NHS IT delays caused by lack of doctor consultation, Parliament told

The £12.4 billion has been delayed because of hasty decisions made early in the process, according to two experts before Parliament's Public Accounts Committee (PAC). The Committee heard that doctors were not properly consulted on the system, and that delays now have been caused by a rushed procurement process in the early days of the project.

Meanwhile, a survey by a medical journal and a mobile technology firm has found that almost two thirds of NHS portable devices have insufficient security or none at all, putting confidential data at risk.

Two former employees of the NHS have told MPs on the PAC that the main priority of the IT systems programme was speed. Dr Anthony Nowlan had worked on the project and described it as progressing at "breakneck speed". "It was not exactly the ideal process to commit this amount of resource," he said.

Professor Peter Hutton, who worked on the project at the NHS, said that in its early days he felt as though speed took priority over care. "It was like being in a juggernaut lorry going up the M1 and it didn't really matter where you went as long as you arrived somewhere on time," he told the PAC hearing. "When you had arrived somewhere you'd go out and buy a product but you weren't quite sure what you wanted to buy."

Richard Granger, director general of IT at the agency charged with delivering the project, Connecting for Health, said that it was difficult to attempt to catch up with the backlogs accumulated throughout the programme. "There's a shortage of capacity in the healthcare IT industry and we've had to bring in a lot of resources from abroad," he said. "Some things have unfortunately gone wrong as a consequence of that with some of those suppliers. We knew that was a risk when we started and it will continue."

Meanwhile a report has discovered that NHS IT system security is being compromised because of poor or non-existent mobile device security. Carried out by Pointsec Mobile Technologies and the British Journal of Healthcare Computing and Information Management, the survey has found that two thirds of mobile data storage devices have inadequate security.

"There is much documented evidence of patients who are worried about the safe-keeping of electronic medical records," said Martin Allen, managing director of Pointsec. "This survey shows that the medical sector themselves are worried about information being held on mobile devices which are not being secured by their NHS Trust. It will only be a matter of time before these weaknesses are exploited."

The most popular mobile data devices amongst the medical staff and IT managers surveyed were USB memory sticks. The survey found that half of those surveyed in the NHS use their own equipment to store data, against standard security practice.

Half of the medical staff interviewed held patient records on a mobile device. While most had only passwords as security, some had no security at all. A quarter of respondents had, at some point, lost a mobile data device.