We’ve been ranting about this on and off for a while now, so I thought we’d share (yesterday it occurred to me that Kevin should do a sponsored rant for charity, so we could see how long he could go, and how many different subjects he could link together without stopping…).
Firstly, how unlucky is our friend E? I’ve not spoken to her about it, but since she’s seventeen, in full-time education, and just taken her driving theory test, I’m guessing that her details were on both the missing Child Benefit CDs and the Learner Drivers database.
It would appear that the realisation is gradually filtering through – huge centralised databases are more trouble than they’re worth. Of course, the chap on the radio this morning tried to tell me that dispersed data is more secure than centralised data, which is nonsense: if the data can be accessed legitimately, then you can bet your bottom dollar that it can also be accessed illegitimately. The only way to avoid the latter is to avoid the former, and then, frankly, you might as well not bother collating the data at all. In fact, not gathering the data is probably the only guaranteed route to making it inaccessible, anyway.
The reason that the NHS has spent the last decade or so failing dismally to create their über-database, is that it simply isn’t possible. The guy who told them it was, ten years ago, was a lying charlatan with something to sell. The disparate data is in too many different forms, serving too many different purposes, and being used in too many different ways, and its unification is just too big a job. Most of industry has long since given up on such projects, as a political, technical, and therefore economic disaster area.
Kevin is insisting that the real solution is about data sharing, and is easy to write. It amounts to a stack of conversion files saying things like “‘first_name’ in this database means ‘forenames’ in this one”. It means that, instead of adding the data from all those systems into one system (which will, inevitably, either annoy everyone by not storing the data they were previously using, or have empty fields in 99% of records, because one GP was recording how many pets a patient had), the system goes and asks the original data source for the data that it needs, when it needs it – no more than it needs, not before it’s needed, and leaving control of the data in the hands of the people who control it now.? Of course, you still have wade through the political minefield of just which columns should be matched, and whether “known as” in one database even has an equivalent field in the others – no system is without its controversies.? But while you’re debating it for one system, the rest can carry on functioning.
It isn’t any more secure. Don’t let anyone tell you it is. It is, however, attainable, scalable, and requires no learning curve or downtime for the admin staff at my GP surgery.
The problem is that politicians don’t understand any of this, because, by and large, they don’t understand IT, and there is no such thing as an independent IT advisor. Not all of them are selling things, but all of them like playing with new toys, and have a burning desire for someone to buy them the Next Big Thing. Many, many years ago (eight or nine at least), a discussion was had at my place of work, concerning the possibility of transferring our website from a unix/Apache server, to a Microsoft Windows NT server. My then-boss was honest about it. He said, “Yes – I’d love to be able to add the line ‘NT experience’ to my CV.” I’m hoping that wasn’t the only reason, but we made the change.