Broken Windows
James Meek
Hello. My name is Jeremy Hunt, the elected Politician responsible for the good Running of Britain’s National Health Service. It has come to my attention that Criminals have entered a Number of NHS Hospitals through old Windows. This is a Disgrace and an Outrage. It is the Responsibility of Hospital Managers to make sure that their Windows are sound, secure and absolutely proof against Intruders, as well as Draughts. It is the responsibility of Nurses and Doctors, in the long Hours they must have between dealing with Patients, to carefully note down all cracked, broken or out of date Windows they see, and report them to their Supervisors (not to me, obviously, as I am too busy working to make the NHS fit for the Ranks of exciting developing Nations like Ukraine and India which we are about to join post-Brexit).
I understand a number of slovenly Jobsworths in the NHS have complained that they cannot afford to fix the Windows in their Hospitals, because they do not have enough Money to treat their Patients. I have even heard Hospital Managers say they cannot actually reach the Windows in their Corridors in Winter, when the Weather is at its chilliest, because these same Corridors are blocked by sick old Patients on Trolleys. Might I suggest that if these same Managers took care to fix their Windows in Summer, when Windows may comfortably be left open without Fear of any elderly Person catching a Cold, they would not be troubled by so many Pensioners coughing and sneezing come January?
Money is not the Answer to the Question of broken Windows in Hospitals. If Money were the Answer, I would, of course, have come up with a different Question. The Answer is to shift Resources from unnecessary Parts of a Hospital’s Spending to Front Line Services. As we who would almost certainly have fought in the War know, the Front Line is the only Line actually involved in Fighting Battles, and all other Lines, such as so-called 'Supply Lines', carrying 'Ammunition' and 'Food' to the Troops, are nothing more than a Scam to rip Taxpayers off. Fancy modern high-tech Windows with all their Bells and Whistles, like working Locks and complete Glass, are a luxury Taxpayers cannot afford. Answer me this: if they are forced to fund, through their Taxes, a universal Health Service free at the point of Delivery, how are Hard-working People expected to cope when a serious Family Crisis like Illness comes along?
During the Industrial Revolution, the Factory Owners, Imperial Adventurers and Landlords who made Britain great did not let Details like broken or even missing Windows obstruct their Drive for Enrichment. Hard-working People and the Subjects of our Dominions improvised. I have heard it said that Patches for the Windows used by the NHS are no longer available. Come on! Has nobody in the NHS heard of Cardboard?
Comments
-
14 May 2017
at
8:07am
Martha12345
says:
Delicious!
-
14 May 2017
at
6:17pm
SandyTB
says:
As ever, whenever something goes wrong with the NHS, it is attributed to lack of funding. Perhaps we should be looking for good old fashioned incompetence? The NHS employs a large number of IT staff, a fair proportion of whom are, presumably, genuine IT professionals, who would be completely aware of the fact that standard IT products of low quality have, for some years, been becoming ever-more essential to the running of clinical practice. These systems have, effectively, become what is known to IT folk as "safety-critical", and there are well established rules for the testing and maintenance of such systems.
-
14 May 2017
at
7:48pm
Stu Bry
says:
@
SandyTB
Firstly the virus is an NSA weapon - similar to stuxnet - which was leaked out. It is a weapon designed by the same people responsible for creating the computer code which our society now depends upon and I doubt that the solution is as simple as updating your anti virus software.
-
15 May 2017
at
7:19am
Jake Bharier
says:
@
SandyTB
Even IT staff have to work within allocated budgets, and I suspect that a significant allocation would be required to upgrade, not just the XP operating system, but all the bells and whistles that James mentions.
-
16 May 2017
at
1:12pm
whisperit
says:
@
SandyTB
To blame "old fashioned incompetence" explains nothing. Besides, is it credible that IT Managers in the NHS are uniquely incompetent - so much so that they are incapable of acting upon something even "any sensible private individual would"?
-
16 May 2017
at
5:39pm
snowleopard
says:
@
SandyTB
Long time ago I was the IT support on the ground for a university administration department. My boss (no IT background) tore up my plans, cancelled meetings with users, changed the spec of the PCs that I ordered for cheaper ones that failed to run our software. Guess who lost her job.
-
16 May 2017
at
7:15pm
Alex Morrison
says:
@
SandyTB
Two relevant points:
-
17 May 2017
at
10:32am
Steve
says:
@
SandyTB
Although there may well be some lack of competence in the NHS, lack of funding is probably its root cause. Inadequate funding means overworked staff, less time for training and constantly diverting funds for infrastructure to cover immediate shortages. Some years ago I had a temp job going around to different GP surgeries extracting data to identify patients vulnerable to 'flu. Each surgery had a different system and the staff were never trained properly to use the system - they usually knew just the 2 or 3 tasks that got them through the day. These were conscientious, dedicated employees but doctors told me they just couldn't afford to send staff on expensive training programs.
-
1 June 2017
at
12:53pm
LTK
says:
@
Steve
The practical problems you report from GP surgeries sound more like issues of organisation, structure and culture than funding per se. It is more expensive to maintain a different system in every surgery and it's more expensive to have staff who can't efficiently use your systems.
-
15 May 2017
at
7:29am
Ally
says:
Software Refresh is an item of proposed expenditure easily discarded by management in budget planning.
-
15 May 2017
at
6:42pm
Graucho
says:
Amazing how little of the brown stuff has been thrown in Microsoft's direction.
-
16 May 2017
at
12:38pm
whisperit
says:
@
Graucho
Very true, although these products do not have to "faulty" as such. Long term stability is anathema as the built-in obsolescence of IT has been entirely reframed as a positive good - the requirement for continual upgrading "coincidentally" providing a perpetual source of income for systems manufacturers.
-
16 May 2017
at
3:41pm
John Cowan
says:
@
whisperit
There are, of course, sources of long-term stability in IT, but you are right that MS and its direct competitors don't want to see those in use.
-
16 May 2017
at
3:54pm
davep@davelinux.info
says:
@
whisperit
That's MS, though. Linux distributions are upgraded on a regular basis and some are rolling releases. Surely it's not beyond the wit of IT managers to develop in-house Linux systems - after all, they have the examples of NYSE, LSE, Google, Facebook, Amazon (I do baulk at including the names of those alleged tax avoiders). The time has past when nobody got sacked for buying MS.
-
16 May 2017
at
8:12pm
Paul Cairns
says:
@
davep@davelinux.info
Yes, but: MS does roll out security and other important upgrades routinely and all the time, however - it is standard practise for big organisations' IT sections to block those (for 'stability' reasons etc)
-
16 May 2017
at
8:24pm
Paul Cairns
says:
@
John Cowan
Well, I run a 16 year-old computer running an even older (MS) operating system. If I ran such a car (for example) it would be called 'classic' - a collector's item. Anyone who has worked at the sharp end of software development will understand that the likes of MS do nothing unreasonable. Far from it, they are actually near paragons of public duty and responsibility (alongside making often quite handsome profits at the same time). Try supporting code written (by people no longer around) in a different era now being put into service in an entirely different technical context ... No, try it! Come back when you have been there and have the tee-shirt.
-
16 May 2017
at
5:13pm
Dectora
says:
Sandy TB. You are having great fun blaming IT and suffer from the delusion that all the NHS requires is efficiency savings.I think that a reading of Henry Marsh's two memoirs might be more enlightening than a bit of finger-wagging at IT in the NHS.
-
16 May 2017
at
8:00pm
Paul Cairns
says:
The key point is that all large organisations with extensive IT networks running a hotchpotch of software (most essential in some way) suffer from the same problem of 'upgrade inertia'. It's just the same in the 'thrusting' private sector - I know, I used to be there, trying to use software invariably several major releases behind the times. Big organisations are characterised universally by extreme conservatism when upgrading software. There are some good reasons for this - indispensable applications may stop working when other key system components are updated. It can also be due to empire building within organisations. It is the norm, however - so the NHS, even persisting with XP, is merely typical. Finances do play a part, as well. Getting everything up-to-date can be eyewateringly expensive and requires a lot of clever dedicated people. So don't be unreasonably hard in your judgements. At least every system seems to have been restorable - a genuine triumph in itself.
-
16 May 2017
at
8:29pm
kooijman
says:
Wasn't Brexit going to solve the problem of financing the NHS?
-
18 May 2017
at
7:39am
Paul97
says:
Why does LRB imagine its readers are on the left and would enjoy this codswallop? LRB commissioned a review, I read, of a book by Sir Roger Scruton and then didn't publish it because it was not hostile enough.
Read moreThe abject failure of senior IT staff in the NHS and Department of Health to recognise this and do something about it (e.g. the sort of thing that any sensible private individual would, and can do to protect her own cyber-security, viz: ensure that your software is kept up to date) is the real fault behind this disastrous episode.
It is, of course, very satisfying to pilory Jeremy Hunt for this, and I have no doubt that he has done lots of things that deserve pilorying, but this isn't really one of them. It is unfair to expect a mere politician to understand these things.
Secondly Hunt should be pilloried all day and every day due to book he published which outlined a plan for NHS privatization. In a disgusting government which features a professional liar as Foreign Secretary, a climate change denier in charge of the environment, a treasonous toad with responsibility for international trade and a Minister for Defence who seems to be channeling Dr Strangelove Hunt manages the impressive feat of being the most repellent cabinet member.
It may not be incompetence. At which table do IT folk sit in an room full of surgeons, doctors, nurses, administrators.... Perhaps below the salt?
It is more helpful to see how the system as a whole works to make even "sensible" precautions horribly difficult. Ally's comment below provides a good chunk of the answer, but as well as short term planning and budgetary cycles, the NHS is subject to politically-led initiatives which demand instant responses (before being replaced equally abruptly) and networks which are not just huge, but deeply fragmented.
Virtually everywhere, the NHS must attempt to allow data inputs from thousands of users based in multiple sites, using drastically disparate hardware and software systems - remember that every GP surgery operates as an independent contractor. On top of this, we have suppliers which are no longer part of a unified Health Authority, but independent contractors governed under Service Level Agreements, often supplying many other customers and services. When the internal market was brought in and the old Health Authorities attempted to prefer in-house services, Tory governments moved to prevent this, preferring the benefits of "free market" tendering over continuity.
There is no performance indicator that credits managers for ensuring long term stability. The incentives are all for short-term performance - money saved from this year's expenditure and points achieved in hitting the targets dreamt up for the latest government wheeze.
1) Jeremy Hunt should know about this. His background includes owning and running an online education service.
2) From what I know from working in the industry, IT in the NHS is a nightmare patchwork of legacy systems that has been greatly neglected. Development is hugely hampered by the way the NHS is organised - as witness the vast failure of the attempt to computerise patient records. One consequence of this is that it is very difficult for the NHS to attract decent IT talent. Who would want to work in a decrepit labyrinth when there are many more attractive employers offering good salaries and prospects? The current government may not have caused this problem. It dates back many years. But their regime has done nothing that I can see to make it any better.
So, yes, Jeremy Hunt has a case to answer. And the government know it. Hence the way that they fiedled Amber Rudd to give the first official responses.
And although Operating System providers may seem to be helping, the truth is they've got it made. Software can be released bug-ridden with patches coming later, sometimes too late and it has become the accepted norm. Often the patches are so numerous and cumbersome that the hardware struggles to cope - the solution? Update your hardware and buy the next version of the O/S. The Hackers and the NSA simply use the defects the O/S providers have left in the code.
I think you're highlighting three different problems, none of which are directly funding related:
1) The NHS is hugely fragmented so there's not a central body with the authority and clout to mandate some level of harmonisation of systems or at least enforce minimum standards.
2) The NHS is tax-payer funded and so inevitably part of the political process. This means that for example forcing all surgeries to adopt the same system, which would be beneficial overall but be difficult and expensive for some, would result in endless negative headlines about the problems even if massively outweighed by the benefits.
3) The absence of a culture where managers are constantly working out if spending more on technology or training would, to be blunt, enable let them fire people.
I have spent far more time than I would like in a number of hospitals over the last two years for a chronic condition and have been constantly gobsmacked at how many people there are doing tasks on antiquated systems or on paper that would be done better by a computer alone for one tenth of the cost in any private body. I understand that the pressures of an aging society massively outweigh any possible saving from efficiency but good heavens my experiences have left me convinced that there is an awful lot of efficiency savings available.
It brings no tangible benefits to the organisation. It involves new costs: PC units themselves, associated units (possibly very expensive gear) whose own vendor may itself not have a supported upgrade path; every interconnected dependency needs to be retested, every difficulty multiplies the project effort and duration. All pain and no gain. If you’re management, what’s not to loathe?
Without tangible benefits, a business case can only be based on mitigation of risk. But it ain’t happened yet, so, in management groupthink, can’t the issue be avoided for another budgeting year? Striking a red line through the Refresh even feels good to managers, justifying their existence by making hardnosed decisions to focus expenditure on their pet developments which deliver real benefits (or so the constructed business case claims).
After all, each manager usually has a 3 year horizon before their portfolio careers moves them onwards and upwards. Rational management means never having to say you’re sorry.
Now that it has happened, though, individuals who’ve been collecting salaries for IT Risk Management are going to be fidgeting uncomfortably as they dig out what their documents said last year, and the year before, about risk likelihoods and mitigation plans, both for obsolete software and ransonware phishing. Was the risk likelihood properly assessed? In financial services, where there is a regulatory reporting obligation, the Financial Conduct Authority identified a massive rise in numbers during 2016. But the IT Risk Manager will probably evade responsibility: the NSA’s Eternalblue plus ransomware can be presented as an unpredictable bad combination and the number of peer orgaisations also caught out will provide safety in numbers.
A car manufacturer that sold faulty goods with the regularity that they have would have gone out of business years ago.
I hope that when Hunt achieves his purpose, privatisation, you have enough spare money to purchase private health insurance.And are prepared for such delights as 'co-payment' as well as 'exclusions'.