Comment from inside the programme is restricted by a number of things, but two significant ones are essentially that the contractors' contracts prevent them making public statements not authorised by the customer (the Department of Health), as I remember it, and the Official Secrets Act.
There are a number of things preventing the UK government introducing change in the NHS:
The GPs don't work for the NHS, they're self-employed contractors whose contracts take nearly a decade to change
The hospitals aren't directly under the control of the NHS, they are controlled by the acute trusts
The consultants are not under the control of the NHS. They have contracts (I forget who with, probably the acute trusts
80% of the NHS budget is controlled by the Primary Care Trusts
... so the NHS is not in a position to say "do this" and have it done. It's just not a command-and-control organisation. There are a number of types of change that the NHS has been trying to make for over ten years. The Connecting for Health programme (formerly the NHS National Programme for IT) could be described as an attempt to achieve organisational change by the introduction of IT changes. Manifestly, effecting organisational change by introducing technical change is, to put it mildly, difficult and expensive. So for those in charge of any part of the programme there is a perception of a high risk of failure. Justifiably so, in many people's opinion.
So, there are a number of options on proceeding in an environment as risky as this. You could take an approach where you pilot an idea to see if it is workable before proceeding to full-scale rollout. This happened for example with electronic prescriptions. That pilot was cancelled at around the same time that the NPfIT programme was launched. Another way of tackling the risk would be to find a small number of large suppliers and let a number of contracts to them, with mind-bogglingly punitive financial penalties for lateness, unavilability, nondelivery and so on. This is the approach that the UK department of health took. So vast is the scale of the potential penalties that many potential suppliers were disqualified simply because they did not have the financial stature to sign up to those. Other bidders had the stature but not the stomach for that (I suspect Lockheed Martin was in this category).
So, what does a contractor do when faced with vast potential penalties?
Adopt low-risk solutions rather than high-risk but cheap solutions (and I'm talking about perception of risk here, as in, "Is it tried-and-tested"?)
Apply huge amounts of contingency to their estimates/pricing
Require that the level of potential profit justifies the huge levels of risk being undertaken
Move all inessential or avoidable deliverables out of scope, and if possible, de-scope the riskiest parts of the job
Those factors mean that the NHS passing on the risk of the programme to the subcontractors would always mean that the contracts would be mind-bogglingly expensive. Moving things out of scope means that even though the contracts are expensive, there are many activities that aren't covered. That means that the NHS has to spend still more money on those activities. The media then acts surprised that having let billions of pounds of contracts, the NHS spends still more. Look at it this way: if an organisation spends X pounds on new IT syetems, how much money will they need to spend on related costs (rollout, training, organisational change, costs associated with upheaval, parallel running, data migration, data cleansing)? I'd say that 2X pounds of additional costs would be an underestimate. Bear in mind here that the NHS has about 800,000 employees (direct and indirectly employed healthcare workers).
"Among the provisions of the Police and Justice Bill 2006, which gained Royal Assent on Wednesday, is a clause that makes it an offense to impair the operation of any computer system."
Cool. Impair is a failrly broad term though. Does this mean people can be prosecuted for installing Windows onto a computer system?
Exactly. I moved to Ireland less than a year ago (I'm from the UK). I'm divorced, and I'm used to mentioning this in conversation (when it's relelvant). I was surprised to find that in Ireland this information is greeted with some amount of surprise and shock. In the UK people just treat it as information relevant to the next thing I'm about to say, and are rarely surprised. The surprised Irish people I'm talking to are twenty- or thiry-something. So it's not like they're middle-aged reactionaries. Divorce is simply very uncommon here.
Interestingly the article doesn't point out to the reader that they also need to pay attention to the reasons why the service provider got called in in the first place, any why they needed to stay so long. There's an underlying issue there (be it manpower, organisational ability, wrong executive sponsorship of projects, skills, poor control of scope creep, etc.) The underlying issue needs to be addressed or you will be back in the same situation before you know it.
Re:Arte you sure that's the first thing?
on
A New Kind of OS
·
· Score: 1
Heh, and I had to make a typo in the subject, too...
Arte you sure that's the first thing?
on
A New Kind of OS
·
· Score: 1
One of the FIRST things I do is go and turn of "Use personalized menues".
Not the spell checker?
Re:conform, obey, or not be with us
on
The Expert Mind
·
· Score: 1
My god, what kind of hell-hole do you work in? I've never worked any place like that.
I don't understand. Why would anybody ask you about a profanity on your hat? I mean, even if it were visible, who would ever even comment? Do you live in Iraq or Bhutan or something?
You have to be able to state theories within that field which make a claim to predict or explain observable things
You have to be able to make observations which can disprove your theory (of course, you can't make measurments that prove your theory, only disproof is in general possible)
If a field of study doesn't allow the use of observations to falsify theories, it's not a science. That doesn't mean, for example, that the design of distirbuted systems cannot include elements of science; however, it does include non-scientific elements too. For example, judgements about the usefulness of a system to humans are mainly qualitative.
Yes, but new customers who already have a Linux environment running previously had one choice: DB2.
But Oracle has run on Linux for a long time - I remember installing 8.15 (well, 8.x for some value of x), and the current Oracle release is, what, 10g?
I think you're oversimplifying. Computer Science is a field of academic study and a field of research (in universities and in companies). But the IT sector includes a lot of stuff that isn't computer science. Viz:-
Science: Algorithm Analysis Not Science: Requirements capture, Most design work, Debugging
Science: Big-O analysis, graph theory, computability evaluation Not Science: Distributed systems design, system architecture
Science: Developing machine vision techniques Not science: Racing automated vehicles across the desert
Science: Relational calculus Not Science: Database administration
Is the non-science stuff Computer Science? No, but it's software engineering / IT / etc. Is it mandatory to understand the science bits to do the non-science bits? No, but often it helps a whole lot.
So, it's valid for "Computer Science" to be a branch of "Science", but perhaps you think otherwise because there are things that you'd say are within Computer Science, that are not actually science. I'd agree with you there, but I'd claim they're not computer science either.
Actually, at the time Berners-Lee invented the web, the UK was mostly using domain names in reverse order. JANET email addresses were reversed. At the time, my email address was mbcstjy@uk.ac.man.ph.hpa. JANET email was not RFC-822 email anyway. JANET was X.25 based.
If the server does all the work and uses nothing but standard CGI
Of course, it has nothing to do with CGI. The client has no reason to care about how the web server invokes the application logic. What you mean, I assume, is that the web server should confine its interface to the client to just HTML forms and HTTP. While that's all very standards compliant, it doesn't always generate the best usability result. Stop for a minute and realise that it's not possible to implement the nice user interface of Google maps without Javascript, for example. Sure, Google maps works without Javascript, but the interface isn't nearly as slick.
The measles, mumps and rubella (MMR) vaccine was introduced in the UK in October 1988. Prior to its introduction there was a vaccination available for measles from 1960 and girls of twelve or thirteen received a rubella (German measles) vaccine. There was no vaccine for mumps. MMR has been used for 25 years in the United States and in Finland for 16 years as well as in over thirty European countries, Australia, New Zealand and Canada.
So, you've probably had one of the measles vaccines yourself. Certainly I have.
WTF? Microsoft employess catches infectious disease. Wow. Amazing.
Anyway, how is this a significant risk? Surely the staff have already been immunised against measles. In the UK, the NHS has been providing a measles vaccine since 1960. The uptake rate for the current vaccine (MMR) is between 75% and 95% (it varies across the UK). The remainder includes children who have the vaccination separately as well as those who go unvaccinated.
So unless the US employees of Microsoft just didn't get vaccinated against measles as kids, what is the problem?
If the network is OPEN then u should be able to use it at will.
[...]
If it's OPEN its fair game.
That might summarise the way you would like the world to be, but it's not the way it actually is.
Besides, I'm sure that you would agree that spammers sending spam through an open relay are commiting a service-theft crime. Having the open relay is really stupid on the part of the owner of the mail server, but it doesn't make the abuse any less wrong.
SATAN is a vulnerability scanner. It was actually the first Open Source vulnerability scanner out there and reputedly got the author kicked out of SGI. It had a patch to rename it SANTA,
SATAN was by Wietse Venema and Dan Farmer. Farmer worked for SGI as "Security Czar" at one point. However, the patch you refer to was, I think, unneccessary - the name change ablity was part of the distributed software.
Slashdot Mirror
Comment from inside the programme is restricted by a number of things, but two significant ones are essentially that the contractors' contracts prevent them making public statements not authorised by the customer (the Department of Health), as I remember it, and the Official Secrets Act.
There are a number of things preventing the UK government introducing change in the NHS:
... so the NHS is not in a position to say "do this" and have it done. It's just not a command-and-control organisation. There are a number of types of change that the NHS has been trying to make for over ten years. The Connecting for Health programme (formerly the NHS National Programme for IT) could be described as an attempt to achieve organisational change by the introduction of IT changes. Manifestly, effecting organisational change by introducing technical change is, to put it mildly, difficult and expensive. So for those in charge of any part of the programme there is a perception of a high risk of failure. Justifiably so, in many people's opinion.
So, there are a number of options on proceeding in an environment as risky as this. You could take an approach where you pilot an idea to see if it is workable before proceeding to full-scale rollout. This happened for example with electronic prescriptions. That pilot was cancelled at around the same time that the NPfIT programme was launched. Another way of tackling the risk would be to find a small number of large suppliers and let a number of contracts to them, with mind-bogglingly punitive financial penalties for lateness, unavilability, nondelivery and so on. This is the approach that the UK department of health took. So vast is the scale of the potential penalties that many potential suppliers were disqualified simply because they did not have the financial stature to sign up to those. Other bidders had the stature but not the stomach for that (I suspect Lockheed Martin was in this category).
So, what does a contractor do when faced with vast potential penalties?
Those factors mean that the NHS passing on the risk of the programme to the subcontractors would always mean that the contracts would be mind-bogglingly expensive. Moving things out of scope means that even though the contracts are expensive, there are many activities that aren't covered. That means that the NHS has to spend still more money on those activities. The media then acts surprised that having let billions of pounds of contracts, the NHS spends still more. Look at it this way: if an organisation spends X pounds on new IT syetems, how much money will they need to spend on related costs (rollout, training, organisational change, costs associated with upheaval, parallel running, data migration, data cleansing)? I'd say that 2X pounds of additional costs would be an underestimate. Bear in mind here that the NHS has about 800,000 employees (direct and indirectly employed healthcare workers).
The scope of the
yes
Interestingly the article doesn't point out to the reader that they also need to pay attention to the reasons why the service provider got called in in the first place, any why they needed to stay so long. There's an underlying issue there (be it manpower, organisational ability, wrong executive sponsorship of projects, skills, poor control of scope creep, etc.) The underlying issue needs to be addressed or you will be back in the same situation before you know it.
Heh, and I had to make a typo in the subject, too...
One of the FIRST things I do is go and turn of "Use personalized menues".
Not the spell checker?
My god, what kind of hell-hole do you work in? I've never worked any place like that.
An analysis by a neutral third party has already been done. See Tuzhilin's report.
I don't understand. Why would anybody ask you about a profanity on your hat? I mean, even if it were visible, who would ever even comment? Do you live in Iraq or Bhutan or something?
If you don't like the way that Microsoft software works, use something else already. Sheesh.
- You have to be able to state theories within that field which make a claim to predict or explain observable things
- You have to be able to make observations which can disprove your theory (of course, you can't make measurments that prove your theory, only disproof is in general possible)
If a field of study doesn't allow the use of observations to falsify theories, it's not a science. That doesn't mean, for example, that the design of distirbuted systems cannot include elements of science; however, it does include non-scientific elements too. For example, judgements about the usefulness of a system to humans are mainly qualitative.I think you're oversimplifying. Computer Science is a field of academic study and a field of research (in universities and in companies). But the IT sector includes a lot of stuff that isn't computer science. Viz:-
Science: Algorithm Analysis
Not Science: Requirements capture, Most design work, Debugging
Science: Big-O analysis, graph theory, computability evaluation
Not Science: Distributed systems design, system architecture
Science: Developing machine vision techniques
Not science: Racing automated vehicles across the desert
Science: Relational calculus
Not Science: Database administration
Is the non-science stuff Computer Science? No, but it's software engineering / IT / etc. Is it mandatory to understand the science bits to do the non-science bits? No, but often it helps a whole lot.
So, it's valid for "Computer Science" to be a branch of "Science", but perhaps you think otherwise because there are things that you'd say are within Computer Science, that are not actually science. I'd agree with you there, but I'd claim they're not computer science either.
Actually, at the time Berners-Lee invented the web, the UK was mostly using domain names in reverse order. JANET email addresses were reversed. At the time, my email address was mbcstjy@uk.ac.man.ph.hpa. JANET email was not RFC-822 email anyway. JANET was X.25 based.
Yup. They're alive and well and living at the bottom of my garden.
Another reason to buy a hybrid vehicle is that (I think) you can use the carpool-only lane in one. Great for those hugely-crowded highways.
Newsflash: Slashdot slashdots Slashcode. I get a 404 for http://www.slashcode.com/.
Anyway, how is this a significant risk? Surely the staff have already been immunised against measles. In the UK, the NHS has been providing a measles vaccine since 1960. The uptake rate for the current vaccine (MMR) is between 75% and 95% (it varies across the UK). The remainder includes children who have the vaccination separately as well as those who go unvaccinated. So unless the US employees of Microsoft just didn't get vaccinated against measles as kids, what is the problem?
Apparently, yes you can get fired for choosing Microsoft.
Besides, I'm sure that you would agree that spammers sending spam through an open relay are commiting a service-theft crime. Having the open relay is really stupid on the part of the owner of the mail server, but it doesn't make the abuse any less wrong.
Aren't there constitutional issues here? It seems odd to have a situation where the IRS decides what is and what isn't pornography.