‘CIOs will have to ensure cybersecurity is a priority’
Could you talk us through your involvement in the Global Digital Exemplar (GDE) scheme? What will the programme enable you to do?
We were selected as part of a group of hospitals to bid for the process of being a GDE. We were obviously interested in that because it involved extra investment in our programme and we had to fill out some due diligence documentation and, luckily for us, we managed to pass that and then come through another round of due diligence to be selected, so we were very pleased about that, obviously.
How important is cross-border collaboration for the trust? Have you identified any international sites that you’d like to work with? Are you taking into account EMRAM scores?
We were interested in working with organisations internationally; we were interested in knowing whether we could achieve the same things with our approach. If you look at what goes on across the world, not everyone has approached things in the same way that we have, we are an integrator of systems. We probably have more vendors than some of the larger US sites do that have achieved HIMSS level 6/level 7. We have not identified anyone yet – it is not mandatory that we do – but we would like to have someone that we can bounce ideas off and learn from and hopefully they can learn from us, too.
You’ve previously said that you can only look 18 months ahead in technology and that some of the things you will be using in 2020 have not been invented yet. Taking that into consideration, how do you see your role changing in the future?
In the near future, I think the role of an informatics director in an organization like ours, a large acute trust, has to be delivering digital maturity within the organisation, but also it has to focus on delivering a level of maturity across a community. We’ll probably get engaged more electronically, digitally, with other health and care organisations. CIOs will have to do more to engage in that to make sure that their organisation is seen as an open organisation, outwardly facing, and not just focusing on delivering your own personal digital maturity.
Where do you see ECM/EDM systems going in the next three to five years?
I think EDMs will evolve. They have to evolve – they are in the past. If you look at an EDM system, it has been largely about managing paper and then scanning it and then continuing to perpetuate that process. In terms of a model for them to succeed in the future, they are going to have to handle more direct data entry. There is no doubt about that. If there is a place for EDM and EDM vendors in the future, it will be how they manage the interaction between paper and the transition between paper and direct data entry. I think there would also be something around how you make that information available within organisations externally, so, possibly using standards such as XDS to transfer documentation that has been put into an EDM system out into further partners, cloud-based information storage and making it more available.
What is your general reaction to the cyber attack on the NHS? What does this kind of attack mean for the future of data protection?
First, it is important to note there was no cyber attack on the NHS. A virus was released and the NHS was partly affected by that. A lot of the effects that were observed were created by people switching off access to systems to protect themselves, while they carried out software patching etc. There has been a review among the CIO and CCIO networks and the outcome has been circulated to the peer groups. I think it is clear that CIOs will have to assure their boards that cybersecurity is a priority. Inevitably, budget in this area is going to have to rise, but one positive out of this scare is that boards will be more receptive to the issues.