Welsh Clinical Communications Gateway – WCCG

WCGG is a bit of a mouthfulI but essentially its a secure postal service that carries electronic messages – referrals, discharges, letters etc. between care services. in addition It allows any type of common file type in to be attached to a message so it is very flexible.

We have now rolled it out to 94% of Welsh practices and all LHBs. To date it has carried over 400.000 referrals. It has proved very popular with GPs and Consultants as it uses the GP system to automatically load most of the relevant information into the referral message leaving the referrer to focus on adding the precise reason for referral. Pilots are underway to use it to send discharge communications from hospital back to primary care. it has also been integrated into the patient administration system at one hospital . There are 750,000 new referrals , about the same number of inpatient discharges and 3,000,000 out patient letters produced per year in Wales that could be carried by the WCCG.

The system is currently being used for communication between hospital and GPs. It should not be thought of in these restrictive terms as this is just the tip oft the iceberg of its potential use.

It is very flexible and provides guaranteed delivery of a communication, between any organisational or statutory body, that is secure, encrypted audit-able and trackable in real time. These features make it superior to email for statutory transfer of responsibility. This mean that it can be used for any to any referral , tertiary referrals supporting clinical networks, any transfer of care, request for service etc. This includes the referrals between health and social care, cross border, and primary care contractor services.

The design of the care IT systems requires this function at its core, We chose this solution because of its simplicity, security and its successful track record in Scotland. The Scots provided us with a enterprise wide licence so we can use it in as many different ways and across as many different care organisation in Wales as we want. We, our colleagues in Northern Ireland and the Scottish services are now all successfully collaborating on its further development and use. Our Scottish colleagues are very interested in how we have adapted the technology in Wales to enable us to put the electronic pathology and radiology ordering services initially deployed in the hospitals onto our GPs desks.

This importance and central position this system occupies in the care service is described in the new Welsh Information System Strategy WISS published this week at http://www.wales.nhs.uk/nwis/news/24272WISS<

1 Comment

Filed under general

New Welsh Information Systems Strategy 2012 Published

The new WISS 2012 strategy was published last friday at
This is a description of the application level information services and system and how they fit together .This is a revised strategy reviewing progress on the development and deployment of the products in the original IHC Applications strategy and describing the way forward.

The WISS describes
The Welsh Care Records Service WCRS
a modern approach to document management and content level interation
Integration of Health care
using the common Welsh Platform and stapling approach we have created to suport clinical networks , reconfiguration, and innovation in workflow and pathways.
Integration of Health and Social care
using a number of approaches particularly in the community to support better communications and sharing of information across sectors and transformation of care services
Supporting Self Care
by harnessing the technology the citizen now has available to them.
Business Intelligence
making use of our existing services, SAIL and the transparency agenda to drive change in services

We are requesting that any comments be made before the end of October. The strategy is in draft and is the product of our current thinking and a number of discussions with NHS and NWIS boards and groups.
We are very interested in what you think and any comments or suggestions. It would be helpful if you could make these on the site above . You are also welcome to discuss these here.

Leave a comment

Filed under general

The IHR – a pragmatic solution to privacy and security

Making the information available from an individuals GP record makes you confront just about all the medical ethics, law and personal views you can think of. There is general support for the concept and the idea of sharing this information to provide better care for the individual is certainly moral high ground. We decided to start in emergency care. However, these records do contain for some people, very sensitive information that they wish to keep private. In addition the custodian of the record is subject to severe penalties for breaking confidentiality a fact that has created a very risk adverse mind set.

We had watched others attempts to do this notably in the home countries and none had addressed all the issues we had uncovered and had got into difficulties over a number of privacy and security issues. Notably there was a lack of understanding of the legal framework in which they were operating.

Our overall approach was guided by the principles outlined in the last blog. The idea was to go further than the law required to adopt in addition ethical standards which would engender trust. We therefore introduced the principle of consent to enable individuals to control the record. We also used privacy and security design principles alongside each other to secure the record.

We communicated what we were doing through CHCs, NHS organisations, practices, adverts, mail drops and council news letters. We offered the opportunity to opt out of the process and provided a professional friendly approach to this. We used implied consent for gathering the information.

The record extracted from the proactive was limited in several ways. Firstly we only required the coded information. no free text or letters were extracted as this was where the most sensitive information is often found. We did not extract “legally sensitive” information that cannot be moved from one system to another without the patients explicit consent e.g gender reassignment. however We went further to define a set of codes with GPs and patients that could be considered sensitive to many people such as contrception etc. We therefore defined a restricted record that contained all the important information but left out the sensitive information.

The next issue had led to conversations elsewhere along the lines of the number of angels on the head of a pin. How do you assert that a health progressional has a legitimate reason to access a specific IHR. One approach would be to allow a professional to go fishing in the entire database of 3 million records accessing whichever record they wished. This had been proved to be an unacceptable risk elsewhere , encouraging browsing of records and was therefore rejected. This problem was solved by allowing the machines to establish the relationship. So when you booked into out of hours as a patient you were registered on the system by the call taker ,and that system contacted the IHR database to obtain the IHR record. When the clinical professional saw you they were only provided with your record and no facilities to search for other records.

In addition when you were seen the clinician had to ask you consent before they could open the IHR. This put another control in the patients hands , the requirement for explicit consent before the record was viewed. A break glass function was also included to deal with extreme cases where an individual was incapacitated and unable to consent.

We were also concerned to keep the security framework simple and deliverable. We found that we only needed 4 roles to manage the entire system. However we used security design principles that build in detection and reaction as well as defence in depth. We therefore introduced proactive audit of all accesses to the IHRs to check for suspicious activity. We also reminded users that if they detected access by colleagues that was suspicious they had to report this or they too would be held accountable.

Using the above controls has satisfied most of the very real patient and professional concerns that we encountered. This is proving a pragmatic workable solution to these issues in Wales and I am glad to say has been copied successfully in the home countries.

As a result of our work an interesting standard has been established to clear the fog on excluded sensitive codes in summary records in the UK. We are so delighted that this list compiled without our involvement contains our original spelling mistakes ;-).


Filed under general

The IHR – Individual Health Record

For most people the most important information on their health is in their GP record. This forms their lifelong care record , bringing together information from different sources into one place where it is available to their GP. Out of hours and at weekends this information was effectively trapped in the practice and not available when the patient was seen for urgent care.

After discussion with the patients CHCs and professions we sought to find a secure way that we could enable the important information in the record to be made available during an emergency. We worked through the issues that needed to be addressed with the BMA, CHCs colleagues in ABHB. we formed the Welsh Information Governance Group (WIGG) to oversee the work and developed a solution that satisfied both the patients and the professionals .

In essence the solution was to focus on a set of principles that could be used to protect the record.
1. inform the patients what we were planning to do and provide the option to opt out of they wished
2.extract the important information from the GP record ( coded information, no free text, no legally sensitive codes, or codes deemed sensitive by the WIGG)
3. require that explicit consent from the patient before a record was viewed on each occasion
4. identify the clinical user uniquely on line
5. audit the access to the IHR
6. use existing employment , legal and professional sanctions in the case of inappropriate use

A design was delivered that ensured these principles were translated into a software solution that was safe secure and worked. The solution was piloted in ABHB and assured by the WIGG. The solution differs from England and Scotland in that the IHR is a “thicker ” record that contain all the coded information within the GP systems( excepting the data described above). the records are updated daily.

We have since been rolling the solution out across Wales and currently have over 2,000,000 records that are available for use today.

More technical information about the IHR is given in the next blogs.

Leave a comment

Filed under general

Services not systems – to deliver efficiency and safety

In the past systems were bought for running different part of the service. Such systems were expected to manage the patient ID, logon, note taking, booking , and interface to the large sump systems such as pathology.  This functionality had to be replicated in every system so a cardiology system or a community system would have to be provided with each of these functions separately. This is wasteful and unsafe as the information e.g. medicines will be presented differently in each system

The alternative approach is to identify the common functionality that we all need and supply them as a set of common services wherever they are needed. This is a service orientated approach  is more efficient and also safer as the presentation of information is standardised .

The Modular architectures underlying the service approach have been around for decades. They are the means by which we can deal with the complexity of real world solutions, breaking the problem down into workable but interoperable components. Systems on the other hand come at the solution differently, seeking to add elements that are tightly coupled to the original core, compounding the lock in problem.

The service approach provides a set of modular services that can be reused and recombined to provide the solutions you need. These service orientated architectures enable a “lego” approach , where you can substitute one of the services without having to change all the other services at the same time. So we have separate services for ordering test, reporting results, creating a medicines list, creating a discharge summary , identifying a patients, sending a referral   etc. this approach enabled us to use modern web services and tooling so the solutions would be delivered in a web browser.

This prescient choice means we are in a good position to deliver the services we have on  modern devices.

The architecture we developed has the advantage of being modular in both the technical design and in the functional clinical design. It allows a mix and match approach in that we can use commercial offerings alongside in house developments and open source collaborations.

In short it provides a flexible industry standard solution to meeting the current problems with plenty of room to evolve as new requirements emerge.

Interestingly it is now the approach being taken by all large health enterprises globally in the wake of the limitations experienced with the system type solutions.

Leave a comment

Filed under Uncategorized

Technical Lock In in NHS Wales and the difference between real and ideal computers

Ideal computer systems are great. Any programmer can knock one up in a few hours to do exactly what you want. You are delighted with result. Think App think MS word etc. And then you want to do something big in the real world and you have to connect that application to something else to do something useful. So you make them work together and you are happy .But each time you want something new you add another element to the system  and that affects all the other things you have already done, so you have rewrite it. Now you have a complicated real world computer system that does some useful things but boy is this becoming hard work. Before you know where you are you have become dependent on this behemoth to run your business. Congratulations you are now locked in. Welcome to historic NHS Wales  and the rest of the NHS in the UK.

Lock in bedevils  real computer systems. We are still using software that was installed 20 years ago. So was Nat West. We build computer systems on top of what we already have, and systems on top of this and eventually the merovingian old system creaks or falls over. We add layer upon layer of software to cover the cracks sometime euphemistically referred to putting lipstick on a pig until the poor dear is moribund. Why ? Because the cost, pain and complexity of changing the systems, uncovering all the often  undocumented interfaces and dependencies, is too large to face up to.  As we did this in the NHS in the UK each hospital made its own lock in worse. The cost of switching has been too high. So each unit developed its own solutions, with its own fixes and standards. Although some standards were used, even then the configuration of the systems was done in such a way that interoperability was sacrificed.

This situation was no different in Wales with 15 hospital systems each with its own unique solutions to the common problems we all faced. Even when we had deliberately bought the same systems as in the case of the Telepath laboratory systems we had configured them differently and interoperability stymied.

Dig yourself out of that hole Wales  ! We are doing. We have found a way out of the technical lock in whilst keeping the good stuff people have done going. Enabling a migration from the position we were stuck in,  to a modern web based platform across the whole of Wales.  We have a modern SOA modular architecture and have created a standard platform of services for use across the country.( more on standards in a later blog)

This job is hard and takes a long time  particularly as the systems being replaced are mission and safety critical . This is  usually not appreciated  by users or decision makers because we have to replace the systems that are invisible to them  to begin.  A good analogy is building a house . You have to put the foundations and the walls before the roof.

The new Welsh services now being implemented are providing a sound modern platform for NHS Wales to communicate over  and innovate  on. We are overcoming our lock in problem.



Filed under Background

Health Informatics own strategic wrong turn – learning from history

Health informatics is a relatively new discipline.  When new movements seek to establish themselves they need to develop- group norms so that they can collaborate on the work they are engaged in. The root of health informatics is in the 1960s , certainly electronic health informatics. There are two roots from which the discipline emerged.  These were the pathology department and medical research. The important issue is that these activities of necessity focus on classification and counting. They are by their nature reductionist for very good reasons. Fields , classifications, data models etc spring from this stable. They have spawned HL7 snomed DM&D etc . The advent of the relational database supported this approach to health informatics. The focus since that time has been on the record as conceived as a collection of well defined data fields derived from this approach to the world. The fields are to defined filled in by clinical staff and analysed.  This approach present from the beginning has silently underpinned the development of the discipline.

Are you still a believer ? I think most health informaticians are because of our  training and the hard graft we have had to put in to make the systems we work on in pathology , demographics,  bookings pharmacy etc   just work properly in the first place. Add the requirement to  prioritise performance data  and overcome technical lock in on a cyclical basis, and almost all our energy has been directed at structured data.  Classification and counting.

This in retrospect was a strategic wrong turn. The problem we have, is that we have now built  an edifice to this approach. The one true path.

Take a step back . Firstly look at clinical conversations and communications.  They carry context and communicate meaning  in a social environment. This is well documented in the health informatics literature but we do not seem to have understood this message. Next look at the current sets of case notes when taken as a whole. Structured data is less that 10% of the record. The important stuff we all read is  in the letters and documents at the back. Lastly free text and documents have been around for thousands of years for communicating meaning between humans and across time and space.

So why do we elevate the structured data to the status it seems to have in our endeavors.

In retrospect is wasn’t a strategic wrong turn as I have thought for the past 10 years. It is the natural  consequence of the evolution of several trends . Firstly the scientific tradition that values  classification and measurement. Secondly the misunderstanding that the provision of care was about treating disease not people , so the socio cultural aspects of meaning and communication were downplayed. Thirdly relational databases dealt with data efficiently at a time when storage was expensive.  Lastly the lack of the technical  tools prior to the development of the internet and the web to deal with asynchronous human communications effectively.

This also led to the  conception of a one to one relationship between the provision of health care and  a single computer system. And that led to NPfIT and a spine architecture that could never have worked. There are hard limits to this approach and we hit it constantly when we have to organise the metadata and messaging to transmit discrete items of data and provide the context for their safe use. When the metadata dwarfs the payload you usually have the wrong design and it wont work.

This approach however has provided significant advances . It is  absolutely necessary but insufficient.  The provision of care is about people and how they interact.  It is about the transmission of meaning  in a socio cultural context. We communicate meaning in dialog, stories and write it down as an understandable narrative in documents

Our primary tool for asynchronous communication is the creation and transmission of documents.

So the lesson from history when setting up the Welsh program is have equal  or even more respect for documents than data. They are both essential to support the provision of care.

Documents are social.

A conservative estimate is that we create in Wales within the health service 100 million documents per year !


Filed under Uncategorized