While you may need top marks in science A-levels to even think about becoming a doctor, their workplace, the NHS, seems to have a love affair with paper. With this in mind Nick Prescot, Information Security Analyst, FireHost, asks the question: What can cloud do for British healthcare?
An old colleague, who now works for Apple, tells me the NHS has become one of the best markets the company has for the iPad. Could this mean that UK healthcare will embrace ‘the cloud’ with the same enthusiasm?
Before we become over-excited, I should point out that everyone, including my grandmother, embraces the iPad with enthusiasm, even more so if someone else is paying for the gadget. Maybe a better starting point for looking at the cloud in healthcare would be to ask what the cloud can do for the NHS, rather than speculating about traction and adoption.
To truly understand how the cloud can help the UK health system I think we have to take a step back and take a broad look at the IT landscape in the NHS, and the forces that shape it.
Breaking the systems integrator stranglehold
The most obvious and instantly notable feature of NHS IT is the overwhelming dominance of the systems integrator. Companies like Accenture, BT and CSC have been exceptionally successful in providing their services to the NHS, usually with a healthy dose of controversy. However, it seems that the relationship has almost been as disappointing for the outsourcers as it has been for the NHS and those who pay for it.
Take CSC’s Lorenzo ‘patient records online’ project. It was part of the NHS National Programme for IT, a project kicked off a decade ago, and timetabled to last well beyond the lifetime of the government then in power. With a new gang of politicians came new remits, request changes and missed deadlines.
In 2011, CSC wrote down $1bn against the value of the contract and had to deal with a class action from angry shareholders. Meanwhile the UK public purse was saddled with a near £12bn bill for a project that was originally estimated to cost just $2.6bn. The story doesn’t end there. There is a new contract for Lorenzo and little by little it is being rolled out in hospitals in the UK.
Politicians seize upon tales of this kind and gleefully paint systems integrators as the villains of the piece. With the advent of the coalition government in 2010, there was much talk about how the systems integrator monopoly would be broken, and contracts awarded to smaller providers, in particular, cloud providers.
So how exactly are systems integrators to blame for constant political direction changes and therefore project remit? Anyone with any IT purchasing experience knows the ‘land and expand’ model they use. I have as much sympathy for Francis Maude in the Cabinet Office as I do for a friend of mine who choses the cheapest quote for some building work and then, after deciding to change the tile colour, is surprised by the size of the revised bill.
The cloud has a future in the NHS, but not because the systems integrator model is going to be broken by Francis Maude (try Googling ‘Capita’ and ‘public sector bid win’ if you need disabusing of this hope). Cloud has a future because politicians continually change their minds, and the pay as you go, spin up and destroy model is perfect for the dynamic nature of public sector projects.
The main advance of the cloud is that market forces will get the datasets, application and infrastructure on a common platform that will allow different NHS entities and clinical commissioning groups (CCGS) to share information. What has been lacking is the common security framework that gives the NHS trusts the confidence to share data.
In the US, there is much debate about what you can and cannot do with electronic health records (EHR) / personal health information (PHI) through Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH). In the UK, you have the Data Protection Act that covers the confidentiality of data. You might have the IGSOC (Information Governance Statement of Compliance) that is based mainly on ISO27001, but there isn’t the same level of data sharing, as the datasets are not standardised.
In the more distant future - given the sharing of data, commonality of applications and the standardisation of infrastructure - the possibilities are more interesting and I hope less based on cynicism. One of the features of public sector IT is the bespoke, systems integrator-created application.
These applications can become the geese that lay the golden eggs - after all, who else can patch / integrate / update the bespoke application apart from the systems integrator that created it? The consequence of this that there are a lot of applications out there with incompatible data sets.
By moving applications to the cloud, hospitals, clinics and general practitioners alike will have to ‘cloudify’ them, the most important aspect of which will involve making them muliti-platform and interoperable to some degree. If applications are moved to the cloud, we will see the end of the bespoke application and the arrival of the unified data set.
While unified data sets may not sound exciting, think of how much data an organisation like the NHS has going back decades (even if not as far back as 1883). The possibilities for analysing the anonymised data are hard to under-exaggerate.
Not just for public health trends and disease, but for even more basic data about height or eyesight. A marketeer’s treasure trove and I imagine new discoveries and profound insights will come out of it. I just hope the cloud manages to make its way into the NHS in my lifetime to make it possible.
