Feeds

How gov scapegoats systems for man-made errors

Dead pupil letter shows it is human to err

Securing Web Applications Made Simple and Scalable

If you want to understand what is wrong with public policy when it comes to IT in the UK, look no further than the recent tragic case of the letter sent by a school to the parents of dead schoolgirl Megan Gillan, demanding that she improve her attendance.

It was one of those bleak and bitter accidents that inevitably occur from time to time, leaving sysadmins everywhere breathing a sigh of relief that on this occasion it was nothing to do with them.

Total error-free operation is not a realistic goal. Bugs do get built into systems, and no matter how perfect the system, they still need people to operate them - fallible people.

What could be avoided is the misleading aftermath: the spokespeople for official bodies running round and blaming the system, the reinforcement of the public myth that computers are somehow alien, given to working in mysterious ways quite beyond the ken of the average punter.

When we first read this story – a single paragraph in one of the broadsheets – the event was described as a "system error". Our instant reaction was that this was unlikely; most system errors usually turn out to have a very human origin.

However, the same story was elaborated upon in the BBC report of the event. Cheshire County Council confirmed that Megan’s school had been using Capita’s School Information Management Systems software (SIMS) to maintain her details. A spokeswoman for the Council was reported as saying: "Megan's name had been taken off the school roll when she died, and removed from the main school database.

"However, unknown to the school, her details had remained in a different part of the computer system and were called up when the school did a mail merge letter to the parents of all Year 11 students about their prom.

"The letter called up details of each student's attendance for the whole year to date and because Megan had been on roll in September, she was included."

So the system, for some peculiar reason, holds multiple representations of the same data? If true, that would be an accident waiting to happen.

Except, according to Capita, that is not so. After wading through their initial slightly woolly response, which committed them to a software change that would make it impossible to send attendance letters out to pupils who have left a particular school, we put it to them that the systems architecture implied by the above statement would make their system unfit for purpose.

They took the bait and politely, but firmly, explained that our conjecture was wrong. The system only contains a single data table for pupils' names and addresses. The issue was pretty much as outlined above.

We are still not totally convinced of the need for a software fix. We have since spoken to the Head of ICT in a school that runs SIMS, who was equally scathing of the idea that this was a "system error", pointing out that the software allows schools to set a deceased flag, after which, as far as he is aware, all communications in respect of a given pupil are automatically blocked.

If true, the danger of putting in a "fix" of the kind that Capita have proposed is that it adds to the complexity of the system, and increases ever so slightly the possibility of a real bug being introduced. It is cosmetic rather than necessary.

Application security programs and practises

More from The Register

next story
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.