Events, dear boy, events. . .

Obviously, everybody will be aware the British NHS has been crippled by a ransomware attack. The NHS being practically the British equivalent of the American Constitution (mess with it at your electoral peril) it’ll be interesting to see what impact this is going to have on the election.

As usual, we have had a pretty pathetic and pig-ignorant response from our Home Secretary, Amber Rudd, who appeared to be congratulating herself on the fact that the hackers did not get access to any patient records. Unfortunately, of course, after about lunchtime on Friday, neither did NHS doctors, nurses or support staff. . .Her and Mrs May’s inevitable deflection—”It wasn’t our fault, it’s happened to lots of people”— might not go down too well either. OK, so Nissan, Telefonica, whoever, got clobbered too. But it happened to the NHS.

What we do know, is that while much of the NHS is relying on old Windows
OS and software*, it was this government that cancelled a deal with Microsoft to keep up support at a cost of a mere £5 million or so a year. . .and the Tories have wasted billions over the years paying certain software companies to develop systems for the NHS that didn’t work, and turned out to be a form of  ‘ransomware’ themselves. (We’ll get it fixed for another $20 million this year . . .and . . .again next year . . .)

Whatever, it means that for at least a week, the NHS could well be top of the political agenda again.  And, in politics speak, the Tories have ‘ownership’ of the disaster. And, unexpectedly, it’s not the Russians interfering with the election. . .though I bet Rudd and May are wishing it was.

* Funnily enough I’ve had the odd casual conversation about this in the hospital I go to, off and on over the last year or so, after I raised my eyebrows a bit at seeing what was on the screen. . .Most staff, I think, just despair. But of course, there are reasons. Much of the software might well start off-the-shelf, but it gets adapted and re-formulated.

I’ve been very annoyed with the usual fatuous ‘technical reporters’ who’ve kept saying for hours ‘If only they’d all installed Microsoft’s last patch  . . . or if they’d all upgraded their OS . . . it would never have happened. It’s all free, after all.”

We all know that’s not so easy, and it isn’t usually ‘free’. (£5 million a year to Microsoft for a start.) ‘Upgrade’ your OS, and ten to one you are going to have to buy in (again!) the latest version of a lot of the software you’ve been using; pay for umpteen licences, and ten-to-one it’s not going to behave quite the same way, or possibly not at all.

(My own hospital—I was there on Friday when this kicked off—didn’t get caught, but like most others, has effectively taken its systems off-line for the weekend. Interestingly, some departments there must use Macs as well: when I got a copy of my last [ever!] MRI scan, I was asked if I wanted it to run on Windows or Mac . . .It runs on a little stand-alone Mac program I’ve never seen before.)

6 Responses to Events, dear boy, events. . .

  1. NatashaFatale says:

    I can’t comment (much) on the NHS, but in the US there are regulatory barriers to keeping medical systems current, and those regulatory barriers exist for very sound reasons. To fit those reasons into a nutshell:

    Q: What kind of software can be relied upon to not work properly?

    A: New software.

    Q: Is that equally true of all new software?

    A: To some extent, but new simple software is often fit for use right out of the box, while new complex software can be guaranteed to fail, instantly and catastrophically. And no other kind of software is as complex as even the simplest operating system.

    Therefore there are stringent testing and approval protocols in place that are deliberately designed to prevent the kind of instantaneous adoption of new operating systems that is seen, pan-journalistically as it were, as the obvious, missing preventative measure that would have stopped this hack before it spread.

    Q: What, are you saying that Microsoft can’t be relied upon to test new versions of their operating systems before they release them?

    A: Well, no, as a matter of fact they can’t. But the question misses the point. A new operating system that works perfectly – meaning that it conforms to its design specifications and those specifications were sound (two huge assumptions that have never, even once, stood up in practice) – still can’t be trusted to work with application software that is known to work well with older versions of the same operating system. In fact, it is a dead solid certainty that some application software will fail when run on a new operating system. If that doesn’t happen, then the “new” operating system isn’t really new at all.

    Q: My goodness – hasn’t this problem been studied?

    A: Endlessly, and for generations. Literally generations: software designers have been born, worked, and retired during the time it’s been studied. But two monumental barriers have prevented these studies from producing any practical solutions.

    Q: And these are?

    A: First, any real solution must either stop or drastically slow the pace of innovation. The fact is that nobody has any idea how to test software that is new in concept by any means that were not specifically designed to test it – i.e., that software must first exist before adequate testing procedures can be designed for it.

    Q: Oh. And the second barrier?

    A: The second barrier is that every plausible solution suggested requires the coordinated expenditure of billions of dollars just to get started – and every player in the software industry would have to agree up front to comply with every detail of that solution. We will discover the philosopher’s stone before that happens.

    None of which lets the NHS off any hooks. They have been famously and monumentally foolish in their approach to systems since the day Tony Blair took his first sixpence from a software consultant.

  2. bluthner says:

    I’ve seen doctors struggle to get the computer to work time and time again at the big hospital nearest to Squirrel and me. They must each one of them lose a couple of hours a day waiting on the computer. That’s a vast amount of wasted time in a place that is nearly always working at the very cliff edge of being overwhelmed.

  3. NatashaFatale says:

    Bluth,

    First question I’d ask would be, does anyone even know where the bottleneck is?

    If the bottleneck is known, then there’s one kind of problem: known bottlenecks have known fixes,and those fixes have known price tags – usually budget-breaking known price tags.

    But if no bottleneck has been identified, then things are much, much worse. Because you know people have looked for it, and if they haven’t found it, that usually means that a whole lot of different things are going wrong at the same time. Which usually translates to “too sick to ever get well again.”

  4. bluthner says:

    Nat,

    Do they have somebody who knows what’s what advising them? You’d think so. Their financial ‘turnover’ as they put it in their own info is about one billion pounds a year. So all I can guess is that whatever the trouble is with their IT they haven’t got the funds to do more than keep it juuusst about turning over.

    Or else I’ve only been there on bad computer days. Which is also possible.

  5. NatashaFatale says:

    Bluth,

    Oh no. Far more likely that they have the funds, but they’re being spent on the wet dream some very big consulting firm sold to Management – the unprecedented, innovative project that will establish Management as galaxy-class visionaries forever (c.f., for instance, Healthcare.gov and all its many state-level spinoffs). The thick, unimaginative drudges who have to make systems work are lucky if their budgets aren’t cut to help fund Wet Dream XIII.

  6. Squirrel says:

    Nat: “The thick, unimaginative drudges who have to make systems work are lucky if their budgets aren’t cut to help fund Wet Dream XIII.”

    I have a strong suspicion that’s exactly what’s happened.

    However, I also suspect the major bottleneck is the ‘human-machine interface’. Everything has to be entered somewhere as data, and many of the data entry forms won’t allow people to enter what they would like, or think they need to. (You know how they’re so often designed to collate certain results and inevitably steer the input that way.) They don’t like ambiguity or conflicting entries, and from what I’ve seen, it’s often tricky to hit any kind of ‘Oh, shit, forget that bit’ button and get out of it.

    I’ve filled in innumerable questionnaires over the last 18 months, and had to annotate each one. When I see my consultants again end of this month, I’ll have to point out that at least one of those has consequently ended up with a somewhat simplistic conclusion that’s actually wrong . . .or at best misleading, anyway.

Leave a Reply

Your email address will not be published. Required fields are marked *

Enter the answer in digits. If you are registered and logged in, this silliness will go away. Time limit is exhausted. Please reload the CAPTCHA.