Sunday, July 02, 2017

Sunlight Is A Great Disinfectant - It Helps Get To The Truth And Stops Exaggeration And Deception!

This week we have seen the release of a couple of reports from the Australian National Audit Office (ANAO) and this, as far as I am concerned has been all to the good!
First we had the release of a report on the controversial government portal myGOV.
There is a report of the findings here:

Audit gives myGov a tick, despite budget blowout

Benefits of service are hard to quantify however, audit finds
Rohan Pearce (Computerworld) 27 June, 2017 13:38
The government’s myGov digital service portal has been the subject of a largely positive audit, despite the project costing more than estimated and its benefits being difficult to quantify.
myGov launched in May 2013 and can be linked to a range of online services offered by government agencies, including the Australian Taxation Office, Centrelink, Medicare, the National Disability Insurance Scheme and the government’s My Health Record system.
The Australian National Audit Office today released its report on the service.
The system is operated and hosted by the Department of Human Services (DHS), while the government’s Digital Transformation Agency (DTA) oversees service strategy, policy and user experience.
The implementation of myGov “has been largely effective,” the audit concludes. By the end of the four-year project there were some 9.5 million users registered on the system, compared to a business case forecast of 5.1 million, the report notes.
However, the audit also offers details of a budget blowout for the system. The initial budget based on the myGov business case was $29.7 million for 2012–13 to 2015–16. Actual expenditure to June 2016 reached $86.7 million.
Higher than expected usage helped drive up operating costs, the audit states: “Departmental records indicate that the increase in operating expenses over the four years of the project — from $8.5 million in 2012–13 to $37.3 million in 2015–16 — was primarily driven by the costs associated with supporting the large number of user accounts (nearly double the forecast) and the improved high-availability infrastructure,” the ANAO report states.
A key weakness in the project has been the difficulty of assessing savings achieved by government organisations that are using the system, the ANAO found.
More details are found here and the direct link to the report is in the third paragraph.
Second we had the ANAO release its report on the National Cancer Registry

Australia's Telstra-run cancer register has no security, privacy plan

By Allie Coyne on Jun 29, 2017 11:38AM

Audit finds problems with Health procurement.

The federal Health department has no plan outlining how its supplier Telstra will manage the privacy and security of the new national cancer screening register, one year on from the contract being signed, the national auditor has found.
The Australian National Audit Office undertook an audit into Health's procurement of services for the operation of the register, which was last May awarded to Telstra for $220 million over five years.
It found that while Health had broadly complied with its obligations under Commonwealth and internal department procurement rules, additional costs as well as security and privacy concerns have resulted from key objectives not being met.
The department revealed in February that the register would not go live as planned in March, and was more likely to become operational in December due to a complex data migration process.
The ANAO today revealed this missed deadline - attributed to the "complexity of assimilating and migrating data from eight state and territory cancer registers into one register" - had resulted in extra costs for the Health department.
It has been forced to pay pathology providers an extra $16.5 million to continue providing pap smear testing until the new human papillomavirus (HPV) test for cervical cancer - which the new register will facilitate - can begin, the audit office reported.
The savings the national cancer screening register was meant to provide will therefore "be delayed", the ANAO wrote.
"Ongoing monitoring of progress and strong proactive management of the contract will be required if value for money is to be achieved in the establishment of the [register]," it said.
However, more concerningly, the audit office found that - a year after the contract between Health and Telstra was signed - the department still has no official documents outlining how data and privacy issues will be managed.
The $220 million contract required Telstra to submit a data protection plan within 40 days of signing it; a privacy policy or security risk management plan be submitted; that a deed of confidentiality and privacy be signed with subcontractors; and that Telstra staff with direct access to the register have appropriate security clearance.
The ANAO found that none of those requirements had been met as of March this year.
A data protection plan - a "key document to manage issues relating to privacy of data" - was submitted by Telstra within the 40-day timeframe and later revised, the audit office said, but it was formally rejected in December last year on the grounds that it didn't fully comply with the contract requirements.
The Health department has still not accepted a data protection plan from Telstra, it said.
Health is uncertain whether Telstra has signed deed of confidentiality and privacy documents with its subcontractors, because a register that monitors this compliance is incomplete, the audit office said.
More here with a direct link to the report in the second paragraph:
All this led me to wonder about the myHR which is now 5 years old just yesterday.
A visit to the ANAO web site unearthed this undated document.

Digital Health Records

Potential Audit
Portfolio: Health
Entity:  Department of Health; National E-Health Transition Authority (NEHTA)
This audit would examine the implementation of the revised digital health records system, known as myHealth Record, which received an additional $485 million in the 2015–16 Budget; and whether a sound strategy has been developed to measure and realise the claimed benefits of this system—savings of $2.5 billion per year by 2025, with an additional $1.6 billion in annual savings delivered to the states. The audit would also examine the role of the National E-Health Transition Authority (NEHTA) as the lead organisation supporting a national vision for digital health for Australia.
The successful implementation of digital health records offers scope to improve the efficiency of health care delivery and patient safety. It is also part of the Government’s digital first policy, aimed at making government more efficient and responsive to citizens’ needs.
Here is the link:
All I can say is we need to bring it on. Five years and a billion or so dollars is long enough to go without a hard look!
David.

43 comments:

Anonymous said...

Have they not already washed their hands and accountability? NEHTA no longer exists. The ADHA has rephrased the benefits. I would be more interested in an audit of the ADHA, how did they manage the establishment of the entity, how well are they managing finances and how well have the managed staff, be very interested in legal fees paid to date.

Anonymous said...

I would have to agree with ANON 5:54 PM. If the following add is a measure then this organisation is truely in trouble

http://allegisgroupapac.com/astoncarter-digitalhealth/positions-available

Anonymous said...

9:29 PM. For a position vacant advertisement that is shocking, I am not sure quite what the role is? And they do repeat themselves a bit, what amateur run design and innovation?

There also seems to be yet another PMO, another signal the CEO has lost command, text book failure. Something tells me they are years away from being equiped to run an office network let alone the MyHR opt out

Anonymous said...

Consistency is something at least, even sloppiness provides a known quantity I guess.

Bernard Robertson-Dunn said...

Interesting.

The Required Qualifications, Skills and Experience section is all about technology; nothing about health, healthcare or health informatics.

Nothing has changed. Just like NEHTA, ADHA's vision is all about technology.

Maybe ADHA expects the person to learn about healthcare as they go along.

Dumb.

Anonymous said...

Maybe its a requirement that people at ADHA know nothing about healthcare. Tim and Paul might feel threatened otherwise.

Anonymous said...

Seriously What are they after, anyway there is to much going on at a local and state level to even bother working for that tin pot outfit.

Anonymous said...

11:29 PM "... And they do repeat themselves a bit, what amateur run design and innovation?"

Like 50% is a duplicated cut and paste of the other 50%.
Quality control ZERO.
Attention to detail ZERO.
Professional image ZERO.
So much for ASTON CARTER's credentials and professionalism. How much do they get paid for such sloppy work?

Paul Madden - have you washed your hands of the ADHA?

Anonymous said...

I would not place blame on Aston Carter, they don't write the dribble they post what the client gets, it is the Executive in charge that is accountable, seems we have a collection of has been from MTV and newspapers running healthcare IT their only creditials is a history of bad mounting a noble profession.

Anonymous said...

1 year has passed, seems Tim and his team are struggling with basic business operations. The above is just another example of a very worrying pattern of poor management and leadership IMHO. It is not exactly a massive organisation. I would if any of them have experience in this sort or area. It's one thing to twitter and post editorials and swan around talking TO people, it is another to be trusted to run a national entity, especially one with such a high level of responsibility. This sort or sloppiness had better not find its way into products and services being asked to be adopted by healthcare workers.

Anonymous said...

Rather than quibble over a few clerical errors and management mishaps. Lets see what comes of tomorrow's developer launch. I hear big things are planned, a truely inspiring innovation hubs that brings together all stakeholders, products and development environments. If the pull this off then we have a chance, if it is simply a concept in progress then, well we can judge Wednesday.

Anonymous said...

Developer Partner Program Launch 4.0 pm to 7.00 pm tomorrow Tues 4 July in Melbourne, Sydney and Brisbane are fully booked.

If you can't get in you should be able to follow the ADHA WEBCAST 4.0 - 7.0 PM on this link:

https://www.digitalhealth.gov.au/news-and-events/events/livestream-developer-partner-program-launch

It should be a great show.

Bernard Robertson-Dunn said...

How does the strategy fit in to all this? It seems a strange order in which to decide and do things. Will the strategy be the last thing they announce?

Anonymous said...

Bernard, a series of reviews, walk out of clinicians, and an obvious mismanaged organisation has never stopped them before, why would a box ticking exercise like a strategy get in the way?

I am keen to see how they address this - https://conversation.digitalhealth.gov.au/

Scroll down to - How could the use of digital services such as health apps best be managed?

Somehow I cannot see the EGM for design and innovation letting the clinical mafia get in her way.

Bernard Robertson-Dunn said...

And talking about strategy....

If there are any developers reading this and are planning to participate in the Partner Program Launch, could you please ask ADHA what plans/strategies they have for protecting MyHR against cyber attack?

If anyone thinks it can't/won't happen, read this for background:

http://www.smh.com.au/comment/the-web-belongs-to-the-bad-guys-and-getting-it-back-wont-be-easy-20170703-gx3cl6.html

The obvious approach is a well patched/protected, distributed architecture that lets healthcare workers work independently in the case of power/communication disruptions, emergencies etc, but that doesn't fit in with the government's grab for health data.

Bernard Robertson-Dunn said...

Anonymous July 04, 2017 9:19 AM

Look at this week's poll.

The ANAO will one day have a close look at the miserable failure that is eHealth in Australia over decades.

David's blog will probably be used to inform ANAO when they try and work out why public servants continued flogging a dead horse in the face of well informed and expert opinions. That's one of many reasons why I ask questions and voice my views on this blog to make sure that the above mentioned public servants can't say "nobody told us". Others may not have the same motivation, but their contributions will be very valuable to ANAO.

Compared with the Australia Card and the Access Card fiascos which died relatively quick deaths in the light of well informed opposition, the Department of Health has continued to pour money into MyHR, not only wasting that money but preventing real progress in the area of healthcare transformation.

Anonymous said...

July 03, 2017 9:47 PM. Well can't say I was blown away, nice project update I guess but I was expecting a bit more.

Anonymous said...

Clearly lacked coherence and strategy, a long way to go.

Anonymous said...

I personally found that extremely informative, I had no idea that vendors lacked engagement with users when developing their products and clearly have less than robust development environments. The fact the ADHA has spotted this and will know create the tools, events and access to clinicians and consumers can only be applauded. I know I will be raising this with our provider and seeking answers to why software is built without applying better practice development methods.

Anonymous said...

ANON 8:15 AM. I don't think that was the intention. I am sure it can foster the sharing of ideas and stimulate a shared approach to UI design but it's not to take over or impose UI on vendors and their clients. They are though permitted to do so with the MyHR, but the information design will prove a challenge for them.

Bernard Robertson-Dunn said...

IMHO the problem with MyHR is not with the UI, the design, the technology and/or the software.

The elephant in the room is this question:
How do you get relevant, accurate, up-to-date information into the system and keep it relevant, accurate and up-to-date? ePIP is useless - all it does is get GPs to upload potentially useless and sometimes dangerous data to MyHR.

Opt-out will only register users. Getting them (and their GPs) to put the not insignificant effort into maintaining and managing the information is a challenge not even recognised, never mind addressed, by the bureaucrats.

Dr Ian Colclough said...

"How do you get relevant, accurate, up-to-date information into the system and keep it relevant, accurate and up-to-date?"

That is, and always has been, the very essence of the raison d'etre underlying an individual's shared electronic health record [SEHR] which can be accessed, updated and relied upon, by the individual, carers, carer-recipients, the GP and other health service providers.

Somewhere, along the way, for 'very many reasons' architects, designers and managers lost sight of this crystal clear vision.

It is not too late to fix the problem. To my mind the steps to do so are patently obvious which I would be happy to share with the ADHA at any time.

Bernard Robertson-Dunn said...

A second question.
How many Australians are willing and able to keep the data in their health record relevant, accurate and up-to-date?

Looking at the statistics, my estimate is that there are only about 450k relatively current Shared Health Summaries in MyHR. That's fewer than 10% of those who are registered.

Anonymous said...

I think one of the " '.... reasons' architects, designers and managers lost sight of this crystal clear vision" was due to the desire to involve every conceivable stakeholder covering all levels of the health system all at once instead of in stages with the result that stakeholders at different levels (eg Government, bureaucrats, doctors, pharmacists, hospitals, vendors, etc.) had different, often conflicting needs and priorities, leading to a blurring of project scope and boundaries where all parties ended up taking their collective eyes of the ball (diluting the vision). Given the politics now prevailing is it possible to get back to and remain focussed on the 'essence of the raison d'etre" as Dr Colclough suggests needs to be done?

Bernard Robertson-Dunn said...

"...was due to the desire to involve every conceivable stakeholder covering all levels of the health system all at once instead of in stages with the result that stakeholders at different levels ... had different, often conflicting needs and priorities"

That's the definition of a wicked problem.

1. You can't solve a wicked problem in stages.

2. Peter Flemming (in)famously claimed that the health record was not a wicked problem.

I wonder if anyone in ADHA knows what a wicked problem is and what to do if you have one.

ADHA now has two problems:

1. The problem of how to progress MyHR

2. The problem that health records are supposed to solve.

both of which are wicked.

Good luck guys ..... you are really going to need it.

Peter said...

"How do you get relevant, accurate, up-to-date information into the system and keep it relevant, accurate and up-to-date?"
How does any health practitioner maintain relevant, accurate and up-to-date information about their patients?
The answer to both questions should be identical. The key relationship is between clinician and patient and any good clinician should be keeping good records anyway. In a well designed system everything else should be invisible. Explicitly uploading or double entry of data is a warning sign that something is wrong with the design. What and how sharing takes place is entirely different issue, but the practitioner should not need to enter anything other than a standard patient-visit report into his preferred clinical system. Ideally the system would be designed to minimise ANY entry by auto-populating fields and setting defaults. This is just good UI design and has nothing to do with ADHA or MyHR - neither of which impinge on the clinician's focus on the patient.

Anonymous said...

I think the ADHA strategy is becoming clear, interoperability will be about reducing the number of vendors. It seems clear who wears the pants and who will be forced out in secure messaging.

Telstra Health, which owns the Argus secure messaging service, has joined the other main secure messaging vendors HealthLink, Global Health and Medical-Objects, along with GP desktop software market leader Best Practice and medical specialist software market leader Genie in the consortium.

“We are very pleased to be leading a consortium to demonstrate an interoperable secure messaging solution,” Dr Foley said. “It will enable hospitals to send important clinical information such as discharge summaries to GPs and specialists and for information to be sent in the other direction.

Bernard Robertson-Dunn said...

Interoperability between real medical systems will take away one of the few (unintended) benefits of MyHR. Bring it on.

Bernard Robertson-Dunn said...

Peter said...

'"How do you get relevant, accurate, up-to-date information into the system and keep it relevant, accurate and up-to-date?"

How does any health practitioner maintain relevant, accurate and up-to-date information about their patients?'

That's the biggest problem with any health record system. By default it has to be assumed that data in a health record system could be wrong. Patients age, catch bugs, have accidents. Even a supposed health problem/diagnosis, on further investigation, could be proven to be incorrect.

No amount of automation, UI design or technology can change this unpleasant (to proponents of eHR systems) truth.

Andrew McIntyre said...

Its the persons GP that maintains the up to date list of diagnoses, investigations and medication and when the patient needs to see another practitioner the GP creates a referral that is customized to the person they are seeing. When that person is eg A podiatrist the results of their STD check, or psychiatrist assessment is not included, unless relevant and this preserves privacy.

Improving the quality and atomicity of referrals is the top priority in eHealth as then the practitioner who is referred to can base their EHR records on the referral and not start from scratch. The GP is the hub of the wheel and not the government MyEHR. The patient can be a spoke on the wheel and also get copies, but they should be private to the patient and the other spokes only receive the information they need, not everything. The MyEHR doesn't reinvent the wheel, but is trying out square wheels and the ride will be rough.

Bernard Robertson-Dunn said...

Andrew said: "It's the person's GP that maintains the up to date list of diagnoses, investigations and medication"

how does the GP know unless the patient goes to see the GP? Not all health system interactions/action are via the patient's primary GP.

Anonymous said...

We are very pleased to be leading a consortium to demonstrate an interoperable secure messaging solution,” Dr Foley said.

That is very generous of Telstra to allow the other bit players to be part of the Timsortium. Lucky you can always fall back to being GP Andrew.

Andrew McIntyre said...

Hi Bernard,

the healthcare system is mostly referral based and usually from the GP. Anyone else who sees the patient should communicate back to the GP so that they are kept informed. While this doesn't always happen, it should and mostly does. Specialist to specialist referrals often happen when there is an urgent issue, but the GP should be kept in the loop. So referrals can occur around the rim of the wheel but the hub should always be aware. eg I try and copy GP in to any blood tests done on a patient in hospital. I will often suggest referral in response to a non urgent issue, but let the GP do the actual referral. That is the way the system is supposed to work.

Anonymous said...

As a patient Andrew, I could not agree more, without my GP my family and I would be in a much worse place. I don't know what it is but just having them there to explain and discuss broader things is a god send. It goes far beyound just writing a script and ordering various specialists.

We are indebted beyond words.

Bernard Robertson-Dunn said...

Andrew, as in most automated systems, it's not the "normal" operation that causes problems, it's the exceptions.

My dentist prescribes antibiotics for me (under instructions from the surgeon who replaced my hip)

If I see a GP on holiday etc and they diagnose or prescribe something, that may or may not get back to my GP.

Pharmacists want to offer pathology tests. The results won't get into a Shared Health Summary (only a nominated GP can do that)

Pharmacists want to prescribe medicine and/or modify a GP's prescription.

And how much time should a GP spend maintaining a patient's My Health Record when they get little or no benefit from it? Don't forget, a GP is supposed to "consider" other data in the patient's My Health Record and ensure that whatever they upload is consistent with what is already there. And if what is already there is incorrect or inconsistent, they (the GP) has no easy way of getting it corrected.

The big problem is that even the way the system is supposed to work, doesn't.

Andrew McIntyre said...

All of those cases you describe Bernard are a case for good point to point messaging, with perhaps a central repository of dispensed items, which would go some way to overcome doctor shoppers. Really its the patients GP that should be notified of all those events, and not MyEHR as MyEHR doesn't know if any of those events are significant to the patient, whereas the GP should. I think looking at a MyEHR with a lot of useless data will become a medico-legal risk. Are you supposed to look at everything or be at risk of missing some data of significance tucked away in the footnote of a pdf? I much prefer a good referral letter, I don't want every piece of health data ever collected on the patient, especially as the prescribing records appear to be very inaccurate.

I have no need to fall back to being a GP 11:59am, I am already a Gastroenterologist 4 days a week and MO reinvests its income in R&D. I am happy to compete with Telstra, not quite as happy to be their customer in general however, will they be any better in eHealth?

Bernard Robertson-Dunn said...

Andrew, "point to point messaging" or secure messaging or interoperability.

Now that's proper health infrastucture. And the Federal Government - they don't provide health care, the states do - does not get to store copies of our health data in a system that doesn't reduce data fragmentation and which makes access to the data so easy that people who shouldn't see it now potentially can.

Anonymous said...

https://www.theregister.co.uk/2017/06/29/who_botched_oz_cancer_registry_rollout_pretty_much_everybody/

The ANAO report plucks out several less-than-encouraging details from the project: nine Department of Health officials handling the project didn't disclose that they held Telstra shares; risk management was inadequate; and Telstra isn't yet compliant with privacy or security requirements.

Speechless.

Anonymous said...

8:51 PM: there is the trust we have been looking for, albeit probably off shore trusts, but a trust all the same.

Anonymous said...

July 06, 2017 8:51 PM, the report raises some interesting concerns, glad you brought this up as it warren some very serious analysis, I for one am a bit over the ADHA and the MyHR, there are more important and relevant undertakings in eHealth that need to be open and transparent.

Anonymous said...

I find this article relays some issues quite well and worth a read - http://www.eurekastreet.com.au/article.aspx?aeid=52692

In regards to all this, I note the ADOHA CEO is hiding yet again, how about broadcasting a very open and transparent public debate, not the staged ones we see coming from the ADOHA. Jim Birch tweeted the Board champions openness and transparency, well Jim lets have it then?

As for sunlight being a great disinfectant is where the ADHA CEO and a few of his crusaders think sunshine comes from IMHO.

I had great hopes for the ADHA and it started so well, but fell apart around October November.

Anonymous said...

It fell apart when a journo with no experience of running a government agency was appointed to head ADHA. It's a lot like a businessman trying to be president of the USA. It all looks so easy until you try and do it yourself. If either were really smart they would get out without looking bad. But on the other hand if they were really smart they wouldn't have got themselves into their mess in the first place.

Anonymous said...

4:58 PM. Yes it was an odd choice, failed NHS care.data, clear evidence the privacy of citizen was secondary to selling data about them, to 'for-profit organisations (a cultural legacy NHS still suffers from), hardly made an impression at Telstra, it is the same with the Executive at the developer launch, full of hope and full of IT but lacking in any proper experience or backed by anyone with any health background other than one old timer.

Still as others have pointed out, the ADHA and the MYHR no longer have influence or relevance, the former having failed on all three counts of what the then Minister Ley announced was their national duty and the latter a ticking time bomb.

3:08 PM. If the ADHA Chair claims the board supports transparency, where is it?