The £12.4 billion has been delayed because of hasty decisions
made early in the process, according to two experts before
Parliament's Public Accounts Committee (PAC). The Committee heard
that doctors were not properly consulted on the system, and that
delays now have been caused by a rushed procurement process in the
early days of the project.
Meanwhile, a survey by a medical journal and a mobile technology
firm has found that almost two thirds of NHS portable devices have
insufficient security or none at all, putting confidential data at
risk.
Two former employees of the NHS have told MPs on the PAC that
the main priority of the IT systems programme was speed. Dr Anthony
Nowlan had worked on the project and described it as progressing at
"breakneck speed". "It was not exactly the ideal process to commit
this amount of resource," he said.
Professor Peter Hutton, who worked on the project at the NHS,
said that in its early days he felt as though speed took priority
over care. "It was like being in a juggernaut lorry going up the M1
and it didn't really matter where you went as long as you arrived
somewhere on time," he told the PAC hearing. "When you had arrived
somewhere you'd go out and buy a product but you weren't quite sure
what you wanted to buy."
Richard Granger, director general of IT at the agency charged
with delivering the project, Connecting for Health, said that it
was difficult to attempt to catch up with the backlogs accumulated
throughout the programme. "There's a shortage of capacity in the
healthcare IT industry and we've had to bring in a lot of resources
from abroad," he said. "Some things have unfortunately gone wrong
as a consequence of that with some of those suppliers. We knew that
was a risk when we started and it will continue."
Meanwhile a report has discovered that NHS IT system security is
being compromised because of poor or non-existent mobile device
security. Carried out by Pointsec Mobile Technologies and the
British Journal of Healthcare Computing and Information Management,
the survey has found that two thirds of mobile data storage devices
have inadequate security.
"There is much documented evidence of patients who are worried
about the safe-keeping of electronic medical records," said Martin
Allen, managing director of Pointsec. "This survey shows that the
medical sector themselves are worried about information being held
on mobile devices which are not being secured by their NHS Trust.
It will only be a matter of time before these weaknesses are
exploited."
The most popular mobile data devices amongst the medical staff
and IT managers surveyed were USB memory sticks. The survey found
that half of those surveyed in the NHS use their own equipment to
store data, against standard security practice.
Half of the medical staff interviewed held patient records on a
mobile device. While most had only passwords as security, some had
no security at all. A quarter of respondents had, at some point,
lost a mobile data device.
