Taking the temperature of UK healthcare at the annual HETT exhibition
With thousands of attendees, the annual HETT (Healthcare Excellence Through Technology) exhibition at ExCel London, provides a fantastic opportunity to take the temperature of the healthcare sector and its use of IT.
This year we asked the panel of the ‘Establishing a culture of security, privacy and compliance’ session to share impressions on the issues raised, the trends emerging and the solutions being implemented. Panellists Andy Kinnear, ex-NHS CIO, Amanda McGaffey, Imprivata FairWarning, and Andy Wilcox, Imprivata International Product Marketing Manager, still found many challenges ahead… but have detected ‘green shoots’ emerging.
Andy Kinnear: At the time of the HETT exhibition (September 24-25th) the new government had only been in place for about 80 days, yet Lord Darzi’s ‘Independent Investigation into NHS Performance’ report had just been published. The review is impressively in depth given how quickly it was produced and I welcome the report’s “tilt towards technology” as an enabler of efficiency and innovation. I just hope that this will be backed up by supportive funding in the October Budget in a few weeks.
Frontline staff sometimes see the security, privacy and compliance elements of any digital solution as a burden but in my view that simply creates a leadership challenge. I don’t think that’s a failure with the technology per se, but a responsibility of CIOs, CXIOs and those in leadership roles who need to better articulate the vision and explain why the security elements are necessary to build a safe and secure digital health environment. It’s about painting the right picture and showing how everyone is involved.
Amanda McGaffey: Yes, my experience at Liverpool Women’s NHS Trust is that it was a struggle to get clinical staff to attend even the annual one hour sessions we ran on information governance. Yet the myriad data breaches we’ve seen across the NHS in the last year provide sobering proof as to why such sessions are important.
We all recognise the daily clinical pressures but when there’s a cyber attack the effort needed to implement workarounds is huge, the quality of healthcare provision dips, and staff and patient data is at risk. Management needs to instil the idea that it’s everyone’s personal responsibility to protect themselves, patients and their organisation. ‘Digital wellbeing’ is important too.
Andy Kinnear: Absolutely. Many of the recent cyber security incidents and data breaches have happened through links with third party suppliers, raising the question as to how we can safeguard the NHS against problems with other organisations’ systems and staff.
Such topics need to be, and often already are, vital parts of the procurement and contracts processes. But we also need to build deeper relationships with our supplier community. We need them to recognise the weight of their own responsibilities to the public in providing safe and secure services. It is a team effort.
Amanda McGaffey: Indeed, but it can still be an inhouse struggle to keep track of who is accessing which data. Internal breaches are happening but monitoring of this is often not up to scratch. The NHS itself needs to improve auditing of internal access order concurrently with opening up to suppliers, other NHS organisations and patients. The answer is often in improved policies, procedures and training therefore, changing the culture of how we view data and respect privacy.
Andy Wilcox: Yes. The provision of care is increasingly complex. Managing the suppliers who support delivery is now a critical job, especially when vulnerabilities in the supply chain are being targeted by criminals.
This year’s show comes at the start of a new government’s five year term. Any new administration is going to unlock a lot of pent up hope and the NHS is likely to be less of a political football at least for a while. I’m hoping that there’ll be a more medium and long term view taken.
We need a shift away from stop/start annual budgeting. Some of the challenges we face need solutions that will take several years to deliver. This requires ongoing investment support. There must be better longer term project plans with realistic milestones and measurement over multiple years.
Andy Kinnear: We have to remember that when the NHS last hit high performance and favourability ratings was around 2009. That was about twelve years into the then Labour government’s term following Blair’s success in 1997. It had taken that long to make progress and given our starting point today, again it will likely take a decade or more to deliver some of the fundamental changes needed, to fully harness the rapidly evolving enhancements in technology, and make them part of day-to-day working.
I’m sensing that to gain the ‘right’ to take a long term position, there will need to be quick wins too. These will build up credibility and convince all our stakeholders of better times ahead. It’s a case of pointing to things which have worked to engender trust in how more fundamental, longer term issues are being addressed. This will hopefully counter some cynicism I’m hearing about yet another new long term plan being introduced.
Some of the early efficiencies could also come from organisational change. For example, I read recently that somehow we’ve got to the point where there are half a dozen ArmsLength Bodies (ALBs) with a responsibility for patient safety which makes no sense at all…
Amanda McGaffey: …Oh yes, when I was working in Liverpool we faced a multiplicity of audits with different processes all asking for basically the same information. It does seem an opportunity to take stock and question the way the NHS has evolved organisationally. Many cities have multiple large NHS Trusts with differing systems and approaches. Where I live, I can easily walk to four different GP practices, yet it’s still hard to get an appointment at any of them.
Andy Wilcox: It looks like we still need more simplicity and integration – and digital solutions have a huge part to play in making that happen in a safe, secure and auditable way. The integrated care systems approach still appears to be the way forward.
To sum up our discussion: there seems to be an ongoing leadership challenge in successfully delivering digital. Security and governance are of paramount importance in digital solutions. NHS staff and suppliers need to realise the weight of the issues and their responsibilities as part of the answer. Such concerns need to be built into procurement processes and contracts. Budgets and projects need to extend over multiple years to enable fundamental change. Organisational change and integration are also key elements in delivering efficiency.
Well, we seem to have put the world to rights! Should we arrange to meet again at the 2025 HETT exhibition to see what happens?
But before we finish I’d just like to recognise how the industry came together at HETT to celebrate the life of Glenn Winteringham who led the digital development at the Royal Free Group of hospitals, the largest hospital group in London. We lost him to cancer in May this year. His legacy will be best served if we continue his focus on how digital services can enhance patient care and improve the experience for staff.