Category Archives: Campaign4Change

Patient records go-live “success” – or a new NPfIT failure?

Posted on 09/12/2013 | 5 comments

By Tony Collins

John Goulston says the go-live of a new patient records system at his trust is a “success”.

He should know. He’s Chief Executive of Croydon Health Services NHS Trust. He’s also chair of the trust’s Informatics Programme Board which has taken charge of bringing Cerner Millennium to Croydon’s community health services and the local University Hospital, formerly the Mayday.

He was formerly Programme Director of the London Programme for IT at NHS London – a branch of the NPfIT.

In a report two weeks ago Goulston said the trust deployed the “largest number of clinical applications in a single implementation in the NHS”. Croydon went live with Cerner Millennium on 30 September and 1 October 2013.

Said Goulston in his report:

“Administrative functions do not engage clinicians; providing them with a suite of clinical functionality has been justified as each weekday approx. 1,000 staff are logged on and using the system. CHS [Croydon Health Services] has in Phase 1 deployed, in addition to patient administration, the largest number of clinical applications in a single implementation in the NHS England.”

BT helped install Millennium at Croydon under the National Programme for IT.  The trust’s spokesman says the Department of Health provided central funding, and the trust paid for implementation “overheads”.  The Health and Social Care Information Centre was the trust’s partner for the go-live.

The Centre is the successor for Connecting for Health. It has taken on CfH’s officials who continue to help run the NPfIT contracts with BT and  CSC.

Goulston said that Cerner and BT have paid tribute to the trust which installed Millennium in A&E, outpatients, secretarial support and cancer services, and elsewhere.

“Our partners Cerner, BT and Ideal have commented that the Trust has undertaken one of the most efficient roll-outs of the system they have worked on, with more users adopting the system more quickly and efficiently than other trusts … the success we have achieved to date is the result of the efforts of every single system user and all staff members,” said Goulston.

Best Cerner implementation yet?

Optimistic remarks about their launch of Cerner Millennium were also made in 2012 by executives at the Royal Berkshire NHS Foundation Trust.  Their optimism proved ill-judged.

Of the Millennium go-live at Royal Berkshire, trust executives said that it “had been considered to be the best implementation of Cerner Millennium yet and that despite staff misgivings, the project was progressing well”.   This positive message should be disseminated, they said.

Months later they told the Reading Chronicle of patient safety issues and a financial crisis arising from the Millennium implementation.

A Royal Berkshire governors Rebecca Corre was quoted as saying: “There is a patient safety issue when staff write down observations and then there is an hour before they can get it onto the computer. If it is an experienced nurse, they may pick up a problem, but others may not.”

Ed Donald, Chief Executive of Royal Berkshire was quoted as saying:

“Unfortunately, implementing the EPR [electronic patient record] system has at times been a difficult process and we acknowledge that we did not fully appreciate the challenges and resources required in a number of areas.”

Are executives and managers at Croydon Health Services NHS Trust  now similarly afflicted with an unjustified optimism about the success of their Cerner go-live?  

Past consequences of NPfIT go-lives hidden?

The Department of Health has claimed benefits for the NPfIT of £3.7bn to March 2012 but there have been trust-wide failures: thousands of patients have had their appointments, care or treatment delayed by difficulties arising from past implementations of patient record systems under the NPfIT.  For thousands of patients waiting time standards have been exceeded or “breached” because of disruption arising from troubled go-lives.

In nearly every case trusts made it difficult for the facts to come out publicly. Vague or unexplained fragments of information about the consequences of the NPfIT implementation appeared  in different board papers over several months. The facts only emerged after a journalistic investigation that required scrutiny of many board papers and follow-up questions to the trust’s press office.

So Campaign4Change investigated Croydon Health’s implementation of Cerner Millennium to see if the Francis report’s call for a “duty of candour” over mistakes and problems in the NHS have made any difference to the traditional fragmentation of facts after NPfIT go-lives of patient record systems.

The Francis report called for “openness, transparency and candour“.  Trusts were told not to hide sub-standard practices under the carpet. The health secretary Jeremy Hunt said it can be “disastrous” when bad news does not emerge quickly and the public are kept in the dark about poor care.

To my questions about the Cerner Millennium implementation Croydon trust’s spokesman always responded promptly and tried to be helpful. But it appears that trust executives have given him limited information about consequences of the go-live, and have preferred to indulge the “good news” NHS culture that Jeremy Hunt warned about.

On being asked what problems the trust has faced since the go-live the spokesman gave various answers that made no mention of the problems.

“All of our staff received training on the system, and we are continuing to offer our teams support as it is embedded.”

What of the problems arising from the implementation, and has the board been fully informed?

“Millennium has featured regularly on the Corporate Risk Register presented to each Part 1 Board meeting.   In addition, implementation has received detailed confidential consideration at Part 2 of Board meetings, (which is why you won’t find it in our public board papers).”

Given Francis’s call for duty of candour,  should the trust be more open about its problems?

“The initial roll out for CRS Millennium was introduced over three days at the Trust, with a phased approach.  We did this to ensure the system was working in each department, before introducing it in another area.

“We are monitoring waiting time performance and records management so we can identify any issues if they emerge. The system is still being introduced in some services and when this is completed we will be able to assess the overall programme,” said the spokesman.

Does Croydon’s unwillingness to give in its statements to me any details of problems indicate that the culture of a lack of transparency in the NHS will be hard to change, no matter how many times Jeremy Hunt talks about the need for candour when things go wrong?

The spokesman:

“I’d like to be clear about the Trust’s approach:

  • The Trust board has been cited on the roll out of CRS Millennium and any potential risks throughout the process.  As I previously noted, the board received an update in September.  The board meeting, which will take place on Monday of next week, will receive a further update from the Chief Executive.  The papers from this meeting will be published on our website and the meeting takes place in public;
  • A meeting chaired by the Chief Operating Officer has reviewed any operational matters arising on a daily basis.  This is an internal meeting for clinicians and managers which has informed the implementation process;
  • Patients and visitors to the hospital have been kept fully appraised of the introduction of the system and were made aware that they may experience some delays to the check-in process while staff became familiar with the new computer system;

“These actions would suggest that the Trust has been transparent in its approach.  You are welcome to review the board papers when they are published.”

Serious problems now emerge

Croydon did indeed publish its board papers on 25 November 2013 – which is to its credit because not all NHS trusts publish timely board papers.

But it’s mostly in the small print of various board papers that details emerge of Millennium-related problems. The shortcomings are mentioned as individual items rather than in a single, detailed Cerner Millennium deployment report.  This leaves one to question whether trust directors have an overview of the seriousness of the difficulties arising from its implementation of a new patient records system.

These are some excerpts from deep inside Croydon’s latest board papers:

Breaches in waiting time standards

– “CRS Millennium (Cerner) Deployment -Network downtime – Week 1.  In particular, the significant network downtime in week 1 (BT N3 problem) led to no electronic access to Pathology and Radiology which resulted in longer waits for patients in the Emergency Department (ED) leading to a large number of breaches. This was a BT N3 problem which has been rectified with BT providing CHS with the required scale of N3 access (>600 concurrent users and >1,600 users on any day – which is the largest network usage of any trust in England).”

– • “Hospital Based Pathways: The deployment of CRS Millennium was a particular challenge in the month across the multiple service areas within the Directorate of A&E, Surgery and Maternity.

• “Cancer & Core Functions: With the implementation of CRS Millennium, the open pathways part of RTT [referral to treatment – patient waiting times) may fail the standard – validation will be completed after the narrative for this report… “

Excessive waits in A&E

– “The main drivers adversely affecting the performance in the month [October 2013) for A&E were the deployment of CRS Millennium and the commencement of winter pressures due to the seasonality change.  A&E  4-Hour Total Time in Department Target: 95.00%. Actual: 91.57%.”

Over budget

“The Trust position as at October is an adverse variance of £4.1m. This is a significant deterioration on the Month 6 position. The movement is mainly due to a significant reduction in income mainly as a result of operating issues caused by the Cerner deployment (£0.9m)…  Actual £14.8 (£14.8)m; Budget £10.7m; Variance £4.1m.”

“Cerner Millennium: Plan YTD [year-to-date] £245,000; Actual YTD  £621,000;

Significant loss in income

“… A new patient administration system was deployed in the Trust on the 30th September and 1st October (Cerner Millennium). The deployment has resulted in significant loss in income in September and October £ 1.1m. Trust performance on Activity Planning Assumptions and Key Performance Indicators is substantially worse than plan …”

Extra costs

“Medical £412k and admin £148k agency levels continue to be high due to cover for vacancies, annual leave, sickness and release of staff for Cerner training. The Trust has also incurred additional costs associated with the Cerner deployment (£600k) including overtime payments to administration staff and training costs.”

Bid to recover Cerner costs?

“… The Trust is currently forecasting a deficit position of £17.8m, which is £3.3m off the plan submitted to the NHS Trust Development Authority. This is a £3m movement from the month 6 forecast and is as a result of operational issues caused by the Cerner deployment. The current projected impact is an additional costs £1.7m and a loss in activity £1.1m . An application is to be made to recover the additional cost/losses relating to the Cerner deployment [of £2.9m] …”

HSCIC support for delays

“Cerner Millennium – Revised implementation date to Sept 2013 (achieved) ,with resultant additional costs including additional PC requirements of £146k, specialist support services £300k, procurement costs £91k, data cleansing costs £200k.

“Health& Social Care Information Centre (HSCIC) has confirmed support for the delayed implementation will be provided, accounting treatment of support to be confirmed with Department of Health.”

More money to stabilise operational position?

“As a result of operational issues caused by the Cerner deployment , Income is significantly reduced in October. The forecast assumes that the Trust will resume normal operating levels from November and that an element of the income lost will be will be recovered in the latter part of the year. A business case is being submitted to the Trust Board for additional investment in Cerner to stabilise the operational position.

“If there are further operational issues due to the Cerner deployment then this will significantly impact on the year end forecast…”

Over-optimism?

Principal risk -reporting output from Cerner is not accurate or timely. Officer in charge: CEO. Before go-live risk scores: June 2013 – 16; July – 16; Aug  – 10; Sept – 10. After go-live risk score (for Oct): 20 [high risk of likelihood and consequences]

Principal risk – operational readiness following the implementation of Cerner. Officer in charge: COO.  Before go-live risk score 15. Post go-live: 20. Risk rating before go-live – Green. After go-live – Red.

Red risks

Corporate Risk Assurance Framework

Nine risks are reported as Red [two of which relate directly to Millennium]:

“… Reporting output from Cerner is not accurate or timely. Data migration was successful. However reliance on external provider as internal knowledge has not yet been fully gained. A data quality dashboard with exception reporting is in place.

“… Operational readiness following the implementation of Cerner CRS Millennium impact conveyed to Trust Development Authority e.g. ED [Emergency Department] reporting and cost overruns

Risk scores

– Failure of CRS millennium to deliver anticipated benefits – 12. Officer in charge: CEO

– Reporting output from Cerner is not accurate or timely – 20. Officer in charge: CEO

– Operational readiness following the implementation of Cerner – 20. Officer in charge: COO

Croydon’s trust’s response to problems

Said John Goulston, Croydon’s CEO, in his latest [November 2013] report to the board of directors:

“The issues being encountered now with CRS Millennium are not due to any lack of integration testing with legacy applications or testing of workflow. They can be attributed to changing from a 25 year old Patient Administration System (Patient Centre) which did not require working in real time, was simple and intuitive to use, easily configurable and flexible to our needs.

“CRS Millennium’s patient administration functions are almost the complete opposite and the language used is new for our staff i.e. conversations, encounters etc. For our staff it has been a big ask for them to step into and up to such a complex application.”

He added: “The benefits of the new system are that each patient will have a single accurate electronic record that can be viewed and kept up-to-date by hospital and community clinical staff. This will eventually mean less time searching for patient notes, missing documentation and duplicating patient information…

“As with any massive change, there are still some challenges to tackle in making the system work effectively for every single user, in a diverse and complex organisation.

“However the success we have achieved to date is the result of the efforts of every single system user and all staff members. I would like to thank all our staff for their hard work in getting the Trust to this important stage.”

The trust spokesman gave me this statement on the problems:

“The Trust board has been given regular reports on the roll out of CRS Millennium and any potential risks throughout the process, not least through its regular reviews of the Corporate Risk and Board Assurance Frameworks.  As I previously noted, the board received a specific update in September.

“As you already know, November’s board meeting received a further update from the Chief Executive.  The papers from this meeting were published and the meeting takes place in public;  Those attending are invited to put forward questions.

“A meeting chaired by the Chief Operating Officer continues to review operational matters.  This is an internal meeting for clinicians and managers which has informed the implementation process;

“Patients and visitors to the hospital have been kept fully appraised of the introduction of the system and were made aware that they may experience some delays to the check-in process while staff became familiar with the new computer system;

“As you highlight from the board report, Cerner & BT noted that ‘the Trust has undertaken one of the most efficient roll-outs of the system they have worked on’   The papers also note some operational challenges as the system was rolled out.  These have been addressed as part of the daily meetings I reference above – these are mainly concerned with users familiarising themselves with the system and have been addressed through the support and training staff received.

“In terms of the costs, the introduction of CRS Millennium has been supported by central funding from the Department of Health with the Trust paying the implementation overheads.   These costs are a matter of public record and the Trust publishes annual Accounts as part of its Annual Report.”

Comment

When you go into hospital it’s reassuring to know the directors will be well informed and open about problems that could affect you.

The approach of Croydon Health Services NHS Trust to openness about its problems is not reassuring. It is no better or worse than other trusts that have implemented Cerner’s Millennium. In fact the timely publication of its board papers means it is more open than some.

But it should not require a time-consuming journalistic investigation to establish the consequences for patients of an NPfIT go-live. It has required just such an investigation after the go-live of Millennium at Croydon.

Board directors will not have the time to dig for, and piece together, information about internal problems that could delay patient appointments, treatment and care. They need the unpalatable facts in one place. Croydon Health Services has failed to make it easy for patients or board directors to see what has gone wrong.

NPfIT deployments at other trusts have led, cumulatively, to thousands of patients having appointments that were disrupted, or who had to wait longer to be seen than necessary, or whose records were not available, or who were seen with another patient’s records.

In shying away from telling the whole truth trusts take their cue from the top: the Department of Health has always made it hard to establish facts about anything to do with the NPfIT.  Said the Public Accounts Committee in its report The National Programme for IT in the NHS: an update on the delivery of detailed care records systems in July 2011:

 “It is unacceptable that the Department [of Health] has neglected its duty to provide timely and reliable information to make possible Parliament’s scrutiny of this project.

“Basic information provided by the Department to the National Audit Office was late, inconsistent and contradictory.”

Unanswered questions

Croydon has questions to answer, such as how many breaches of waiting time standards it has had, and may still be having, due to problems arising from the go-live. Other unanswered questions:

– What does a “a large number of breaches” in the Emergency Department mean? Have each the patients affected been told?

– Why are the risks related to the implementation much higher after go-live than before, given that the trust has had years to prepare for the go-live, and the many lessons it could have learned from other trusts?

– Exactly what problems are still affecting patients?

In a post-Francis NHS, Jeremy Hunt has demanded openness about mistakes and problems. There is an agreed need for change – but how can Hunt change an NHS culture – indeed a public sector culture – in which senior executives, in troubled IT implementations, will always emphasise the good news over the bad, perhaps hoping the bad will always remain hidden?

5 Comments

Posted in BT, Campaign4Change, change management, CSC, e-health, excessive secrecy, Government IT, health, health records, IT-related failures, LPfIT, managing outsourced services, NHS, npfit, openness and transparency, operational issues, public sector, public services, supplier relationships

Tagged ,

DWP drops claim Universal Credit is on time

Posted on 05/12/2013 | 2 comments

By Tony Collins

For  more than a year the DWP press office has countered articles on Universal Credit’s IT project problems with the claim that the scheme is on time and to budget. Spokespeople for the department have said each time that Universal Credit will be fully delivered by the end of 2017.

Now it has dropped the claim.  Today the DWP says in a press release that “most” of the existing benefit claimants will be moved over to Universal Credit during 2016 and 2017.  

On the advice of Universal Credit project lead Howard Shiplee the DWP is pressing ahead with the existing IT and “enhancing” it rather than starting anew. 

Says the DWP:

The next stage of delivery of Universal Credit will concentrate on the continued safe and secure roll out of the vital reform… 

As announced in July, the department has been working in conjunction with the Government Digital Service to explore an enhanced IT system for Universal Credit that uses the latest in technological advances.

“Today, ministers confirm that this system has proved viable and the department will further develop this work with a view to rolling it out once testing is complete.

“While this work is undertaken, Universal Credit will continue to expand. It is now live in 7 areas across the country, growing to 10 by spring 2014. From there, the roll out will expand beyond the existing single claimant group, to new claims from couples and families in all of these areas.

“By the end of next year, Universal Credit will start also to expand to cover more of the north-west. Universal Credit will therefore expand in scope and scale over the next 2 years.

“Pressing ahead with the existing system while the enhanced IT is being developed will allow for greater understanding of how individuals in different circumstances interact with Universal Credit. It also allows higher volumes of people to benefit from the better work incentives that come with the new benefit. Importantly, this approach will still allow the Universal Credit programme to roll out within the original budget.”

Work and Pensions Secretary Iain Duncan Smith said:

“This is a once in a generation reform. And we’re going to get it right by bringing it in carefully and responsibly.

“Our approach will ensure that while we continue to enhance the IT for Universal Credit, we will learn from and expand the existing service, so that we fully understand how people interact with it, and how we can best support them.
Early indications show that people are positive about the new benefit, and my department is working hard to ensure this good progress continues.

“Current plans will see new claims to existing benefits closed during 2016. This will mean that all new benefit claimants across the country will claim Universal Credit instead of the legacy benefits like Jobseeker’s Allowance or Housing Benefit…

“Decisions on the later stages of Universal Credit roll out will also be informed by the completion of the enhanced IT and these decisions will determine the final details for how people transition to the new benefit.

“The overriding priority throughout will be continued safe and smooth delivery and, as recommended by the Public Accounts Committee in their recent report on Universal Credit, this will take precedence over meeting specific timings.”

Comment 

Can the public and Parliament trust anything the DWP says about the progress on major IT-based projects? Those working on Universal Credit have known for 18 months that the project has been in trouble, but this has been repeatedly denied by DWP spokespeople who have insisted the scheme is on budget and on time to be fully completed by the end of 2017.

We know from the National Audit Office that the IT is not within budget and today we have the DWP’s admission that the programme will not be complete by the end of 2017 – something Campaign4Change and other sites have posted articles on for more than a year.

DWP’s over-optimism

“We will implement Universal Credit on time by 2017 and within budget – our plan is achievable.” – DWP in September 2013.

The DWP spokesperson added (September 2013) 

“We are committed to delivering Universal Credit on time by 2017 and within budget, and under new leadership we have a plan in place that is achievable.”

A DWP spokesperson told ComputerworldUK in September 2013:

“We are committed to delivering Universal Credit on time by 2017 and within budget, and under new leadership we have a plan in place that is achievable.”

It’s likely that Howard Shiplee has reported to IDS on what can and cannot be achieved by the end of 2017. He might have detailed the many IT-related uncertainties that still exist. But his report has not been published. The DWP doesn’t publish any reports on the progress or otherwise of its IT-related projects.

So will the DWP ever be open about its IT-enabled projects and programmes? Or will it continue to deny problems, write-offs and mistakes until they are only too obvious to be denied?  

Since the 1980s the DWP has been writing off tens of millions on failed IT projects. The Department may continue to have costly failures while its officials can easily keep the problems detailed in internal reports  hidden until they have moved on.

2 Comments

Posted in Campaign4Change, DWP, Government IT, IT-related failures, Universal Credit

Will truth ever be told when things go wrong?

Posted on 28/11/2013 | 5 comments

By Tony Collins

Cabinet Office minister Francis Maude has criticised civil servants who don’t always tell ministers what is going on in their departments. He used the Universal Credit project as an example.

He told the Financial Times: “There were a lot of failures in DWP and it isn’t good that it took a review commissioned . . . by the secretary of state to disclose what was going on.”

He added:

“You’ll find a lot of ministers don’t know a lot of things going on in the department because there’s no way you’ll find out.”

Maude’s comments touch on a common factor in IT-related project disasters in government – that ministers get mostly “good news” from their officials, and learn little or nothing about the seriousness of problems until a debacle is only too apparent to be denied.

But can ministers or the boards of large private companies ever expect their senior staff to be the bearers of bad news?

The Performing Right Society did not find out the truth about its failing IT-based project until it appointed a new head of IT who had no emotional equity in what had gone on before. [Crash – chapter 1)

The National Audit Office report “Universal Credit: early progress” referred to a “good news” culture at the Department for Work and Pensions that “limited open discussion of risks and stifled challenge”.

Ministers in charge of the Rural Payments Agency’s Single Payment Scheme said they were kept in the dark about the seriousness of IT-related problems. “When delays occurred, many stakeholders only found out at the last minute,” said a report of the Public Accounts Committee.

“Conspiracy of optimism”

The PAC report of March 2007 is worth a further mention:

“Lord Bach [minister in charge of the Single Payment Scheme] told us that he felt very let down by the advice he had received from the RPA [Rural Payments Agency], upon whom he said the Department relied very heavily in these circumstances, and the “conspiracy of optimism” on the part of the Agency.”

Lord Bach told MPs that he kept being told by officials that all was well.

“I frankly have to say that I do not think that that was satisfactory from senior civil servants whose job is to tell ministers the truth.”

Let down by civil servants – Universal Credit

Now the FT reports that Francis Maude has “entered the controversy over the implementation of the government’s universal credit scheme”. Maude told the FT he believed that Iain Duncan Smith, the work and pensions secretary, had been let down by his civil servants.

Maude said senior civil servants in charge of projects should tell ministers bluntly if they felt they were being misdirected and insist on a formal “letter of direction” to show that they had raised their objections. If they did not, they should be accountable for failings on their watch.

Maude did not comment directly on whether Robert Devereux, the top official in Mr Duncan Smith’s department, should take the rap for the much-criticised implementation of universal credit, but said: “I think everybody has to take responsibility for what they were part of”.

SROs accountable to MPs?

He suggested that civil servants who are in charge of big projects, known as senior responsible owners (SROs), should account directly to parliament, which would “toughen the relationship with ministers” and give officials a greater incentive to challenge developments they believed were wrong.

He said: “If you have an SRO who knows that he or she is going to be hauled up in front of select committees and interrogated . . . then I think you’re much more likely to have what is a very healthy thing in our system which is push-back. . . There’s a great phrase ‘speaking truth unto power’ and it’s very important – it doesn’t happen enough.

He added: “I’ve never had a civil servant come to me and say ‘Would you like us to stop doing this?’ The answer might easily be, ‘yes’.”

Comment:

Do ministers and boards of large private companies always have to commission their own independent reports to find out if their organisation’s biggest IT-based projects are failing? Probably.

The problem is not one of lying. Civil servants tend not to lie. Neither do senior executives when reporting to their boards. But the sin of omission – the art of not telling the truth while not lying – is well practiced in public life.

A succession of IT-based project disasters in the US, Australia and the UK show that truth is the first casualty of any large failing IT-based project.

Barnet Council and Capita

It’s isn’t just IT-based projects that bring out the sin of omission. Outsourcing deals do too. Barnet Council’s outsourcing deal to Capita is mired in controversy over truth.

Why did Barnet’s officials give Capita £16m after saying that the council had no spare cash, and that Capita would make the necessary upfront IT investments?

Officials have given a long-winded explanation which is a little like the drawn-out, incomprehensible explanation a six year-old may give in the playground when teacher asks why he took his friend’s bar of chocolate.

Liverpool LDL, BT and excessive mark-ups?

Liverpool Direct Ltd, a joint venture between Liverpool council and BT, is also mired in a controversy over truth. According to the Liverpool Daily Post, Local Government Minister Brandon Lewis has questioned whether LDL is proving value for money. There are allegations of excessive mark-ups on IT and services supplied by BT to the council.

It seems that BT makes a mark-up on what it supplies to LDL and LDL makes a further mark-up on what it supplies to the council.

But a council spokesperson said: ““The mark up incorporates a calculation of the cost of setting up a particular piece of hardware or software by LDL. The important figure is the profit after tax per item which is much lower, and on some items, LDL actually makes a loss.”

The minister said Liverpool Council needed to open up its books if it wants to insist it gets value for money from the BT deal. Will Liverpool Council open up?

Hardly.

Politicise parts of the civil service?

There is a strong argument for politicising the top echelons of the civil service so that ministers are not so reliant on officials who are thought to be neutral but evidence shows can be biased towards good news and suppressing the bad.

Ministers and boards of large companies do not need various versions of the truth when things go wrong. They need their own version.

As Richard Nixon said when accepting the presidential nomination in 1968 [pre-Watergate]:

“Let us begin by committing ourselves to the truth—to see it like it is, and tell it like it is—to find the truth, to speak the truth, and to live the truth.”

Doubtless Nixon believed it when he said it. Just as countless officials and executives in public and private life believe they are speaking the truth when they ministers and boards on their big IT-based projects. It may be the truth. But how much of it are they telling?

Update:

In a tweet BrianSJ3 makes a great suggestion: Genchi Genbutsu – “go and see for yourself” he says.

5 Comments

Posted in BT, Campaign4Change, Capita, DWP, excessive secrecy, Government IT, IT projects, IT-related failures, local democracy, local government, public-private partnerships, Universal Credit

Tagged , ,

Police SAP system’s “significant” security weaknesses?

Posted on 19/11/2013 | 18 comments

By Tony Collins

Auditors claim that weaknesses in security controls in a SAP system used by a police force and two councils could allow people who don’t work for the police to have  access to the force’s administrative database.

Grant Thornton also warns of risks that those with access to the system could create new programs, manipulate and change data, and view files they may not be authorised to see.

The risks are detailed by Grant Thornton in its report “Review of South West One (SWO) AP IT Controls”. Southwest One is an IBM-owned company that runs IT and other services for, Avon and Somerset Police, Taunton Deane Borough Council and Somerset County Council.

The three authorities, which are minority shareholders in Southwest One, share a SAP database that is run by the joint venture company. 

Grant Thornton concludes that there are risks of unauthorised access and changes to a SAP system shared by the three authorities. It says that “while we have identified this significant weakness in control we have no evidence of actual, inappropriate access or changes to data. However, our review was not intended to go into this level of detail and further testing would be required to establish if inappropriate access had been made.”

The SAP database is likely to contain sensitive information such as the home addresses of senior police officers and council officers.

“Significant issues”

Grant Thornton says that “two significant issues” require an “urgent” response and officials should also “clarify immediately” who has access to a SAP database and “whether there has been any unauthorised access to, or changes, made to the data”.

It appears that the security risks in control existed for years. Southwest One was set up in 2007 and the SAP system implemented gradually in the years after a signing of the deal. The contract has another four years to run.

The claimed flaws are because the SAP database is shared between the three authorities and its data is not always segregated, according to Grant Thornton.

The auditors suggest that the problem is not in the design of SAP but in the way the system has been implemented.

SAP separates “client” accounts in two ways, says Grant Thornton.

One way is for SAP to be implemented as a single system, with data kept separately for different legal entities. Data is segregated between the legal entities so there are no shared users.

SW1 adopts cheaper option?

A cheaper option, says Grant Thornton, is to have a single “SAP client”, which is the implementation used at Southwest One.

This type of deployment separates accounts by trial balance codes, known as company codes. It’s suitable for large companies that have several subsidiaries, and allows for consolidation of accounts at group level.

It uses a shared database that stores a shared set of configuration parameters and has a shared set of users. Each table in the database contains data from each of the trial balance codes. Access to data is restricted through the SAP security model and requires careful fine-grained access permissions to be created to ensure adequate restrictions to sensitive and personal information.

For administrators, this may be the easiest implementation as there is only a single database to manage, rather than one for each client.

“It is likely to be the lowest cost model because of this,” says Grant Thornton. “However, it is the least secure method to manage legal entities that have no relation to each other.”

Upgrades, system reports and database maintenance may need to be done only once. Licence costs are shared.

Auditors suggest that the weaknesses mean that people who access the shared database may work for the police, or either of the councils, or be posing as secondees for any of the three authorities. 

When Grant Thornton tried to find out the names of people who have access to the database they were told some could not be identified as they were police officers, Grant Thornton said in its report:

“As we are unable to identify these individuals we only have SWO’s [Southwest One’s] assurance that these are genuine seconded employees.”

Said Grant Thornton:

“We identified approximately 20 users who had access to SAP. We were informed by SWO that some of these users are seconded from the three users bodies to SWO and that because some of them are police officers we could not be given their names. Thus you have a complex situation where staff work for the respective legal entities but are seconded to SWOne.

Genuine employees?

“It is not clear if the respective entities are aware that data is not really segregated and that secondees could gain access to other entities data.

“Even if SWO reduces the number of staff that have access to sensitive data they will not be able to reduce this type of cross entity access to zero because of the single client they are using in SAP.

“In addition to the potential control risk, as SAP contains personally identifiable data that could be accessed by ‘inappropriate’ users there is the potential for a challenge under the Data Protection legislation and fines levied by the Information Commissioner can be significant.”

Under the Southwest One contract IBM has provided the SAP service under a single ‘software as a service licence’ (SAAS).

 Grant Thornton claims in its report other security weaknesses which include:

Excessive privileges in SAP

“It was noted that 26 users had access to the SA38 privilege. The use of the transaction code SA38 in the production environment should be highly restricted since it provides access to run custom programs that have not been secured with authorisation objects or authorisation groups, thereby allowing the user to access functionality and data not associated with their normal SAP role.

“This could expose the organisation’s data to users who do not work directly for the organisation. It should be noted that in many SAP implementations, custom programs may be inherited from legacy SAP installations and new custom programs may not have been programmed using authority checks. Access to SA38 provides full access to any program that does not contain an authority check and can therefore circumvent the standard SAP authorisation model.”

Programmers with access to the final working system.

Programmers should be able to make changes in development systems, and only transfer them to the production version after following suitable change controls, testing and authorisation.

“Direct access to programming editing tools in the production environment represents a high risk to the organisation as it allows unauthorised changes to be made to data and programs.”

Access to sensitive tables in SAP [SM30/SM31]

“The organisation has 22 users with access to sensitive table data editing transactions SM30 and SM31. A review of the organisations that these individuals work for identified a mixture of IBM, Somerset County Council, Taunton Deane Borough Council, Avon & Somerset Police and EPIUSE. All have been seconded to SW One, with the exception of IBM and the EPIUSE user. Access in all cases was authorised by SW One.

“Access to these transactions under certain conditions can allow customised data tables to be edited directly, potentially resulting in unauthorised entries or database integrity problems.”

Somerset’s response

Grant Thornton says that officers at Somerset County Council were aware already of the underlying database configuration and its inherent risks.

Southwest One has been approached to comment on, and provide the necessary assurance around, database controls. Somerset has also asked Southwest One to provide details about access levels to the SAP system and about the frequency of their use.

A report for the Council’s audit committee on 21 November 2013 says that at the start of Southwest One contract (in 2007), Somerset’s officers received assurances that sufficient access controls and permissions existed within the SAP system, and in particular the SAP security model, to permit a single database to be used.

IBM’s response

IBM says most of the problems mentioned by Grant Thornton are matters it has dealt with and regards as “closed”.  It has responded to Grant Thornton’s concerns with some changes, undertakings of further discussions and various assurances.

On the claimed lack of segregation between programming, operations and management that prevents adequate controls being exercised which could lead to unauthorised changes being made to the system, Southwest One says:

“Low risk – Grant Thornton has confirmed that this only applies to one user.
Grant Thornton were happy with the secondary controls (separation of duties) that were already in place to mitigate this, but SWOne agreed to amend this person’s access to ensure that they cannot move any transport they have created.”

It’s not certain that Somerset’s councillors will accept IBM’s assurances at face value; and Grant Thornton is likely to investigate further.

At its meeting on 21 November, the council’s audit committee will consider whether to accept IBM’s assurances.

“Members are asked to review the findings in the Grant Thornton report and to consider what level of assurance they can take from South West One’s response and mitigations,” says a report to Somerset’s audit committee.

 Comment

Details of Grant Thornton’s concerns were spotted by Dave Orr, a former Somerset County Council IT employee who campaigns for openness over the Southwest One deal.

He says:

“This state of affairs where SAP is not separately configured for each partner organisation’s security is very worrying.

“It is hard to believe that over 5 years after implementation of SAP by IBM/SW1, a basic configuration error of judgement of this magnitude has taken place – especially considering police security requirements.

“Are the HMIC [Her Majesty’s Inspectorate of Constabulary] & NAO aware of these security issues? How would this unsuitable configuration have supported the many new joiners envisaged in the original joint venture model for SW1?

“Without a rebuild of SAP ground up, it is hard to see how this can be properly rectified.”

18 Comments

Posted in Campaign4Change

Capita – an NAO insight.

Posted on 13/11/2013 | 4 comments

By Tony Collins

Capita is a remarkable success story. Formed in 1984 with two people, as a division of the Chartered Institute of Public Finance and Accountancy, it grew rapidly to become a FTSE 100 member in 2006. In 2012 its turnover was £3.35bn, its pre-tax profits were £425.6m and it employed 52,500 people. It now has 62,000 staff across the UK, Europe, South Africa and India. It  acquired about 36,000 staff through TUPE.

In a survey, 71% of Capita staff agreed with the statement that “Overall I feel Capita is a good place to work” and 85% have an overall satisfaction with management.

The company’s  public sector turnover in the UK is about £1bn, divided roughly equally between local and central government. Two of its most recent UK contracts are at Barnet Council.

Yesterday the National Audit Office published an insight into four companies, Capita being one, after a request by the chair of the Public Accounts Committee, Margarget Hodge. She is not so impressed by Capita’s success.

“I asked the NAO to carry out this work after looking at case after case of contract failure- G4S and the Olympic security, Capita and court translation services, Atos and work capability assessments, Serco and out-of-hours GP services, to name a few.

“In each case we found poor service; poor value for money; and government departments completely out of their depth,” said Hodge.

Capita, however, comes out of the NAO investigation fairly well, better than the other three companies (G4S, Serco and Atos) but the NAO made some general points, unspecific to any of the four contractors, that indicate contracting arrangements between government and some of its major suppliers are far from ideal.

One of the NAO’s findings is that some suppliers may be “too big to fail” – and “difficult to live with, or without”.

The NAO memo provides information on Capita that would not otherwise be in the public domain. The audit office based its information on interviews with suppliers and civil servants, surveys, company reports, data from “open book” accounting and Cabinet Office files.

The four suppliers co-operated with the NAO but not completely. Where the contract did not have “open book” clauses Capita did not provide information on its costs or profit margins.

Below are some of the NAO’s findings in its “Memorandum on the role of major contractors in the delivery of public services”.

Capita has contracts with most major central government departments. In 2012/13 these contracts by value included:

Department for Work and Pensions: £146m.

Home Office: £99m

NHS: £71m

MoD: £40m

Department for Transport: £28m

Ministry of Justice: £23m

Cabinet Office: £19m

Department for Education: £17m

Department for Business Innovation and Skills: £11m

Department for Culture Media and Sports: £5m

DEFRA: £5m

Department for Energy and Climate Change: £3m

Department for International Development: £2m

HM Treasury: £2m

HMRC: £1m

Department for Health: £1m

Capita’s profits

The NAO says:

“Capita has been profitable for many years. Its accounts allocate its activities to 11 operating segments according to the nature of the services provided. All of these operate globally and contain at least one public sector contract as well as UK private sector and overseas work.

“The information that we saw at Capita indicates the following

• Public sector work generally has a margin, before both divisional and global overheads, of 6 to 18 per cent, falling to between 1 to 10 per cent once overheads are included. Capita told us that its other public sector contracts would be similar, but that they were ‘doing better’ in the private sector.

• Two contracts reported a loss. Capita said this was because costs such as investment were being incurred at the start of the contract. Capita told us they expected these contracts to achieve a whole-life gross margin of at least 15 per cent.

• Some contracts had higher margins. Capita told us these were older contracts, some of which had made losses early on.

“Capita only showed us information on contracts that had open-book clauses. They believed that most of their clients regularly use open-book access rights. It  [Capita] said: ‘We do not distinguish between public and private sector contracts in our internal management information systems and it would be additional work for us to make available the information in a comparable format.’”

Capita’s UK taxes

The NAO estimate Capita’s UK tax paid in 2012 was £50m-£56m.

Below are some of the NAO’s general points that are not specific to any one of the four companies.

Making money through contract changes

NAO: “Changing a contract and adding requirements allows a contract to evolve, but can be less competitive than fully tendering the new requirement.

“Because of such changes, the total revenue through contract tends to grow, as reflected in the four contractors’ portfolios. In our experience the contractors tend to make higher profit margins on these changes. Good practice aims to build flexibility to the contract and relies on transparent costs and profits…

“Generally contractors manage their profit across a portfolio, targeting an overall level of profit. Low margins are often established during the bidding process, but can increase during the contract lifetime.”

Easier to stick with existing suppliers?

“Incumbents can be seen by procurement and policy officials as the easier and safer option. Across the 15 applicable services we looked at as case studies for this memorandum, seven had been re-tendered at least once, with four of the most recent competitions for each service being won by existing providers and three by new providers.”

Open book accounting not always open

“The government only has access to information on the profits contractors make where ‘open-book arrangements’ are written into contracts. Open-book arrangements either require the contractor to update the client department regularly on their costs and profit, or allow the client to audit those costs and profit on an ad hoc basis.

“We found that use of open-book access rights varies. Some public bodies do not try to see data on contract profits. Comparing profit levels from the open-book arrangements we reviewed also posed challenges as contractors vary in how and when they allocate central overhead costs against profits from contracts…

“We do not have direct audit rights over government contractors. It is normal, however, for government contracts to require the contractor to give us information and help when we audit that public service and government entity. Where there are open‑book accounting arrangements with the government then this includes making those available to us.”

Suppliers pass risk back once contract start?

The original allocation of risk in the contract often changes once the contract starts. For instance:

• Contractors will often pass risk back to clients who do not fully enforce or carry out their part of the contract. The government department therefore needs the appropriate skills to manage the type of contract it is using.

• The original understanding of the risks in the contract may prove to be wrong. This can lead to the contract being terminated (Figure 18) and risks that the government thought the contractor would manage returning to the public sector.

• The government sometimes ignores the commercial terms and risk allocation in the contract when trying to settle a dispute or vary the requirement. Instead, it can put political pressure on the contractor and threaten their reputation

You can’t rely on contracts

The standards expected of all public services are honesty, impartiality, openness, accountability, accuracy, fairness, integrity, transparency, objectivity, and reliability, says the NAO. They should be carried out:

• in the spirit of, as well as to the letter of, the law;

• in the public interest;

• to high ethical standards; and

• achieving value for money.

In these respects public contracts are limited in what they can achieve. Says the NAO:

“Many of the standards expected of all public services do not easily translate into a contract specification. It is not possible, for instance, to contract for ‘integrity’ or the ‘spirit of the law’.

“Achieving the standards expected for public service depends largely on the corporate culture, control environment and ethics of the contractor. It is not easy, however, to use contract negotiations to meaningfully assess and set standards for the contractor overall.

“Government therefore needs to supplement traditional contractual mechanisms with other means of ensuring the expected standards are met. In particular, they need to ensure that the companies’ own corporate governance, management and control environment are aligned with taxpayers’ interests.

“This requires both transparency over performance and incentives to implement the rigorous control environment required including credible threat to profits and future business if problems are found.”

The NAO says officials need to better understand the general control environment that contractors use to manage government contracts, and how far senior executives in those companies should understand what is happening within their companies.

US is more open than UK

The NAO says that companies’ own public reporting and transparency to the public is important to facilitate public scrutiny and trust. Although the government publishes new public contracts on its website www.contractfinder this contains only recently awarded contracts and “very few of the four contractors’ contracts are on it”, says the NAO which adds:

“By contrast, the US government website www.USAspending.gov sets out the full contracts and spending on all government suppliers.”

On Freedom of information, contractors compile information to answer freedom of information requests when asked by their government clients, where they hold the information for the government, but the department answers the actual request.

Says the NAO: “Freedom of information does not apply to the contractor’s business and commercially sensitive information can be exempt.”

On the openness of suppliers in reporting profits the NAO says:

“Even where transparency exists, it is inevitably difficult to interpret profit information. It can be unclear what a reasonable margin looks like. In theory, the margin is meant to reflect risk, innovation and investment. But these are difficult to measure. Furthermore, profit is rarely presented consistently. It can be unclear how overheads are allocated. The profit margin changes, depending on the stage of the project. And different companies may target different rates depending on their business model.”

KPIs of limited value

The NAO says KPIs give a limited overview of performance and are normally focused on things that are easily measurable.

“The main way the government can gain quality assurance is through the contractual reporting. This normally includes a set of KPIs that track performance and that are often linked to financial incentives. Together these make up the service level agreement (SLA). These can be used effectively to manage performance. However, there are three major risks that mean that contractual reporting is not sufficient on its own to monitor performance.”

The NAO says there are risks of misreporting. “There have been instances of contractors misreporting performance, including the case of Serco’s Cornwall out-of-hours healthcare contract …”

Poorly calibrated KPIs.  

“All the contractors told us about instances where poor calibration has resulted in green SLA traffic lights where the client is unhappy or red traffic lights where the client is content with the service. This reduces the SLA’s relevance and can indicate that incentives are not working.”

Are some suppliers too big to fail?

“The current government, like the one before it, sees contracting out as a way to reform public services and improve value for money. Contracting out can significantly reduce costs and help to improve public services. However, there are several indications that better public scrutiny is needed across government contracting:

• There have been several high-profile allegations of poor performance, irregularities and misreporting over the past few months. These raise concerns about whether all contractors know what is going on in their business and are behaving appropriately; and how well the government manages contracts.

• The government believes that contractors generally have often not provided sufficient value, and can contribute more to the overall austerity programme.But the general level of transparency over contractors’ costs and profits is limited. The government needs a better understanding of what is a fair return for good performance for it to maintain the appropriate balance between risk and reward.

• Third, underlying both these issues is the concern that government is, to a certain degree, dependent upon its major providers. There is a sense that some may be ‘too big to fail’ – and difficult to live with or without.

Can we see whether contractors’ profits reflect a fair return?

The NAO’s answer to its own question appears to be “no”.

It says there is a need to explore further:

• Whether there is sufficient transparency over costs, profit and tax.

• Whether the balance of risk and reward is providing the right incentives

for contractors.

• Whether profits represent a fair return.

Shareholder v taxpayers’ interests

The NAO suggests that suppliers are likely to put their own interests before taxpayers’.

“Companies’ own control environments will likely concentrate on maintaining shareholder value. Government needs to ensure that it is in the contractors’ financial interests to focus their control environment more widely on meeting the standards expected of public service.

“This involves using contractual entitlements to information, audit and inspection to ensure standards are being met. And it is likely to involve financial penalties, banning from competitions and political fallout when problems are found.”

The NAO says that, to be a well-informed customer, the government needs to satisfy itself that contractors’ corporate governance structures work in taxpayers’ interests, and that the companies are not paying ‘lip service’ at the centre with little group-wide control to back it up.

“Companies that are large and have sprawling structures, involving a vast number of subsidiaries, may have to make particularly strenuous effort to demonstrate this.”

The NAO suggests further areas to explore:

• Whether contractors are meeting the standards of performance the public expects.

• What contractors consider themselves accountable for.

• Whether transparency is sufficient to ensure contractors work in the taxpayers’ interests.

• Whether contractors’ control environments focus on ensuring standards of public services are met.

Supplier information unverified

The NAO says: “We are grateful for the help and cooperation provided by Atos, Capita, G4S and Serco in the preparation of this memorandum. Most of the information in this report is based on information the companies provided.

“Much of this would not otherwise be in the public domain. The contractors also helped us to understand their business and talked frankly about the risks, challenges and incentives they face.

“However, we do not directly audit these companies and have not been able to verify all the information provided against underlying evidence. We have therefore presented the information in good faith, and attempted to compare different evidence sources wherever possible.”

NAO memorandum on the role of major contractors in the delivery of public services

Comment

Capita is not a bad government contractor.  Perhaps it is one of the best. But is that a ringing endorsement?

The NAO has carried out a thorough investigation but its inquiry suggests that much about public sector contracting remains hidden. On suppliers in general, it is not difficult, if both sides tacitly agree, to hide problems from Parliament, the media and even the Cabinet Office which asks the right questions of departmental officials but does not always get answers, let alone accurate answers.

The NAO did not always get answers to its questions. Indeed Amyas Morse, head of the NAO, said there is an impression that some officials are not in control of their suppliers.

“Contracting with private sector providers is a fast-growing and important part of delivering public services.  But there is a crisis of confidence at present, caused by some worrying examples of contractors not appearing to treat the public sector fairly, and of departments themselves not being on top of things.

“While some government departments have been admirably quick off the mark and transparent in investigating problems, there is a clear need to reset the ground rules for both contractors and their departmental customers,” said Morse.

My thanks to campaigner Dave Orr for drawing my attention to Morse’s comment.

4 Comments

Posted in Atos, Campaign4Change, Capita, DWP, efficiency savings, Freedom of Information, Government IT, India

DWP untouched by MPs’ criticisms over Universal Credit IT project

Posted on 08/11/2013 | 6 comments

By Tony Collins

Yesterday, while the national media was broadcasting and publishing criticisms of the Universal Credit project by the Public Accounts Committee, tweets by the press office at the Department for Work and Pensions were not exactly contrite.

Some DWP tweets amid the criticisms yesterday afternoon:

@dwppressoffice   The early #UniversalCredit roll-out is going well & we expect to announce more details of delivery plans shortly http://ow.ly/qAeOm 

@dwppressoffice   Head of #UniversalCredit says there is real potential to use much of the existing IT systems http://ow.ly/qAeYc 

@dwppressoffice   We do not recognise the PAC’s £140m write-off figure for #UniversalCredit & expect it to be substantially less http://ow.ly/qzE75 

@dwppressoffice   Today’s PAC report on #UniversalCredit doesn’t take into account our new leadership team or progress in delivery http://ow.ly/qzDvd 

In October the National Audit Office said in its report Universal Credit: early progress:

“Major Projects Authority and supplier-led reviews in mid-2012 identified a ‘fortress’ mentality within the programme team and a ‘good news’ reporting culture.”

The Public Accounts Committee said in its report yesterday:

“The Department only reported good news and denied the problems that had emerged.”

Comment

 The DWP’s tweets yesterday are not the fault of individual press officers who are, no doubt, accurately reflecting the views of senior officials that the Universal Credit IT project is going well, subject to some realignment which is to be expected on a complex and innovative programme.

This is one reason the DWP has had so many big IT-based project failures going back to the “Camelot” benefit computerisation scheme in the 1980s. The department’s perception of itself is that it is uniquely complex and misunderstood by those on the outside: the media, Parliament, the National Audit Office and, in more recent years, the Cabinet Office and the Major Projects Authority.

In some ways the DWP is like a soldier who emerges from a dense European forest in 1965 and is amazed to discover that the Second World War ended two decades before.

If the DWP’s press officers feel a need to keep up the pretence that all is well with the Universal Credit IT project, it probably means the pressure will be on the project director Howard Shiplee to keep up that pretence as well at least until, perhaps, he and Iain Duncan Smith disappear from the department after the general election in 2015.

Until the culture of denial and good news reporting at the DWP gives way to a culture of contrition, intense internal challenge, much greater openness, and an acceptance that some criticisms by Parliament and the National Audit Office may be justified – and an acceptance that the democratic process may be good for the department – Universal Credit seems doomed to follow the path of the last major benefits system change project in the 1990s: Operational Strategy, as it was called, took ten years (much longer than expected), went over budget by more than 300% and did not achieve the estimated savings.

Needless to say Whitehall officials – and the supplier – regarded the project a success.

6 Comments

Posted in Campaign4Change

Did DWP mislead MPs and media over Universal Credit?

Posted on 07/11/2013 | 2 comments

By T0ny Collins

Today’s report of the all-party Public Accounts Committee “Universal Credit: early progress” goes beyond criticisms of the scheme in a National Audit Office report of the same name on 5 September 2013.

Public Accounts MPs say the Department for Work and Pensions gave “misleading interviews to the press regarding progress after it became aware of difficulties with the programme”.

And as recently as July 2013 the “Department denied that there were problems with the programme’s IT when it gave evidence to the Work and Pensions Committee”.

These criticisms are against a background of the DWP’s refusal to publish any of the many internal and external reports the department has commissioned on the project’s progress, problems and challenges since 2011.

The Times today says that work and pensions secretary Iain Duncan Smith and members of his parliamentary team are “understood to have approached at least three Tory MPs on the cross-party [Public Accounts] committee to ask them to ensure that Robert Devereux, Permanent Secretary at the Department for Work and Pensions, was singled out for censure”.  In the end there was only limited criticism in the PAC report of Devereux – under his formal title of “Accounting Officer”.

Comment

If the DWP has been misleading the press, giving incorrect evidence to Parliament, and keeping secret its reports on the problems and challenges facing one of the government’s most important IT-based programmes – all of which seem to be the case – is it an institution that regards itself as uniquely outside the democratic process?

On big IT projects, officials are not motivated by money and concern for their jobs as are private sector boards of directors. When a private company gets it wrong and loses tens of millions on a project, the share price may fall, individual bonuses may be hit, and jobs, including the CEO’s, may be at risk.

In the public sector getting it wrong rarely has any implications for officials. They have only the threat of departmental embarrassment as a deterrent to getting it wrong. But they need not fear even embarrassment if they can mislead the press and Parliament and keep secret all their internal and external reports.

If a lack of transparency, culture of denial, and the misleading of Parliament continue to characterize big risky IT-based ventures in central government, one has to ask whether Whitehall is congenitally ill-suited to running such programmes.

The Public Accounts Committee warned in a report in 1984 about the risks of large public sector computer programmes. That report came after a series of project disasters.

So what has been learned in the last 30 years – other than that central departments are poorly equipped managerially – or democratically – to handle big IT-based programmes and projects?

These are some of the Public Accounts Committee’s findings:

MPs try to be positive

“We believe that meeting any specific timetable is less important than delivering the programme successfully. There is still the potential for Universal Credit to deliver significant benefits, but there is no clarity yet on the amount of savings it will achieve.”

Culture of denial

“The programme had also developed a flawed culture of reporting good news and denying that problems had emerged. This culture resulted from the desire of senior staff within the programme to show publically that they were able to push the programme forward, at the expense of ensuring that adequate controls were in place or listening to concerns raised about its delivery.

“Although the Department has tried to tackle this culture, it gave misleading interviews to the press regarding progress after it became aware of difficulties with the programme, and as recently as July 2013 the Department denied that there were problems with the programme’s IT when it gave evidence to the Work and Pensions Committee.”

Shocking absence of control over suppliers

“There has been a shocking absence of control over suppliers with the Department neglecting to implement basic procedures for monitoring and authorising expenditure…

“The Department recognises its supplier management has been weak, risking value for money.  Four main suppliers – Accenture, IBM, Hewlett Packard and British Telecom – have provided IT systems for Universal Credit, and by March 2013 the Department had paid them £265m out of the £303m spent with suppliers on IT systems.

“In February 2013 the Major Projects Authority found no evidence of the Department actively managing its supplier contracts, resulting in suppliers being out of control and financial controls not being in place.  The Department has yet to provide a comprehensive assessment of how much of this expenditure has proved nugatory, although the Major Projects Authority believes it will be a substantial figure running into hundreds of millions of pounds.”

Lack of oversight

The lack of oversight allowed the Department’s Universal Credit team to become isolated and defensive, undermining its ability to recognise the size of the problems the programme faced and to be candid when reporting progress…

“Oversight has been characterised by a failure to understand properly the nature and enormity of the task, a failure to monitor and challenge progress regularly, and a failure to intervene promptly when problems arose.

“Senior managers only became aware of problems through ad hoc reviews, mostly conducted by external reviewers, as inadequate management information and reporting arrangements had not alerted them that things were amiss.

“Given its huge importance to the Department, the Accounting Officer [Robert Devereux] and his team should have been more alert to identifying and acting on early warning signs that things were going wrong with the programme

Blinkered culture remains?

“Risk was not well managed and the divergence between planned and actual progress could and should have been spotted and acted upon earlier. The Department only reported good news and denied the problems that had emerged. The risk of a similarly blinkered culture remains as the Department will be working to tight timescales to get the programme back on track.”

Problems hidden

“It is extremely disappointing that the litany of problems in the Universal Credit Programme were often hidden by a culture prevalent in the Department which promoted only the telling of ‘good news’.

“For example, officials were aware that a critical report highlighting many of these issues had been discussed internally for months. Indeed, there are real doubts over when officials became aware of these problems and it is difficult to conceive, based on the evidence we were presented with, that officials within the Department did not know of them before July 2012.”

Shocking absence of financial and other controls

“There has been a shocking absence of financial and other internal controls and we are not yet convinced that the Department has robust plans to overcome the problems that have impeded progress.”

Did the DWP do anything well?

“The Department initially adopted a piecemeal approach to delivering the programme.

“In 2011 it identified over a hundred different types of users for Universal Credit, and initially sought to design IT solutions for each set of circumstances individually. It was only in early 2012 that the Department decided to stand back and try to establish a clearer picture of what the programme’s overall shape might look like.

“During the summer of 2012 the Department became aware of the problems that Universal Credit faced. It was first alerted by concerns raised in a supplier-led review, commissioned by the Secretary of State, which reported in July.

“The Department subsequently established that the programme’s progress was stalling because there were a number of unresolved issues which had become intractable, particularly relating to the level of security needed for identity assurance and protection against fraud and error and cyber-attack.

“The Department had been previously unaware of the programme’s difficulties because its internal lines of monitoring, intervention and defence, intended to identify and mitigate such problems, were not working properly. Governance arrangements were not remotely adequate, and the Accounting Officer [Robert Devereux] discussed progress with the head of the Universal Credit programme only every two or three weeks.

“The Department had inadequate performance information to scrutinise and challenge the programme’s reports of its progress, so internal reporting arrangements did not flag up that things were amiss. The Department’s corporate finance undertook insufficient work to ensure there was an appropriate control environment in place, and the Department’s process for ministers to sign-off higher-value contracts was weak.

“The Department’s senior management had relied on ad hoc reviews, mostly conducted by external reviewers, which only provided an occasional snapshot of the programme, instead of ensuring effective internal systems were in place to monitor and challenge progress. However, during 2012 the problems surfaced more clearly as the Universal Credit team became unable to respond to recommendations made by such reviews.”

Will Universal Credit ever work?

“The Department remains uncertain about key details of its final plans. It does not know how much can be delivered online, when this will be available, and what activities will continue to require face-to-face meetings.

“ The Department also does not know what the final cost of the IT will be, or the savings the programme is expected to deliver. Nor does it know when it will close down the other benefits that Universal Credit will replace.”

The Department has a target of enrolling 184,000 claimants on Universal Credit by April 2014 and has launched limited pilot schemes.”

Says the PAC report: “The current rate of progress is significantly below target, however. Only around 2,500 claimants were registered at the time of our hearing in September, and the Department was unwilling to speculate what number will be enrolled by next April.”

In a steady state Universal Credit is expected to deal with 10 million people in about 7.5 million households, making 1.6 million changes in circumstances each month.

Security versus usability

“The Department is aware that the system must include suitable security arrangements if Universal Credit is to operate effectively and deliver its intended benefits.  However, the Department has not yet finalised such a solution, and was unable to say when two key components – those countering fraud and error and confirming claimants’ identity- would be completed.

“The Department has found it particularly hard to establish the right balance between security and usability. The development of an effective security system has been hindered by security not being integral to the design of IT components from the outset, but instead being retro-fitted into systems, and suppliers working on different assumptions and to different standards. To address this, the Department told us it has now brought security issues together in one place, with one senior official responsible for overseeing this part of the programme.”

DWP response to PAC report

A Department for Work and Pensions spokesperson told the BBC

“This report doesn’t take into account our new leadership team, or our progress on delivery,” it said. “We have already taken comprehensive action including strengthening governance, supplier management and financial controls.”

The DWP said it did not accept “the write-off figure quoted by the committee” and expected it to be substantially less”.

A spokesman for Iain Duncan Smith told the BBC that he had “every confidence” in the team now running the programme, including Mr Devereux – whose position  some newspapers have suggested is under threat.

“Both the National Audit Office and the public accounts committee acknowledged a fortress mentality within the Universal Credit programme,” he said.

“Iain was clear back in the summer about how he and the permanent secretary took action to fix those problems.”

PAC report: Universal Credit: early progress

National Audit Office report: Universal Credit: early progress

2 Comments

Posted in Accenture, Agile, BT, Campaign4Change, change management, DWP, Government IT, IBM, IT-related failures, Major Projects Authority, managing change, managing outsourced services, openness and transparency, private sector lessons for the public sector, project management, public services, Real-Time Information, Universal Credit

Tagged , ,

DWP cover-up over Universal Credit IT project?

Posted on 01/11/2013 | 5 comments

By Tony Collins

In March 2012 a contact who was close to the Universal Credit IT project called me about problems on the scheme – using a phone box because of concern that mobile phones were insecure.

The contact said a deadline in April (2012)  to lock-down features in the Universal Credit IT project was not going to be met and that the failure would jeopardise the go-live date of October 2013 for the start of Universal Credit.

The contact also said the Government would make an announcement on the scheme in September which may refer to a write-off of at least £150m on the IT project.  Officials were reluctant to impart the whole truth to ministers, suggested the contact. Oracle was said to be having trouble handling functionality.

It was a difficult conversation to write up at the time because the Department for Work and Pensions claimed without reservations that the IT project was on time and to budget, and the work and pensions secretary Iain Duncan Smith was making similarly positive statements on the project’s progress.

Even so Campaign4Change published the contact’s claims, in April 2012, under the headline “Time for Truth on Universal Credit IT“.

Now The Guardian says it has 150 pages of leaked documents that show ministers have been presented with a radical plan to put the Universal Credit project back on track by restarting the scheme and writing off £119m of work over the past three years.

Says the Guardian:

“The proposals would create a much more web-based system, reducing the need for jobcentre staff, but putting the whole scheme back to ‘phase one’…”

An alternative plan would be to attempt to improve the existing system and build on the investment already made.

“Both plans were drawn up by civil servants at the direction of Department for Work and Pensions ministers. The documents include a risk assessment of each option, which criticises both plans and warns that a maximum of 25,000 people – just 0.2% of all benefit recipients – will be transferred on to the programme by the next general election, whichever route is taken.

“The risk assessment warns that the plan to start again, the ‘design and build’ web-based scheme, is ‘unproven … at this scale’. It says the plan to fix three years of work on universal credit is still ‘not achievable within the preferred timescales’, describing it as unrealistic.”

The Guardian suggests that Cabinet Office minister Francis Maude favours the new web plan. Duncan Smith and his newly appointed project director, Harold Shiplee, are understood to back fixing what has been created over the past three years.

The risk document says that the option to fix the current system is “not endorsed” by the Cabinet Office, which could have “an adverse impact on delivery timescales” in getting government approvals.

Duncan Smith has said repeatedly that universal credit will be delivered on time and on budget but the 2017 deadline for completion has long been impossible. 

The risk assessment, dated 11 October, says the plan for a faster, more web-based system would involve writing off £119m of previous work, and cost the DWP £96m to develop. However, it warns ministers that they will have no idea if the web-based system will work until the summer of 2014 “when it is live for 100 claimants”.

Fixing the existing system would cost £226m, the report says, and the completed design would still be vulnerable to security flaws. While this option offers a chance for reputational recovery, a smaller write-off cost of £21m and less disruption, the report warns it may ultimately not prove value for money.

Asked about the findings of the risk report, the DWP said its plans remained on track and would ultimately save the country £38bn.

The Guardian says that ministers may order both plans to be pursued at the same time and wait to see what happens after six months.

A DWP spokesman told The Guardian: “Our work on the development of universal credit is ongoing and, as we said back in July, we will be announcing the next stage of rollout later this year. Our plans for delivery, which will ultimately bring a £38bn benefit to society, remain on track.”

Comment

The contact’s call from a phone box in March 2012 indicates that the Department for Work and Pensions knew of the chaotic state of the Universal Credit IT project more than a year before there was any public admission of any problems.

The contact was right about plans for a possible large write-off, and that the scheme would not start in October 2013 as planned. The contact was wrong about the government making an announcement about the write-off. That didn’t happen. It still isn’t happening. It looks like IDS wants to try and repair the project, which is likely to throw good money after bad, though it is likely to delay the large write-offs until after the next general election.

Meanwhile the DWP is continuing to refuse to publish any of its reports and assessments on the IT for Universal Credit. The secret reports include:

–   A Project Assessment Review in November 2011

– Universal Credit Delivery Model Assessment Two (McKinsey and Partners)

– Universal Credit end-to-end Technical Review (IBM).

The DWP’s cover-up on Universal Credit IT may be more instinctive than systematic or conspiratorial. But it’s a cover-up nonetheless. Isn’t it time Parliament was told the truth when government IT projects go wrong, and not a year or more later?

Is Parliament still not being told the truth about the inevitability of huge write-offs?

Time for Truth on Universal Credit IT – April 2012

5 Comments

Posted in Campaign4Change

More IT-based megaprojects derail amid claims all is well

Posted on 30/10/2013 | 2 comments

By Tony Collins

If one thing unites all failing IT-based megaprojects in the public sector it is the defensive shield of denial that suppliers and their clients hold up when confronted by bad news.

It has happened in the US and UK this week. On the Universal Credit  project, the minister in charge of the scheme, Lord Freud, accepted none of the criticisms in a National Audit Office report “Universal Credit: early progress”.   In a debate in the House of Lords Lord Freud quoted from two tiny parts of the NAO report that could be interpreted as positive comments.

“Spending so far is a small proportion of the total budget … and it is still entirely feasible that [universal credit] goes on to achieve considerable benefits for society,” said Lord Freud, quoting the NAO report.

But he mentioned none of the criticisms in the 55-page NAO report which concluded:

“At this early stage of the Universal Credit programme the Department has not achieved value for money. The Department has delayed rolling out Universal Credit to claimants, has had weak control of the programme, and has been unable to assess the value of the systems it spent over £300 million to develop.

“These problems represent a significant setback to Universal Credit and raise wider concerns about the Department’s ability to deal with weak programme management, over-optimistic timescales, and a lack of openness about progress.”

And a shield of denial went up in the US this week where newspapers on the east and west coast published stories on failing public sector IT-based megaprojects.  The LA [Los Angeles] Times said:

As many as 300,000 jobless affected by state software snags

“California lawmakers want to know why Deloitte’s unemployment benefits system arrived with major bugs and at almost double the cost estimate. The firm says the system is working.”

The LA Times continued:

“Problems are growing worse for the state’s Employment Development Department after a new computer system backfired, leaving some Californians without much-needed benefit cheques for weeks.”

The Department said the problems affected 80,000 claims but the LA Times obtained internal emails that showed the software glitches stopped payment to as many as 300,000 claimants.

Now lawmakers are setting up a hearing to determine what went wrong with a system that cost taxpayers $110m, almost double the original estimate.

Some blame the Department’s slow response to the problems. Others point the finger at a Deloitte Consulting.

The LA Times says that Deloitte has a “history of delivering projects over budget and with problematic results”. Deloitte also has been blamed, in part, for similar troubles with upgrades to unemployment software in Massachusetts, Pennsylvania and Florida, says the paper.

“We keep hiring the same company, and they keep having the same issues,” said Senator Anthony Cannella.  “At some point, it’s on us for hiring the same company. It’s faulty logic, and we’ve got to get better.”

In 2003 California planned to spend $58m upgrading its 30-year-old unemployment benefits system. By the time the state awarded Deloitte the contract in 2010  the cost estimate had grown by more than $30m.

The Department handed out $6.6bn to about 1 million unemployed Californians in 2012. The software was expected to ease the agency’s ability to verify who was eligible to receive benefits.

Problems began when the Department transferred old unemployment data to the new system. The software flagged claims for review — requiring state workers to manually process them.

The LA Times says that officials thought initially the workload would be manageable, but internal emails showed the agency was quickly overwhelmed. Phone lines were jammed. For weeks, the Department’s employees have been working overtime to clear the backlog.

A poor contract?

In a contract amendment signed two months ago California agreed to pay Deloitte $3.5m for five months of maintenance and operations costs. Those costs should have been anticipated in the contract said Michael Krigsman, a software consultant who is an expert on why big IT-based contracts go awry. He told the LA Times:

“It’s a striking oversight that maintenance was not anticipated at the beginning of the contract when the state was at a much stronger negotiation position.”

By the time the middle of a project is reached, the state has no choice but to stick with Deloitte to work out bugs that arise when the system goes live, he said.

System works

Loree Levy, a spokeswoman for the Department, said the system is working, processing 80% of claims on time. As for the troubles, she said, “There is a period of transition or adjustment with any large infrastructure upgrade like this one.”

Deloitte spokeswoman Courtney Flaherty said the new California system is working and that problems are not the result of a “breakdown or flaw in the software Deloitte developed”.

System not working?

While there seems to be no project disaster in the eyes of the Department and Deloitte Consulting, some of the unemployed see things differently. One wrote:

“I am a contract worker who had to fight for my unemployment benefits. I won my case and yet they still cannot pay me… It’s been more than 3 weeks since I won my appeal and as of this moment, I am owed 13 weeks of back payments. To add insult to injury, they cannot send me current weeks to certify and they refuse to even try to help me to get back into the online system.

“I blame Deloitte, but it is California that carries the heaviest burden of fault… We’re nearing November and they still haven’t fixed an issue that began over Labor Day? Nonsense!

“This is untenable for everyone affected …We are owed reparations as well as our money at this point. It’s a funny word, affected. That means families and individuals are going hungry but can’t get food stamps or welfare. It means evictions and repossessed cars. It means destroyed credit, late fees, years of turmoil and shame for people already dealing with unemployment. Shame on you California.”

Another wrote:

“ … Not communicating is NOT an answer. Unemployed individuals caught up in the nightmare were told to be patient.  Rents and other expenses were still accumulating.  But [when you] add on additional fees: late fees, restoral fees, interest fees, etc…….you get the picture.

“Dear Governor Brown,

“Please reimburse me for all additional fees I’ve had to absorb to survive this fiasco.  You are going to make me payback any overpayments, but ignore the cost to the unemployed taxpayer.  This is  appears to unfair.  Perhaps Deloitte should pay us back from their contracted funds before they receive their final payment.  I am saving all of my receipts to deduct from my 2013 tax return.

“BTW Gov Brown – I am still waiting on additional payments as of today and DMV registration for my vehicle was due on 10/20/13.  Are you going to waive the penalty for late payment? Am I the only one with this question?”

Scrutiny

California’s state Assembly has set a date of 6 November 2013 for a hearing into the Department’s system upgrade.

“We’re going to look at EDD, the contractors and others to see how the system broke down so we can avoid this in the future,” said Henry Perea, chair of the Assembly’s Insurance Committee, which has oversight over the jobless benefits program.

On its website Deloitte says:

“Deloitte continues to help EDD [Employment Development Department] transform the level of service it provides to unemployed workers and improve the quality of information collected by EDD. The next time unemployment spikes, California should be ready to meet the increased demand for services.”

Massachutsetts IT disaster?

On the opposite coast the Boston Globe reported on an entirely separate debacle (which also involved Deloitte):

          None admit fault on troubled jobless benefits system

“… even with the possibility that unemployed workers could face months more of difficulties and delays in getting benefits, officials from the Labor Department and contractor, Deloitte Consulting of New York, testified before the Senate Committee on Post Audit that the rollout of the computer system was largely a success.

“‘I am happy with the launch,’ said Joanne F. Goldstein, secretary of Labour and Workforce Development, noting that she would have liked some aspects to have gone better.

“Mark Price, a Deloitte principal in charge of the firm’s Massachusetts business, acknowledged that software has faced challenges during the rollout, but insisted, ‘We have a successful working system today. ‘’’

NPfIT shield

A shield of denial was up for years at the Department of Health whose CIOs and other spokespeople repeatedly claimed that the NPfIT was a success.

Comment

If you didn’t know that Universal Credit IT wasn’t working, or that thousands of people on the east and west coasts of the US hadn’t been paid unemployment benefits because of IT-related problems, and you had to rely on only the public comments of the IT suppliers and government spokespeople, you would have every reason to believe that Universal Credit and the jobless systems in Massachusetts and California were working well.

Why is it that after every failed IT-based megaproject those in charge can simply blow the truth gently away like soap bubbles?

When confronted by bad news, suppliers and their customers tend to join hands behind their defensive shields. On the other side are politicians, members of the public affected by the megaprojects and the press who have all, according to suppliers and officials, got it wrong.

Is this why lessons from public sector IT-based project disasters are not always learned? Because, in the eyes of suppliers and their clients, the disasters don’t really exist?

None admit fault on troubled jobless benefit system

State fired Deloitte

Complaints continue despite claims system is under control

As many as 300,000 affected by California’s software problems

California’s predictable fiasco?

2 Comments

Posted in Campaign4Change, change management, CIO, consultants, contractors, culture, Deloitte, ERP, Government IT, IT projects, IT-related failures, managing outsourced services, npfit, openness and transparency, operational issues, outsourcing, oversight, private sector lessons for the public sector, public sector, public-private partnerships, supplier relationships, Universal Credit

Who polices police IT reports?

Posted on 24/10/2013 | 5 comments

By Tony Collins

The police, and civil and public servants in central government, the NHS and local authorities criticise journalists for biased reporting – taking selected facts out of context.

They’re sometimes right.  Journalists working for national newspapers can draft an article that is diligently balanced only to find, by the time it’s published, it leaves out facts which would have complicated, blunted, or contradicted the main points.

It’s one thing for this to happen in the world of journalism. You don’t expect public bodies to report on their own affairs with a partiality that rivals out-of-context reporting by some newspapers.

But it appears to be happening so regularly that one-sided self-reporting on organisational performance may be becoming the norm in the public sector.

In the NHS subjective, positive reporting in board papers – where managers tell directors what they think they want to hear – could help to explain why Cerner patient record implementations have, for years, gone badly wrong for the same reasons.

In recent months reports without balance have been published on the performance of Avon and Somerset Police’s IT outsourcing contract with IBM. 

Somerset County Council, Taunton Deane Borough Council and Avon and Somerset Police  are minority shareholders in a private company, Southwest One,  which is owned by IBM.

Confusingly, Taunton Deane Borough Council issued positive reports about its successful partnership with Southwest One – and then it decided to take some services back in-house.

Now it has emerged – only as a result of FOI requests by Somerset resident and campaigner Dave Orr – that two independent organisations, the National Audit Office, and HM Inspectorate of Constabulary, have commented positively on Avon and Somerset Constabulary’s partnership with Southwest One, based entirely on the unaudited opinions of the police force itself.

SAP

From his FOI requests Orr learned that the Avon and Somerset’s outsourcing deal with Southwest One has not gone entirely as expected. The National Audit Office’s FOI team has released notes of a joint visit by the NAO and HM Inspectorate of Constabulary to Avon and Somerset police in December 2012.  The visit was to find out about how well Southwest One was delivering services to the police force.  

The NAO’s notes are positive in parts. They say that performance has improved considerably since the implementation of the contract.

“Implementation of SAP improving the accounts close-down process, initial issues being resolved and a good quality of service being provided regularly.”

But there is another side to the story that is not reflected in the published accounts of Avon and Somerset’s relationship with Southwest One. The NAO’s [unpublished] field notes say:

“Fewer than expected benefits have been realised from IT due to the considerably different security requirements of the Police compared to the Councils.

“It also took a long time for SAP to be implemented. There has yet to be a duty management system implemented by SWOne which is part of the contract… SAP would have benefited from some pre-launch testing or piloting.”

A letter to Orr from the Home Office appears to confirm that Avon and Somerset Police’s participation in Southwest One is an unequivocal success.

“The private sector can help to deliver police support services better and at lower cost. Every pound saved means more money for the front line, putting officers on the streets…

“In its report “Policing in Austerity: rising to the challenge [2013] Her Majesty’s Inspectorate of Constabulary identified the Southwest One partnership as being a key element in achieving savings for Avon and Somerset Constabulary while ensuring better procurement, streamlining business support processes, and ensuring better use of police officer time.

“The report also noted that the Southwest One collaboration was the first of its kind for policing in England and Wales and that to date, no other force has delivered this level of partnership with local authorities.”

A little of the other side of the story comes in the last sentence of the Home Office letter to Orr which says: “We understand that Avon and Somerset Constabulary continues to work closely with IBM to resolve any technical difficulties and improve the services provided by Southwest One.”

Indeed a table on page 155 of HMIC ‘s 2013 report Policing in austerity: rising to the challenge indicates that Avon and Somerset Constabulary has one of the worst records of any police force when it comes to savings delivered between 2010/11 and 2012/13. [Table: Key indicators of the challenge – quartile analysis.]

Southwest One began a 10-year contract providing services to Avon and Somerset Police in 2008. The services included enquiry offices, district HR, estates, financial services, site administration, facilities, corporate human resources, information services, purchasing and supply, and reprographics. The contract involves 554 seconded staff.

Comment

Police forces, councils, the NHS and central government departments need  a few Richard Feymans to report on their organisation’s performance. Feynman was a gifted scientist, MIT graduate and noble prize winner who was chosen as a commissioner to report on the cause , or causes, of the Challenger Space Shuttle “O” rings accident on 28 January 1986.

He reported with such independence of mind and diligence that his hard-hitting findings were not considered acceptable to be included in the main report of the Presidential Commission of inquiry into the accident.  Feynman had to be content with having his findings published as an appendix to the Commission’s report – and an edited appendix at that.  

He suggested in his book “What do you care what other people think?” that his appendix was the only genuinely balanced part of the official inquiry report. 

“For a successful technology, reality must take precedence over public relations, for Nature cannot be fooled,” said Feynman.

One of his questions was whether “organisation weaknesses that contributed to the [Shuttle] accident [was] confined to the solid rocket booster sector, or were they a more general characteristic of NASA.”

One of Feynman’s conclusions:

“It would appear that, for whatever purpose – be it for internal or external consumption – the management of NASA exaggerates the reliability of its product to the point of fantasy.”

If such exaggeration happens at NASA it can happen in UK police force IT reports, and in board papers on the performance of councils and NHS trusts.

When journalists get it wrong it’s usually to their eternal regret. In the public sector positive unbalanced reporting is so “normal” that hardly anyone involved realises it’s a deviant practice. The US author Diane Vaughan coined a phrase for such corporate behaviour.  She called it the normalisation of deviance.  

It’s surely time for public bodies to move away from the norm and start reporting on their performance, and the performance of their outsourcing other private sector contracts, with balance, objectivity and independence of mind.   

If managers knew that reports on the progress of their contracts would be audited for impartiality and competence over organisational self-interest, perhaps they would have a greater incentive to avoid badly thought through outsourcing deals and IT implementations.

Is this why some council and NHS scandals stay hidden for years?

NAO report “Private sector partnering in the police service”

Dave Orr’s HMIC FOI requests and answers

NAO’s FOI responses on Avon and Somerset Police

5 Comments

Posted in Campaign4Change, Government IT, IT-related failures, local government, NHS, openness and transparency, operational issues, outsourcing, oversight, private sector lessons for the public sector, project management, public sector, public services, public-private partnerships, SAP, supplier relationships

Tagged ,