This appeared last week.
Technology lessons of COVIDSafe must be learned
Dr Lesley Seebeck
Contributor
COVIDSafe illustrates the need for a good understanding of both policy intent and how the technology works.
Aimed at ‘help[ing] assist health officials understand and contain the spread’ of COVID-19, the app is more than a benign study assistant.
It uses people’s smartphone Bluetooth functionality as an incomplete proxy for distance between potential carriers and other people. Collected data provides an approximate, near real-time social network.
That can be both helpful to understanding the spread of infection and highly invasive of privacy. Like all such data, stripped of context, it can be highly misleading and potentially open to abuse.
So, kudos to the government, which realised it needed strong privacy provisions around COVIDSafe data.
However, it’s not enough to do good on the legislative side alone: government needs to follow through on the technology and implementation.
A fundamental lesson of running a technology shop is that most apparently technical faults aren’t technical in nature but organisational.
A ‘technical failure’, for example, may expose how after a reorganisation, no-one had assumed responsibility for backing up key systems, or that a long-departed contractor had hard-coded passwords.
When these events occur, best practice in a mature technology organisation is to run an all-hands retrospective, after-action review, or blameless post-mortem to understand what happened, to identify systemic issues and a way ahead.
Such exercises are not to find scapegoats but to ask ‘why’ until a root cause is found.
Typically, it takes several iterations, digging progressively deeper. And it requires a healthy, open, informed, constructive, and respectful culture. After all, technology done well is hard; the technology savvy organisation will seek opportunities to improve.
The report by independent researchers Richard Nelson, Vanessa Teague, Jim Mussared and Geoffrey Huntley probably offers the best insight into COVIDSafe’s technical, privacy and security issues.
The organisational issues can only be inferred. For example, the hurried implementation that led to oversights on privacy issues, the prioritisation of user interface changes over privacy and security issues, the choice of security advisories by the Digital Transformation Agency, and persistence with a notification protocol that required workarounds that in turn introduced inconsistencies.
Without digging deeper, root causes can only be guessed at.
What is clear, however, is that the government’s technology competence could be improved, at both the technical and organisational level. As policy is increasingly shaped and implemented through technology, that’s needed.
First, people. Twenty years of outsourcing, combined with a continued erosion of public service knowledge and rapid technological change, makes it hard to argue, aside from some niche areas, that the government is an informed judge of technology.
But more ‘techies’ alone won’t help much. Technologists need to be exposed to the complexity of policy and delivery; policy and program managers need to understand the nature, opportunities, constraints, and weaknesses of technology.
Ministers, too, have a responsibility to be much more familiar with technology than they are now. They need to learn to avoid optimism bias, be wary of vendor promises, and be willing to listen to the practicalities of complex design and implementation.
Second, process. Given the fusing of policy, programs and technology, government needs an appropriate means of oversight—one that has a good grasp of technology and the economic, societal, and national security implications in design, implementation, and operation.
…….
Dr Lesley Seebeck is an Honorary Professor at the Australian National University and the former chief executive of the ANU Cyber Institute. She has worked in senior roles across government including as Chief Investment and Advisory Officer at the Digital Transformation Agency.
More here:
https://www.innovationaus.com/technology-lessons-of-covidsafe-must-be-learned/
To me the deeper problem is the undervaluing of technical expertise and thinking this is not a managerial domain. To competently manage and implement technology you need to not only understand the business issues but also tech capabilities, vulnerabilities and limitations at the least.
As an example take the ADHA. A technical policy organization if ever there was one!
Only two of the six executive team have formal IT expertise.
Worse only 2-3 of the 10 Board members have real Digital Health expertise.
All the tech understanding and expertise – and there is really some – are buried in the lower rungs.
No tech organization will really flourish with to many lawyers, accountants and consultants!
IT is hard and complex and needs real expertise and understanding – and the Government has outsourced all these skills for way too long! Hence the debacles we see I reckon.
David.
11 comments:
Don't expect the government to suddenly get IT right. Their blunders and bad policies are many and varied. Apart from being too slow and too little ordering and distributing vaccines, they are now in danger of crippling General Practice.
Pandemic charity comes at a cost
https://medicalrepublic.com.au/pandemic-charity-comes-at-a-cost/51628
GP practices are taking a financial beating in the pandemic, initially from a decrease in face-to-face presentations and now from participation in the vaccine rollout, a new report shows.
This week CommBank released its annual GP Insights Report which looked at the challenges and opportunities practices have faced over the last year.
CommBank engaged an external company, ACA Research, to survey 223 general practices and more than 2000 patients across Australia.
The report reveals that many practices’ financial situation has been negatively affected by covid, with one-third of practices surveyed reporting that revenue was down from before the pandemic.
In the ACT after a two week lockdown about 7,000 people have come to the end of their quarantine period. Before they can come out of quarantine they need a test that comes back as negative for COVID19.
For quite a lot of people the test results could not be matched to the records ACT health had on them and so they could not be released. The reason was a data matching problem - the pathology lab patient ID did not match ACT Health's patient ID.
After getting on for 10 years of the MyHR and everyone having an IHI (even if they don't have a MyHR) it is amazing that ADHA's work is being ignored. The IHI is supposed to prevent patient ID problems.
ADHA are supposedly updating their supposed National Strategy. The first thing they should do is have a realistic, independent and objective assessment of the usefulness of what they have actually achieved. Not measures of uploads to MyHR but the value of the uploads and the uptake of the outcomes of their initiatives.
Don't hold your breath.
Here we go …. I get the same feeling a legionnaire of the aroma 9th got just as they entered the northern forests
ADHA is building internal contemporary technical capabilities and actively re-engaging with the industry with a view to better exploiting innovation opportunities
* Looking to develop a multiple national infrastructure partner model, including the use of codesign and co-skilling in procurement where appropriate
* Looking for vendors and partners that demonstrate they understand the issues, complexities of Australian health, aged and community services sectors and can deliver outcomes
* Interoperability is an essential component of progressing Australian digital health agenda and the Agency is focussed on stewarding the relevant standards and specifications to enable an interoperable healthcare system
* The future state of the My Health Record system moves well beyond the storing of clinical documents in a single repository to a data rich, multiple repository model that facilitates the exchange of information between trusted sources and participants
* The current My Health Record system is growing rapidly in content, utility and use, driven in part by the response to the pandemic
* The My Heath Record re-platforming program includes a move to cloud technologies, modern repositories and web services and contemporary consumer channels that will transform the digital health landscape.
So rinse and repeat. As someone said when The first ADHA Stragedy came into being - same shit, different asses.
* The future state of the My Health Record system moves well beyond the storing of clinical documents in a single repository to a data rich, multiple repository model that facilitates the exchange of information between trusted sources and participants
Oh, you mean try and build the original design without working out why they failed first time round?
Trouble is all the people who failed first time round and might have learned from the experience have moved on so there is no corporate memory, just uninformed enthusiasm.
Insanity: Doing the same thing aver and over again expecting different results.
This government would rather look stupid and deny the obvious than admit it got it wrong. So don't expect any change in the ADHA's apology for a National Digital Health Strategy. Just more unbelievable spin. You get more truth in a soap powder commercial.
Damning COVIDSafe report shows government ignored contact tracer frustrations, app's major shortfalls
Canberra Times
August 28 2021
https://www.canberratimes.com.au/story/7405628/government-ignored-warnings-on-covid-app/?cs=14329
A secret report on the $8 million COVIDSafe app, handed to Health Minister Greg Hunt in March this year, warned contact tracers were finding the government's early technological solution to controlling outbreaks was not helping.
It comes as Mr Hunt this week defended the app's absence in assisting health authorities get Delta outbreaks in NSW, Victoria and Canberra under control.
...
The documents, released under a freedom of information request by The Canberra Times, also showed the app had uncovered less than 2 per cent of the total close contacts in NSW during the reporting period.
AnonymousAugust 28, 2021 5:51 PM
Those are some classic statements, up there with the best of meaningless waffle.
Where did you lift these from?
Reply to anonymous (August 28, 2021 5:51 PM)
"ADHA is building internal contemporary technical capabilities and actively re-engaging with the industry with a view to better exploiting innovation opportunities"
1) The need to build implies they never had these technical capabilities before or lost them over time (people left).
2) re-engaging would imply they had engaged long ago but then actively or passively (unaware) disengaged with the industry. Have they been engaging anyone not from the industry?
"* Looking to develop a multiple national infrastructure partner model, including the use of codesign and co-skilling in procurement where appropriate"
3) Probably means ADHA are terrible at working out design & implementation of the required infrastructure & seeks multinational patsies to blame when it all goes wrong because the locals have already messed it up enough.
"* Looking for vendors and partners that demonstrate they understand the issues, complexities of Australian health, aged and community services sectors and can deliver outcomes"
4) When did they look for vendors or partners that didn't understand the issues & complexities or failed to need them to demonstrate their understanding?
5) Does that mean they admit to not delivering outcomes in the past?
"* Interoperability is an essential component of progressing Australian digital health agenda and the Agency is focussed on stewarding the relevant standards and specifications to enable an interoperable healthcare system"
6) Well NeHTA & ADHA were setup to progress digital health (1st called electronic health) & steward standards etc. How many years have they been talking about interoperability but not understanding the levels, complexity or ways to implement?
"* The future state of the My Health Record system moves well beyond the storing of clinical documents in a single repository to a data rich, multiple repository model that facilitates the exchange of information between trusted sources and participants"
7) Well that describes what the industry experts were asking for, well before announcing development of My Health Record 2012 and opposite to what we got. Why has this realisation taken so long?
"* The current My Health Record system is growing rapidly in content, utility and use, driven in part by the response to the pandemic"
8) It wasn't much use before the pandemic but ADHA tried to add features & integrations to make it more useful. Still doesn't achieve half of what is advertised.
"* The My Heath Record re-platforming program includes a move to cloud technologies, modern repositories and web services and contemporary consumer channels that will transform the digital health landscape."
9) Sounds like ADHA have learnt the new IT buzzwords & wants to use them to sound up-to-date & on-trend. I doubt using them will fix the problems (creates more) unless they change how they use them to identify & solve the biggest problems correctly (design first not chosen tech first).
10) Does this mean the ADHA admits they haven't transformed the digital health landscape much so we really need to do it this time around?
Maybe ADHA should get an independent assessment of what has worked and what failed.
The first would be a very short list, the second would just about everything they have set out to do.
Unfortunately, learning lessons does not appear to be a key skill of ADHA management.
About the only good thing in the past few years is the disappearance of Timmie the journo. He's had a recent major achievement, he's re-labelled his company Beamtree.
Talking about Timmie, he was the inaugural chair of the Global Digital Health Partnership.
Someone seems to have rather hijacked one of their websites:
https://gdhp.org/our-vision
It seems you can now buy a range of products for Erectile Dysfunction. Sort of descries Timmie's Digital Health career. Dysfunctional.
6:10 PM nice find that made me laugh.
Post a Comment