they have changed since that date to suddenly facilitate a different approach ie on of interoperability.

I will disclose at the outset of this document that I have a vested interest as an existing supplier to the NHS since 1994, I am the Technical Director of MARACIS Solutions Ltd, a small software house in Beckenham. We have managed to "carry on" in our chosen field and provide what all of our customers would attest to as value for money and a very effective system. One capable of sharing information across organisational boundaries in real time and very simply, despite the National Program and in some cases because of it. This has not been an easy thing to do.

Key areas of disconnect: in 2003 these related to what we had across the NHS in terms of systems in use, what was available in the market place and what the NHS wanted to achieve (this was the humdinger!). The aim of the program on the face of it was laudable, a fully connected joined up set of systems available to all clinicians at all times about all patients. Oh that CfH et al could have put it so succinctly. Most if not all hospitals and GP surgeries had information systems which held within them patients care records first problem, what is actually meant by a care record? What actual data and in what structure/order is it stored (Actually if one reads the NHS's own data manual and dictionary, it tells you, certainly for Patient Administration Systems or PAS)? The existing IT procurement process for Trusts was long winded and cumbersome, the national program was supposed to streamline this. It did not. Ask any Trust how log it takes them to go from "we need a new system" to getting it live under NPfIT and how much they have to spend doing it! In addition what choice were they given, Hobson's I think you will find. When this "plan" was seen to be not to working as well as predicted the rules were changed such that Foundation Trusts could do their own thing. What rot! This led to the second disconnect issue "Foundation Trust's were allowed to do what they wanted but the LSP contracts guaranteed the LSP's at least a minimum number of installs to trigger payments". Time for a philosophy/logic lesson. I refer of course to the Law of Excluded Middle, apologies if you already know how to suck an egg but this states that a proposition cannot be both true and false at the same time (from the PAC session, something that all witnesses would have you believe, I wouldn't buy a car from these people let alone national solution). It is a certainty that in all of the LSP areas foundation Trusts would be forced to take solutions they did not want and could ill afford. Two such Trusts, one in Oxford and one in Avon were both "encouraged" to take RiO over there existing system which was MARACIS. Between the Two Trusts they have spent in excess of £4,000,000 of their own monies which they would not have had to spend were it not for the LSP contract extension in the south to BT. How much has actually been spent across the country because of similar pressure being applied. To cap it off in Oxfords and Buckinghamshire's case their SHA was threatened with an £8,800,000 fine if the solution was not taken and the Trust was informed that said fine would be passed down to them in the form that amount of reduced service contracts. So we have one part of the NHS threatening another part of the NHS by risking the amount of care which could be delivered to their population so that a supplier could tick the deployment box and get is fat cheque, what choice did they really have? I hope you are as aghast as I was when I was made aware of this information. Anyone who has actually worked within an NHS Trust (I have) at the patient interface will know that one size does not fit all, yes there are commonalties and similarities but the degree of variation within and between organisations is very large indeed. This leads to a third disconnect which is typified by the lack of clinical engagement and why CfH/NPfIT avoided it, "asking a clinician what an information system should do for them is the wrong question, it should be more along the lines of what is it that you do on a day to day basis with patients, what do you write in your notes, what information do you and your colleagues use to inform clinical decision and process, what if any of that information does your organisation use to evaluate and quantify clinical efficacy" I suspect, and the witnesses alluded to the fact that this was never done. This omission was made because its hard stuff to do, you can forget a three year delivery timescale at any price. In 2003 this is what the industry was telling NPfIT. Microsoft, ORACLE and IBM to name but three technology suppliers -did not want to be involved with an obvious train wreck, said as much. The BMA and British Computer Society had the same view along with many other in the technology media. All were ignored, such arrogance and ignorance could be forgiven at the time but it was still on display at the PAC.

The areas which were and have still not been addressed: This is not a technology issue at all but runs to heart of what our health service and its staff are supposed to do for us as a nation. They are entrusted with our collective health, I guess it could be summarised in to "do no harm" which of course is an over simplification but you get the idea. When a member of the public fetches up in front of their GP/nurse/A&E doctor (pick you healthcare professional of choice) there is both an implicit and explicit duty of care to do no harm and if possible do some good. The person doing the doing is the clinical professional and it is their career and potential liberty which is at stake when they enter into any such interactions with or about a patient. This is understood both implicitly and explicitly by the both parties in the relationship, how often across all such interactions on a daily basis is the clinicians' judgement questioned by the patient? Not very I would suggest. What is the nature of the interaction? Basically they work out what wrong and work out what to do about it in the most expedient way possible. This process is based on the clinician gathering information about the patient which then tailors their response. But throughout said interaction the clinician is responsible because the information comes from them to the patient or to their colleagues. Jump forward if you will to a time where a clinician can look you up on centralised system (the summary care records service). The clinician will see a bunch of data, and that is all that it is as at this point, the clinician has no contextual reference to make it information he/she can act on. What do they do? Medico-legally they have no choice but to verify the data ie turn it into information they feel comfortable acting on. They know nothing about who updated the record last (in reality it would have been system to system no humans involved) in what capacity and when. So now said clinician will have to Trust that the system is correct (and we know that that is a fallacy as the countless examples in the press re data accuracy and the comments made by messrs Nicholson and Conolly at the PAC will attest), but in doing so they abdicate responsibility to the "machine". There is no get out of jail free card issued with each of the 800,000 smart cards that I am aware of therefore the clinician has no choice but to gather the data themselves by doing the tests, performing the examination and asking the questions themselves instantly rendering the summary useless. If on the other hand the get out of jail free card was issued with the smart card then the patient's would need to be informed of this, consent would need to be given explicitly to act on said information and the ramifications made clear. Given that choice would you not ask your clinician to do the tests, perform the examination and ask the questions of you? Damn right you would and again the system is rendered useless. I cant believe that I am going to be able to use the word floccinaucinihilipilification but this is a classic example if ever there was one.

The technologies available in 2003: The comments which were made by all witnesses as a justification for what is a requirements rewrite were some of the most, at best, ill informed and inaccurate I have ever heard by a group charged with such responsibility on behalf of the nation. In 2003 were we not all able to purchase stuff online and have it delivered by Amazon/Play/Tesco etc etc. Yes we were! Were we not able to send an email have it get to where we wanted it to go? Yes we were (unless it was EDS's NHS mail of course only £90,000,000 wasted). Were we not able to make bank transfers from account A in Bank A to account B in bank B? Yes we were! Were we not able to share information between Health and Social Services, GP practices' and A&E departments? Yes we were (well if you were on MARACIS we were). The statements made were just plain wrong. One needs to be very clear on what was being said and why. You are being asked to believe that the technology available at the time was not capable of such interoperability this is just not the case. I would be astonished if Ms Conolly did not know this, I am not so sure about Sir David as he seemed to know not very much about a anything of note. This leads me to the fourth disconnect, namely "lack of understanding at the executive level necessary to evaluate any solution being proposed". In my opinion it is impossible to provide clear oversight/management on any IT project however large or small without an understanding of the business problems it is designed to address and the technical architecture being proposed as part of the solution. In the case of NPfIT the business problems which were to be addressed were never the same as those perceived by the clinicians. They were always top down, a set of problems which in reality may never have actually existed in the real world of NHS clinicians but did so in the minds of the white hall mandarins who came up with the cockamamie idea in the first place. The individuals to whom this nonsense was proposed also had no idea so just went along with it leading to where we are now. I could report on the conversations I had outside the PAC with DOH staff what I overheard Ms Conolly say to Ms Thureen but that would be just hearsay. But I heard nothing which would change my overall view of the current mess. I could go into chapter and verse about technology platforms, design and development paradigms, interoperability etc but I wont. What I will do is provide some bullet points on comments made by all concerned.

Why does RiO cost £9 million from BT? - Disaster recover was the only tangible response from Mr O'Connell from BT. What stuff and nonsense! Disaster recovery MUST be predicated on Business Continuity and in a sane world, nothing else. What does Business Continuity actually mean, well clearly Mr. O'Connell has no idea its just another stock phrase to trip of the tongue. Put simply its those processes and procedures an organisation puts in place to ensure that the elements required to perform its main functions are available at the time and locations necessary. From a healthcare setting, say a Trust that means things like have enough clinical staff on shift, having a backup generator in case mains power is lost, having appropriate guidelines in place to define actions to be taken when a theatre is no longer available and the list goes on. When we reach the level of IT it becomes more problematic because it's a harder thing to quantify. Would patients die if clinicians were suddenly unable to access their beloved NPfIT solutions? In a word No. So now the question becomes one of risk versus cost. How much risk are we prepared to take in not having access to our IT system and at what cost. Look across the entire NHS estate today and you will still find large numbers of resilient single servers hosting corporate systems. Resilience is the degree to which a system (server) has built in redundancy eg at least two power supply units, two network cards, an intelligent UPS (battery backup) and disk drives arranged in some form of RAID configuration (simplest in use is RAID 1 also know as a mirror the system has two disk which present to the user as 1 everything is written to and read from both disks simultaneously both disk would have to fail at the same time for their to be system loss). There are several forms of RAID but they all do more or less the same (apart from RAID0 but lets not go there now). Baring the above in mind it's perfectly reasonable decision for a Trust to go for a resilient server hosted in their own server room under their control. The only issue with such a solution is that there is still a single point of failure in this configuration namely the servers motherboard. This could fail but any server bought comes with a four hour call out and repair contract from its manufacturer so worst case scenario a Trust may be without its main information system for no more that 24 hours during a working week or 48 if over a weekend, this level of security on average can be acquired for well under £10,000 for a large scale machine capable of supporting 100's of users. At the other end of the spectrum we have real time fault tolerant systems which effectively duplicate and triplicate the hardware infrastructure. The contract signed with ORACLE for their software stack as at 2003 made all this possible to any NHS organisation running ORACLE based systems. This translates to configurations which have a Primary server which hosts the Information system and to which all users connect. There is also a Secondary and in some cases Tertiary server (or failover servers) which runs in what is termed "permanent recovery" mode. Every modification made to the Primary servers database (content as well as structure) is in near real time replicated to all failover servers. In the case of MARACIS installations for example 450 users are connected to the Primary server (by the way there is no single install of RiO under the national program hosted by BT which gets any where near that level of concurrency - info from Oxford), something goes pair shaped and the server or network it sits on fails. Within two minutes (configurable by supplier) the Secondary server is promoted to Primary and all 450 users now connect to it. IT personnel (and our support desk) are automatically informed of the failure and the hardware supplier is called (Dell in this case). Engineer turns up fixes issue and the database is now up and running and is automatically synchronised wit the new Primary. The Trust, if it wishes, can have the roles switched back to the original configuration but there is technical reason for doing so. Mr O'Connell also made a statement about not being able to access systems which were in recovery mode. Not so, well it may be so for systems like RiO which are based on Microsoft's SQL server platform. This is not the case for ORACLE based systems, again using both Oxford and Avon as examples, at least one of the failover instances are configured as what ORACLE terms a "logical standby" as opposed to a "physical standby". When an ORACLE database is in logical standby mode it can be read from. In those Trusts the logical standby is used by their information departments for running all reports, DOH extracts and feeding their data warehouses with zero impact on the running of the live system. How much does this cost the Trust? Less than £22,000 for the hardware (Dell pricing at the time) and about £15,000 per year Trust for database administration and disaster recovery configuration support and maintenance including out of hours support. Ask either of these Trust's how many times they have lost MARACIS over the 10 to 14 years and for how long as compared to the availability of RiO (as supplied by BT) since they started implementation and I think you will be shocked especially when the price difference, according to Mr O'Connell is due to disaster recovery provision and you will see that there is no value for money whatsoever.

Interoperability Toolkit - Ms Conolly would have you believe that this software is now capable of connecting all sorts of systems together, it isn't. That is not because it is a technical challenge but because its not a piece of software at all! (see this link http://www.uktcregistration.nss.cfh.nhs.uk/trud3/user/guest/group/0/pack/13). The toolkit is yet another set of specifications on how one is supposed to be able to connect to central systems, below is a screen grab from the above web page.

You may note that some of it is not even ready as a specification. Yet this was presented to the PAC as a viable out of the box solution. There is value in this concept. I don't know how much it cost to develop this non software but I am willing to bet that if that money had been spent on actually building a standards based solution which "knew" how to communicate with the central solutions on the one side and a publicly defined interface on the other which any system could interface with, a black box approach if you will, then the entire care records service could have been delivered at a fraction of the price. All existing suppliers would have had to be compliant to the extent that their systems could communicate with the public side of the black box in order to sell to the NHS. No top down imposition, clinical engagement would be guaranteed as it would between Trust's and their direct software suppliers. Once you have that position the market is open, fair and competitive. It's a level playing field for all parties and the value add comes from what system A can do over system B. A central fund could be made available to assist Trusts in acquisition of compliant systems with interoperability headaches at all. Utopia? Not so, this is precisely what Canada has done. The Canadian Institute for Health Informatics (Senior Architect Mr Mark Fuller an ex MARACIS man) designed the national data warehouse and the interfaces to it then the federal government told the IT suppliers you all need to be able to communicate with the central system in this manner with this frequency. How much did they spend? $1.3 billion and most of that went on physical infrastructure so that every health location across Canada was connected to their equivalent of N3. At the projects inception Mr Granger was invited over to speak, his on and off the record comments "This will never work your not spending enough money". He was politely ignored, as his mother pointed out he did fail his computer science A level. Canada now has a system in place where Federal and Provincial government bodies (as well as the public!) can in real time interrogate the national data warehouse and see what's going in terms of the health of the nation. This information is used for health service planning and provisioning and resource allocation. I am not sure of the metrics but I am sure if you asked they would be more than happy to disclose what it has meant to them financially as a country. Compare that to where we are. The damage this project has done to our industry and our health service, is that worth the spend to date? Is it worth the continued spend in the direction the DOH wants to take us.

Post NPfIT - What happens then? - Oxford has asked BT what support and maintenance will cost for RiO post 2014-15 the answer £375,000 per annum. What were they paying for MARACIS as a comparison, less than £70,000. At the end point healthcare IT in this country will have been ruined, if it hasn't already been so. We will be left with only the mega corps and you will have to pay what ever they ask as you will have no choice in the matter. Ms Conolly said as much of Fujitsu, ask the DOH how much McKesson was screwing them for to maintain existing systems which were to be replaced by Lorenzo and its ilk and you will weep, I did.

A way forward - the £4.5 billion pound question, this is in your hands, as I said earlier and have maintained in all my public postings the aims of such an undertaking need to be clearly and simply specified, they were not hence the various recasts of the program to date. What we are being asked to allow now is a complete change from what was bought. The fact that CSC is or wants to acquire iSoft (which is it?) means that an LSP with three fifths of the contracts available will be supplying their own software which under the terms of the original contract award was forbidden (and for good reason). The disillusion of the SHA's effectively removes oversight and control though their past behaviour questions whose interests they were looking after. The NHS does not need a one size fits all approach, nor does it need a single system which may or may not be configurable to local needs unless it is built on a technology which is truly data driven and service oriented which Cerner Millennium nor iSoft Lorenzo are not. The NHS requires systems which support the day to day processes undertaken by all its clinical and administrative staff, systems which are capable of sharing information in real time ie not message based across service boundaries with the control of such sharing in the hands of the Trust's and their staff. Systems which the patients can access as and when required again with the content of that access controlled by the Trust's. Certainly in the case of mental health patients full access to their records is often clinically inappropriate, ask any psychiatrist. It has saddened me to write this summary because so much more could have been achieved for so many without the vast cost incurred if only the right questions were asked of the right people.

May 2011