Programme presents more problems than solutions

It is rare that an IT problem touches everyone, but now we've got one with all the elements of a best seller: massive and questionable spending of taxes, undeclared intentions, plenty of spin, and a healthy dose of civil service management. The surprise is that it's in the NHS, it begins next month, and it's virtually unknown.

So because the Department of Health hasn't told you, here it is. A contract is to be let for phased transfer of your clinical and demographic data out of your local GP or hospital system, across NHSnet into a functionally single database. From here, client systems will access the raw data wherever you present as a patient, and the database will update appropriately. You can even access and edit your own records. It's called the Integrated Care Record Service.

In IT terms, it's brilliant. In implementation terms, you couldn't write a finer recipe for disaster.

Unauthenticated entries, mis-attributed data with a potential base of 55 million plus, no repudiation rights and no integrity guarantees are the tip of the iceberg. And when they say confidentiality is assured by ISO standard 17799 and the Data Protection Act and that suppliers will accept all these risks, then any computer-literate person gets a sinking feeling. Better still, no plans are in place for the workforce to transfer from paper to electronics, and with a largely IT-illiterate workforce of 1.2 million, that's a record-breaking risk space.

And the public or the health profession's views? If they knew, they'd worry, but there's been minimal public consultation and no real public debate or announcements. And where the professions are consulted, they are gagged by a confidentiality agreement worthy of Lord Hutton's interest. Add to the mix that government has guaranteed access to your clinical data without your permission, and you begin to realise we have a serious outbreak of unethical data-mining, all funded by taxpayers.

So is this how to run a 55 million person public procurement costing £2.3bn? Well the National Audit Office, with previous NHS IT disasters in mind, has announced the unusual step of a proactive look at it. What should have happened and hasn't, is that the Secretary of State's Patient Information Advisory Group and the Select Committee on Health should have studied this project closely and reported to Parliament. Neither have made obvious comments, but they can't surely be unaware of it?

What's in it for patients or doctors? Well, for clinicians, not much. As specified, it will bring us doubt and uncertainty about the records we can presently trust, albeit on paper. And being entirely network-dependent (and my surgery's connection has just been down for 10 days), it demands a criticality of networking skills that just doesn't exist. How do you seriously let such a dependent contract?

Our other problem is that we don't know who wants ICRS, or who is its customer. This is a centrally-driven, centrally-written procurement exercise, and like so many before it - London Ambulance, West Midlands RHA, Wessex RHA and so on - the clinicians who have to use it have not written the requirements, so specifications won't match needs and neither will contracting. As we know (but the Department doesn't), what works is not 'tough' contracts, but rather a well thought-out implementation plan producing a contract as the project end-stage. Implementation is where the skill lies, not in contracting and procurement, so perhaps the NHS needs some management consultancy here.

The saddest thing is that we have been here before, and if the NHS looked after its staff, there might have been corporate memory around previous failures. And it's odd that the evidence-based approach the Department insists on clinicians using doesn't apply to the civil service. Instead, alternative suggestions by middle management are not entertained so no long-term learning occurs, and the mandarins just ignore the uncomfortable evidence base.

In the end, if ICRS works, fine, we'll use it. Otherwise, we won't. But as a taxpayer I hope that this time, when £2.3bn goes down the chute, some very public heads go with it.

Grant Kelly is a GP and former chairman of the British Medical Association IT committee