Government IT infrastructure

[TiG]

I've been thinking through how poor I view the governments use of IT infrastructure, having done two projects for local councils and being shown round how unconnected and totally backward their systems are I wonder how the governments IT systems really get to being this poor.

The recent situations with EDS providing the new child benefit systems and the system being a complete nightmare for months, i'm wondering if the whole process of outsourcing all IT work is a good idea?.

We are literally talking millions upon millions of pounds of wasted money for systems that will do a single job.

Yet when you think about it at least 50% of our information is pretty much common throught the systems, whether we are talking Taxes, Cars, Health, Schooling or Criminal records.

Name, AGE, DOB, Address and details like this are common. Is it that unfeasible that a major investment in putting together a good (read Very large) IT team to work on government projects.

I'm sure it could be busy working on projects for years and years, getting the central Database structure right would be key, a huge set of clustered databases replicating the data, with agency specific databases linked off one of the main cluster to gleam extra information they need.

Integrated security, you know who has accessed which records with the minimum of fuss.

All it would need is someone with a bit of vision at the top to lead by example and i'd say that the cost savings you could make in simply removing the external overrun projects would be huge.

Add to that the benefits in automation of many of the task and being able to remove additional personal from the civil service to make the government more efficent and streamlined.

I mean it would even be feasible to make it web site accessible, here you go go to www.mydetails.gov.uk and change your address, query taxes etc etc, as an integrated site as the data would be there, rather than having to find the right government department and wait while they give you, "i'm sorry the system is being slow today"

This exists outside of which government is in power, has the ability to have the "business" rules changed to allow for changes in policy.

Has all sorts of reporting benefits, helps track people much better than any sort of ID cards?.

Will it ever happen?, No of course not, quick fixes are the only way i've ever seen in Government departments.

There is no long term thinking in respect to anything like this, and it pees me off...

TiG

[Rythmic]

I do agree that a central database would certainly help matters, especially if you put a system on it that checks for anomalies (theres seem to be 38 people claiming benefits from this address - sort of thing)

Talking to a friend who used to work on sales to the public sector, there were three major problems with the current system the goverment uses:

A department can only use their current years budget, and cannot "save" that budget for the next year. This means that if they need to buy a system that can only just do the task, then replace it the year after, and again, and again to cope with the increased load - instead of just buying a system that will do the job for years...

Any request larger than a certain amount (I forget the figure) has to be split up into smaller pieces - and all companies get to put in a quote for each piece. This means you often end up with a system from many different companies - which then costs a heck of a lot more to get working.

One of the ways departments used to get around this is to set their requirements so that only one firm can supply it But the goverment put in measures this year to prevent that because it's "anti competitive"

Lastly - if he had a sales meeting with a private sector client - there would be 2 or 3 people to meet - public sector will send 16 - one guy in charge of storage, one for networks, etc.

[Stoo]

That would have been EDS doing the CSA stuff (Along with Jobcentre Plus (aka the employment service & the benefits agency)), and to be honest it's no surprise it's a complete mess. There was so much in-fighting in EDS, when combined with civil servents constantly changing the specifications with little to no notice it's no wonder things never worked..

Don't even get me started on how much money they would waste either..

[Rythmic]

Think it was the NHS.net actually - apparently took them 2 years to get the spec - compared to the military, which is usually 2 weeks...

[TiG]

To be honest if anything the more useless a place is at confirming its a requirements, the less useful EDS are. I've had experience of them first hand, and also my first boss worked at EDS for some length of time.

EDS procedures and quality is superb if you know what you want. However with most things Managers etc have NO idea what is needed and the company supplying the solution should look around and listen to the actual users and build the system around whatever is required...

I know thats what i do with my work and hence when i'm up in Lancashire tomorrow for 10am, hello 5am wake up time

2 Days doing the actual proper specification with the people that KNOW what is needed.

TiG

[nichomach]

I know thats what i do with my work and hence when i'm up in Lancashire tomorrow for 10am, hello 5am wake up time

Whereabouts in Lancashire are you going to be?

Oh, BTW, my Mum actually works for the CSA and it's not just the end users who are hacked off; their tech support people have been climbing walls as well. Part of the problem is that despite all the assurances about quality and so forth, the contract still goes to the lowest bidder. Consequently, specs get pared to the bone, as do timescales, and any change at all becomes a chargeable variation.

[TiG]

Nichomach, clear your PM's and i'll let you know..
TiG

[nichomach]

...and as if by magic, all nichomach's PMs disappeared

Should have cleared them anyway by now...

[Kumagoro]

I dont think a central database is a good idea with regard to privacy.
If all depts can get info that easily it could be abused. If they are
seperate then there is a bigger paper trail so to speak and questions
will be asked as to why and what its needed for.

[nichomach]

Kumagoro's got a point; we know that the government's (any government's) attitude to this sort of thing encourages "mission creep" - consider RIPA. Initially the data was supposed to be available to intelligence services, HMC&E, the police and so forth (I have a problem with warrant-less access to that data anyway, but that's by-the-bye). Then the following year the government attempts to broaden access by statutory instrument to more than 20 other classes of government body, including local councils FFS, again, without any judicial oversight. Even if you have notionally separate databases, if there is information exchange between them you can guarantee that the bodies who hold them will gradually accrue more data which notionally is supposed to only reside on one or more of the databases which they do not have automatic authority to view. I'm not imputing malicious intent (at least in most cases), but the various departments will want their databases to "do more", and will be less than conscious of any privacy implications of their actions. After all, they'll be being more "efficient".

[TiG]

Kumagoro's got a point; we know that the government's (any government's) attitude to this sort of thing encourages "mission creep" - consider RIPA. Initially the data was supposed to be available to intelligence services, HMC&E, the police and so forth (I have a problem with warrant-less access to that data anyway, but that's by-the-bye). Then the following year the government attempts to broaden access by statutory instrument to more than 20 other classes of government body, including local councils FFS, again, without any judicial oversight. Even if you have notionally separate databases, if there is information exchange between them you can guarantee that the bodies who hold them will gradually accrue more data which notionally is supposed to only reside on one or more of the databases which they do not have automatic authority to view. I'm not imputing malicious intent (at least in most cases), but the various departments will want their databases to "do more", and will be less than conscious of any privacy implications of their actions. After all, they'll be being more "efficient".

Please NOTE in my original message, Only the "common" data is in the core databases. Data that is required by all and certainly not confidential. The fact that the data is common however is an important point. With the system as it is, there are hundreds of ways that your confidential data is available to many more eyes.

Plus the whole point is the database is just the back end to the data. Access to data on this level would be done by stored procedures locked down on two levels.

Level of access of the user (read application process) and the location of the request.

So if the DVLA process was trying to change say your Date of Birth. The system would reject that request. Its certainly MUCH easier to control access and you can monitor things like this happen.

If anything this system could provide greater visibility of misuse of data than anything can at present. I mean if you changed address at the moment you need to inform pretty much the entire government and all its departments, WHY should you have to do this?.

TiG

[G4Z]

Well, I must say I worked for a while in the NHS and at a council, the council's systems were rubbish, the whole thing was a static IP network, I mean wtf?????

Installing a simple network printer was a bloody nightmare sometimes, its no wonder costs are through the roof the infrastructure was crap and even the simplest jobs could take an age.

The NHS though was entirely the opposite, I worked for a large hospitals trust and I have to say thier network was fabulous, by the time I left we had replaced every single PC and migrated to AD. obviously would have required a lot of money but imho you have to look at the long term as what they have there should do them for years to come.

Its interesting to me really as I now work for a large blue chip IT vendor, our network is good, possibly one of the best out there but I still think that the Hospial was an exceptional setup, they didnt even have that many staff considering it was 3000 host network across large sites. Still I did see waste there, but I think that was simply down to the amount of cash splashing about, I would love to work on the NHS account .

To get a bit back on topic I would imagine it would be impossible to wire up all these agencies now, too many chiefs and not enough indians and too much polotics, for example when I did one NHS contract the CEO's ASSISTANT semed to be in charge and every1 feared her, she even stored all her data on floppy disks because she didnt want the IT dept to have access to it (this was last year by the way.... not like 1987). I just couldnt imagine these entities getting thier acts together for somthing like this there are just too many barriers, and im glad too I shudder to think of the privacy implications of a Dbase like that.