09.04.11
NPfIT for purpose?
Good IT systems are essential to medicine. Computers are already widely used in hospitals and general practice, but the full potential of modern IT has not yet been harnessed by the health services in most countries, says Dr Martyn Thomas
In the USA for example, the Institute of Medicine estimated in 2000 that 98,000 patients die each year from avoidable medical errors, many of which could be prevented by better IT systems.
There are many areas of healthcare that can benefit from single purpose IT systems, such as the introduction of digital x-ray imaging to replace the slow, expensive and inconvenient use of film. Such systems speed up the process of getting x-ray images to the clinicians who need them, and facilitate easy archiving and retrieval, comparison with earlier images or those from other patients, and automated image analysis to assist diagnosticians. Patient care is improved and so is hospital efficiency.
One area that has attracted increasing attention is the use of computers for patient administration. The ready availability of electronic patient records can have an impact on healthcare that goes far beyond efficiency improvements. Diagnoses can be improved, allergies can be avoided, medical tests need not be repeated unnecessarily, drug interactions can be reduced and aggregate data can be used for research into the causes of diseases and the effectiveness of treatments.
In the UK, the introduction of electronic patient records is at the heart of the NHS National Programme for IT which is the largest civilian IT project in the world according to the House of Commons Health Committee. NPfIT started in 2002 and the main contracts to provide the national network (N3), electronic transfer of prescriptions (ETP), a national database of patient details, and regional patient administration and patient records, have a combined cost of over £6 billion.
The government strategy was “to take greater central control over the specification, procurement, resource management, performance management and delivery of the information and IT agenda. We will improve the leadership and direction given to IT, and combine it with national and local implementation that are based on ruthless standardisation.”
(Department of Health, Delivering 21 st Century IT support for the NHS: national strategic programme, June 2002).
The contracts were signed in late 2003 and early 2004 but, by April 2006, there were worrying signs that the programme was heading for serious trouble.
The NHS Confederation had said: "The IT changes being proposed are individually technically feasible but they have not been integrated, so as to provide comprehensive solutions, anywhere else in the world".
Two of NPfIT’s largest suppliers had issued warnings about profits in relation to their work and a third had been fined for inadequate performance.
An expert group within the British Computer Society expressed concern that NPfIT may show a shortfall of billions of pounds.
Various independent surveys showed that support from healthcare staff is not assured.
There had been delays in the delivery of core software for NPfIT.
Alarmed by these events, a group of 23 professors, experts in computing and systems, wrote an open letter to Kevin Barron MP, the chair of the Health Select Committee of the House of Commons, asking him to press for an independent review of NPfIT that would uncover any risks or weaknesses in the systems engineering and propose solutions that would minimise the risks of delays, cost escalation and ultimate failure. It fell to me to sign the covering letter and to handle subsequent communications with the Department of Health.
The letter was sent on 10 April 2006 and, later that month a subset of the professors met the director of NPfIT, Dr Richard Granger, and several of his senior team to discuss the proposed review. Once he had established that we supported the strategic goals of NPfIT and that our motives were constructive, Dr Granger agreed that our proposed review could be helpful to the programme, and this view was reflected in the report placed on the NPfIT website that evening. Unfortunately, it seems that the Department of Health did not agree. The website was quietly updated to remove the statement that an independent review could be helpful, and it never happened.
Since then, one contractor, Accenture, has given up their main contract and aspects of the programme have been criticised by parliamentary committees – most recently in the report of the Health Committee into Electronic Patient Records. The evidence published by the Health Committee revealed that the specifications for this central part of the NPfIT are still not complete five years after the programme was launched, even in critical areas affecting the confidentiality of patient health data. Meanwhile, a recent study carried out by the medical survey company Medix shows that support for the programme among doctors has fallen further.
The NHS is unique in the world and highly complex, so there are no off-the-shelf solutions to patient administration that can be widely adopted by the NHS without change. In any case, NPfIT – like all enterprise-wide IT systems – is a business change project that happens to use IT as an enabler, and not simply an “IT project”. Many projects fail because the system’s behaviour is considered inappropriate or unworkable by the staff who are expected to use it. It is therefore essential that the new working practices that the NPfIT will support are discussed with the affected staff, and agreed by them, before the systems are built. In this context, the report of falling support for NPfIT by doctors is deeply worrying.
There are always risks when developing and introducing new IT systems, but following a few principles can reduce the risks to manageable levels.
Firstly, it is essential to recognise that introducing a new computer system is an organisational change as well as a technical project. NPfIT is the largest business re-engineering programme in the world, yet most people talk about it as if it was primarily a computer project. The cost of the business changes usually exceeds the cost of the computer systems.
Secondly, there are great risks in innovation, complexity and scale. Most successful large projects started as successful small projects and were then carefully scaled up. It is important to try to avoid being the largest, or the first. If you are the largest or the first to attempt to do something, then double the budget to allow for the increased risks.
Thirdly, investing time and effort getting the initial specifications right will repay huge dividends. Talk to the end users. Develop use cases (end to end examples of how the systems will be used in real life) and document them in great detail. Implement prototype systems and use them to check feasibility, usability, and performance, and to assess the amount of user training that will be required. Use a systems architect who can formalise the requirements into unambiguous specifications that can be rigorously analysed for omissions and contradictions. Use these specifications to work out the necessary budget and timescales for introducing the new system, allowing time for problems and changes to arise.
These specifications are like an engineer’s blueprints and design diagrams. They must be kept under strict change control and kept fully up to date and consistent with the project plans. It is inevitable that the requirements will change as the project progresses and, without strong management of changes the project will soon run out of control.
Fourthly, use independent reviewers, regularly, to ensure that all the project team’s assumptions are still valid – and act on their recommendations. Be open about mistakes, as this is the only way to be confident that lessons have been learnt.
Finally, pay attention to dependability from day one. You cannot build safety, security, usability, reliability, quality or maintainability into a system after it has been designed, as these are system-level properties that have to be clearly specified and designed into the system architecture.
From the outside, NPfIT seems to have a high risk of joining the list of unnecessary IT project failures. In the opinion of many experts, a thorough, open, independent review could identify the major risks and propose solutions that could lead to a modern NHS that makes the best use of modern IT. Perhaps Lord Darzi’s current review of the NHS will recommend such a review of NPfIT. We shall have to wait and see.
Dr Martyn Thomas CBE FREng is an independent consultant software engineer and expert witness
E: [email protected]
Tell us what you think – have your say below, or email us directly at [email protected]