Can cloud save the NHS?
Public sector looks for gentler cuts
As the scope of cuts to the UK public sector becomes clearer, the holy grail becomes finding places where money can be saved with no impact on frontline services.
No one wants fewer hospital beds, cuts to school meals or mothballed paramedic crews if we can make do with fewer email servers and fat terminals.
The Society of IT Managers (Socitm) earlier this year published a four-page report recommending that public-sector organisations look to the cloud to help them do just that.
Martin Ferguson, head of policy at Socitm, argues that widespread uptake of the technology will save money and reduce dependency on scarce technical resources, as well as encouraging interoperability and open standards from software providers.
The government already owns a lot of kit. According to the Socitm report, the inventory includes some 200,000 servers running at about 10 per cent of capacity.
So should we just link them all up into a giant data centre and run services from there?
“We do not believe this would be wise. Our experience is that 'pan-local' provisioning of IT services achieves a more competitive response from the market and one that addresses more closely the public service outcomes and business needs of public services,” Ferguson says.
He notes that the cloud market is still immature. “Greatest maturity exists for infrastructure and for office productivity tools such as email, collaboration and so on. So we would expect to see a shift towards shared infrastructure, data centres, and generic office systems,” he says.
Another concern, of course, is that a lot of government IT is already outsourced. Would it be possible for a department or a local authority to consumer cloud, even if it wanted to?
According to Ian Osborne, project director at the IT professional association Intellect, it is in everybody’s interest to move forward with cloud.
Loads of money
Osborne: Five-year problem
“This is a five-year problem. It won’t be solved fast – government just doesn’t move like that,” he says.
“But even with the cuts, the IT budget is in the region of £13bn annually. That is a lot of money to spend.”
The implication is that the government is such a big client that suppliers will want to accommodate procurement requests if at all possible. But the client has to understand the technology to know what to ask for.
In some cases, introducing cloud would have to wait until the right point in the upgrade or contractual lifecycle. In others, it could be brought in for new or standalone projects.
“The shift towards cloud can begin within these contracts by shifting priorities. Examples might include introducing new services using cloud-based methodologies, or consolidating infrastructures to provide a cloud-based service within departments or across government to exploit surplus capacity,” Osborne says.
Adrian Steel, head of infrastructure management at Royal Mail, says that investing in cloud technologies has saved the organisation money and made it possible to upgrade kit despite vast uncertainty about the future.
“We knew our user base was likely to change. There was talk of a partial sell-off of the post office. To upgrade on the traditional licensing model, for 30,000 PCs, would be hard. So we took a leap of faith and decided to go with a pay-as-you-go model in the cloud,” he says.
The benefits have included much simpler desktop upgrades. “If you are trying to move 30,000 PCs to a new system, you’re looking at maybe 400,000 documents. Five to 10 per cent of those won’t be compatible with the new software,” Steel says.
“With virtual PCs you don’t have to roll out a new PC to 2,800 offices for testing. You test apps and documents in minutes and any flaws can be fixed overnight.”
In Lewisham, Nigel Tyrell, the local council’s head of environment, has developed a cloud-based tool for reporting graffiti and other environmental issues.
The system runs on Microsoft’s Azure cloud platform. The idea is that when people see graffiti or anything else they want to report, they take a picture of it on their smart phone and submit the picture to the LoveCleanStreets website.
“It is easier and cheaper to scale up than it would be if we tried to do it internally,” Tyrell says.
The scheme has been so successful that it is being extended across London, in exactly the kind of "pan-local" project Ferguson backs.
The project has also highlighted another benefit of cloud-based projects. “We were moving the servers to a new site and the LoveCleanStreets project was the only council service available online for four days,” Tyrell says.
Amid the optimism, Socitm also sounds a note of caution: the public sector must be especially careful about data regulations.
“IT professionals need to press for information governance and assurance to be managed strategically,” Ferguson says.
IT managers will need to take data management very seriously
The government must also be pressured to maintain data protection law and guidance in line with emerging trends.
“For example, if the public become custodians of their own data, consent for its re-use by public and other authorities radically changes the roles and responsibilities for data protection,” he says.
Tyrell says data regulations have been discussed. “When we set this up, the IT guys were worried about the data being submitted to the system on devices that were not CoCo compliant. In this case, the data isn’t being processed internally so it doesn’t apply,” he explains.
While Lewisham’s concerns have been resolved, IT managers will need to take data management very seriously, particularly the issue of where data is likely to be held, according to the Socitm report.
Although a safe harbour agreement is supposed to harmonise EU and US data protections laws, it has never been tested in court, and the USA PATRIOT Act gives the government access to all data held on US soil.
Until a test case has come to court, whenever that might be, keeping data in the EU might be the safest option.
Ferguson concludes: “The issues are not black and white, as in 'cloud is insecure', 'people can’t use their own devices', 'data offshore is inherently risky'. It is important to strike a balance between cost, flexibility and security of information, and IT.” ®
Sponsored: Network DDoS protection