Tuesday, August 09, 2011

Where Is the Risk Management in the PCEHR Program? I Think We Need A Lot More!

We have just run a poll on the blog asking the following question:

Should There Be One Or Two Large Scale Pilots Of the Full PCEHR System Before National Implementation Is Attempted?

70% or respondents say absolutely and a good number more are saying ‘probably’.

The point of the question was to highlight the rather absurd approach NEHTA and DoHA are adopting to managing the risk of what is a pretty large IT project.

If you think the PCEHR is conceptually a reasonable and practical idea, which I emphatically don’t, then at the least, when implementing you should mitigate all foreseeable risks as fully as you reasonably can.

Right now we have the Wave 1 and 2 sites all beavering away on various little bits of what is planned to ultimately a completed PCEHR in the absence, as far as I know, of even an agreed standards framework for implementation - let alone a unifying technical architecture.

What we have is some high level box diagrams linked with some lines and some three minute conceptual videos explaining how it is all to work.

All this can be accessed here:

http://www.yourhealth.gov.au/internet/yourhealth/publishing.nsf/content/pcehr

It seems to me there are a large number of unmitigated risks with all this right now. These include:

1. The absence of any Council of Australian Governments agreement to the shape of and continued funding of the PCEHR (or NEHTA for that matter).

2. The lack of any evidence base on the PCEHR approach to guide decision making.

3. The lack of a fully developed Governance Framework that has community understanding and support.

4. The lack of any reasonable scaled pilots of a complete working system so that the inevitable issues that arise during implementation can be addressed early and at reasonable cost. Just steaming ahead with a national implementation is both grandiose and stupid.

5. The lack of any real analysis of just what sort of adoption levels can be expected so proper provisioning of technical systems and services can be planned

6. The lack of much in the way of provider support in the absence of substantial incentives to cover the additional costs that will be borne by practitioners, State Health Systems and information providers.

7. The present lack of readiness of many of the proposed NEHTA infrastructure components and the lack of, at scale, testing of these components.

8. A lack of E-Health literate staff on a national basis to support the over-scaled national implementation.

9. A lack of any approach to the proper curation of health information in a shared, updateable clinical record environment.

10. Some considerable concerns held by some State Governments - see article from two days ago here:

http://aushealthit.blogspot.com/2011/08/victorian-government-is-not-thrilled.html

I wonder does a risk mitigation plan that addresses these issues exist? I doubt it.

I could go on for pages - but the bottom line is that you need to have implemented a full solution at modest scale to discover what works, what doesn’t and what mid-course correction might be needed.

To just rush on ahead with all this is really very unwise and potentially very wasteful.

David.

10 comments:

Anonymous said...

David, you obviously have not read NEHTA's response to the questions on notice from the last Senates Estimates committee hearing, or fully comprehended NEHTA's current Strategic Plan.

All is spelled out and clarified there in great detail, so please don't worry yourself and lose any sleep as all is in good safe hands and will be alright on the night come June 30th 2012.

Despite the many chicken little’s and cries of wolf, DOHA and NEHTA have this well and truly under control and the tax payers can be assured their hard-earned money is hard at work and benefitting the healthcare sector immeasurably.

There is no risk here, and there will be no issues emerging, so please just move along while the professionals take care of the real business of e-health.

All is well that ends well, and the PCEHR will be a resounding success come July 2012, you just wait and see!


Regards,

"Student" Bureaucrat

B said...

David,

The PCEHR is not an IT project. The PCEHR is an Information Management project. IT is just the mechanism for managing an health record.

Considering a health record has not been defined, nor has its behaviour, nor has its access controls, it is highly unlikely that an IT system can be built to manage such an ill defined entity.

And IMHO, the most dangerous feature of the PCEHR ConOp is what it does not cover - what happens when things don't work as expected or which go wrong because of data mismatch problems, disputes between doctors and patients, doctors and other doctors, specialists and doctors, specialists and other specialists, etc, etc.

It's bad enough that the PCEHR is poorly defined for when it is supposed to work properly. It's even worse that there is nothing about what is supposed to happen when it doesn't work properly. This is a much harder problem and will take more effort to sort out than the "as expected" cases.

It's a classic example of an large IT project with poorly defined and changing requirements.

And while I'm at it, the biggest risks in a risk management strategy are those risks that the project managers haven't identified and/or don't understand. And there appear to be lots of those in this project.

Dr David More MB PhD FACHI said...

Dear "Student" Bureaucrat ,

Thanks for that. We will all see in 11 months. I will put a stake in the ground and declare you are just a little ignorant of the facts. That was being kind by the way.

Don't take it personally - you just don't know what you are talking about Use your real name and we all might take you more seriously!

BTW I know this could be just a student 'wind-up' so I don't expect a considered non-anon response!

Cheers

David.

Anonymous said...

David

The ConOps submissions were meant to provide NEHTA and DOHA with feedback which they could use to help keep the PCEHR on-the-rails so to speak.

After carefully reading DOHA's Report on the "Analysis of Key Themes - ConOps Submissions" I see a high-level, fluff & puff, document which says not very much. If you have a PDF version at hand perhaps you could make it accessible for your readers to form their own opinion.

Anonymous said...

I think the "Student" Bureaucrat is already a fully fledged Bureaucrat because with attitudes like that you are well positioned to lead the next Pink bats fiasco or arrange for some expensive school halls to be built.

There is no record of success in the last 10 years by any government IT program of this scale and ignoring the lessons of history means they will be repeated. In fact it appears that all the proven silly things to do have been done...

This is an IT project, a 7th grader could have the vision, what we need to solid proven technology to make it happen and we have a pile of hodge podge projects and unproven specifications. The chances of real success are close to zero, but perhaps that's the twist, I dare say you have the plans of how to move the goal posts up your sleeve. Success to a real Bureaucrat is a PR Exercise. I suspect you are going to have a different type of PR experience coming your way however.

Anonymous said...

So much tax payer money has been burned already - what's a few more hundred million amongst friends.

Napolean

Anonymous said...

It seems DOHA and NEHTA have come up with an alternative way to manage the risk of the PCEHR. There was a rumour circulating at HIC last week that the PCEHR infrastructure partner selection process was abandoned half way through, in favour of an alternative to lift and shift the Singapore NEHR to Australia. Copy and paste - hey presto - here's a PCEHR I made earlier.

Only a rumour, but if true, I'd be pretty worried considering Singapore regards privacy as a quaint concept reserved only for the mega rich and politicians.

Anonymous said...

Man, I missed that rumour. How disappointing, I love to hear such wild and baseless rumours

Dr David More MB PhD FACHI said...

I agree is it probably not true. More likely to see a major systems integrator with a tweaked US Health Information Exchange package solution.

David.

Anonymous said...

So it seems the rumour at HIC may have been true - Accenture, Oracle and Orion announced as the winner of the PCEHR. That's the same combintation as the Singapore health record.

http://www.itnews.com.au/News/266723,exclusive-accenture-wins-national-e-health-it-contract.aspx