Aside from the hoohaa about consultants, there is some interesting freedom of information disclosure on pretty well all consulting contracts with DoH and NHS PASA. The full table has some fascinating detail on it.
Monthly Archive for August, 2009
There’s a brief primer on about any management methodology you might have come across. I wonder whether any of them stand up to the simple English test?
The authors think so, and I can see their argument that larger organisations provide space for individuals to leverage up their skill set and activities through direct interaction with their colleagues. However, it is not clear to me that the current structure and type of large businesses is required to help this interaction. Yes, trust-based relationships are currently overwhelmingly face-to-face (at least when they were formed) but does this have to be necessary?
Sweden sounds to have a sensible solution to the security issue on medical records:
- Require the patient to consent to access (at doctor and nurse level) each time or for a limited period (save in emergencies, but log that it was an emergency).
- Log everyone who accesses a record for any reason.
- Make certain elements inacessible depending on the work being done.
I like this approach as it fits with my trust-based model: you are assuming people will do the right thing, but allowing a full audit trail if anything does go wrong. Yes, I could borrow someone’s card and password and access your record illegally, but how is that different with paper records? The question is how we would deal with this illegal access: the card holder would be the immediate suspect and would deny it. How could they prove their innocence? But I guess they’ve let their card get into my hands, so should not be allowed to access this kind of data without a cool-off period and training. If it happens to them again, then it should be a “three strikes you’re out” situation.
Pedantic point: NPfIT is far wider than the electronic patient record (what about the N3 network and digital imaging – PACS). The Swedes are doing EPR but not the other things (well they have an N3 equivalent, but separately).
Some useful commentary from McK on helping the public sector find the potential 30% procurement savings and some reflections on lean as a route to improvement.
Some really sensible guidance on security for applications where personal and / or valuable data is involved. I like the call for trusting users (critical in my experience) and the suggestion to verify through retrospective audit. Some clear pointers to setting up safe havens, which seem to help with the issues of multiple administrators on systems.
Interesting chart from Jerry Fishenden suggesting that productivity has not improved in the public sector despite the vast investment in ICT (and in the public sector overall). The interesting question: how to invest for efficiency?