By Graeme Wearden, 15 November 2004 17:15
NEWS The National Health Service reacted strongly on Monday to allegations that its massive IT upgrade has been hit by security problems that threatened to compromise patient confidentiality.
The Sunday Times claimed this weekend that trials of a flagship project that allows patients to pick when and where they are treated, and by which medic, have been suspended.
According to the report, medical staff testing the "Choose and Book" appointments system had discovered that it allowed a doctor to view the medical details of any patient, and modify them. Choose and Book is an important part of the National Programme for IT (NPfIT).
But the NHS insisted on Monday that the pilot projects were ongoing, and accused The Sunday Times of "a most irresponsible piece of journalism".
A National Programme spokesperson said: "The Choose and Book project, part of the NHS National Programme for IT, has not been halted." He also added that confidentiality and information security were top priorities.
"State of the art controls are being used to ensure that only the clinician directly involved in giving a patient care will be able to see their records. Even then the patient can chose to have certain sensitive medical information kept in so called "sealed envelope" which no clinician can access without the express consent of the patient," the spokesman said.
But The Sunday Times quoted a leaked memo that it claimed stated that doctors were refusing to take part in the trials, because of the "fundamental design flaws" in the project's software.
The NPfIT has a controversial history. It is the largest IT project in the UK, and last month there were reports that its final cost could rise from £6bn to £30bn. Choose and Book has a reported budget of £65m.
Comments
There are 4 comments. Join the discussion
1. anonymous
why does the goverment go on using the same failed consultants,what mugs!
2. Darrall Pullen
Do I have confidence in the Muppets running NPiFT? NO categorically not. If the project wants to truly test its security model then I suggest you go beyond the norms for security testing. May I IMHO suggest that you try the following:-
Given that this is probably the biggest ever IT project from the UK government that they lay aside a £1m prize for anyone who can demonstrate a security flaw that allow access to the details of patient information or penetrates the NPfIT infrastructure. That is bate for anyone enough to prove how insecure this project is. Heck for £1m I will even do it myself. I've undertaken similar initiatives myself (in a previous life)for financial institutions including 'world' stock exchanges (legitimate I must add). The weakest links ALWAYS get overlooked especially by the 'Big boys'!
3. anonymous
The NHS keep using the same consultants because nobody else wants the job.
The restrictions put on the contracts make it almost impossible for small, nimble companies to tender and because Government tenders are always badly written you need to have the financial resources behind you to fight when things go wrong.
4. Rob Davidson
the new NHS booking system takes on average 47mins to complete for each booking and because of security issues,most input has to be done by the doctor.The system will never be economical for the doctor to use