Sunday, January 20, 2019

Case Study 1: The £10 Billion IT Disaster at the NHS

Case Study: A £10 billion IT disaster
The National Program for IT (NPfIT) in the National Health Service (NHS) was the largest public-sector IT program ever attempted in the UK, originally budgeted to cost approximately £6 billion over the lifetime of the major contracts.

These contracts were awarded to some of the biggest players in the IT industry, including Accenture, CSC, Atos Origin, Fujitsu and BT.

After a history marked by delays, stakeholder opposition and implementation issues, the program was dismantled by the Conservative-Liberal Democrat government in 2011, almost 10 years after Prime Minister Tony Blair initiated it at a seminar in Downing Street in 2002.

The core aim of the NPfIT was to bring the NHS’ use of information technology into the 21st century, through the introduction of integrated electronic patient records systems, online ‘choose and book’ services, computerized referral and prescription systems and underpinning network infrastructure.

Despite the failure of many of these services to be delivered, the government, and ultimately taxpayers, incurred significant costs for the program, including contract transition and exit costs which continued to accrue to a total amount of more than £10 billion.

Since NPfIT was a public-sector program, there is a large amount of documentation and press about the case available. If you are interested in reading more about it, I have collected many of these documents here.

If you want to make sure your business critical project is off to a great start instead of on its way on my list with project failures? Then a New Project Audit is what you are looking for.

If you want to know where you are standing with that large, multi-year, strategic project? Or you think one of your key projects is in trouble? Then a Project Review is what you are looking for.

If you just want to read more project failure case studies? Then have a look at the overview of all case studies I have written here.

Timeline of Events


> NPfIT starts with Richard Granger being the appointed NHS IT director.


> BT awarded contract for the national data spine
> Local service provider 10 year contracts awarded (CSC for North West and West Midland cluster; BT Capital Care Alliance for London cluster; Fujitsu for Southern cluster; Accenture for North East and Eastern England clusters.


> BT awarded N* (NHS broadband network) contract


> NHS Connecting for Health (NHS CFH) set up to deliver NPfIT
> Contract reset 1 (BT) for “interim solutions” in London


> Accenture withdraws as local service provider
> CSC awarded 9 year contract for Accenture’s former clusters


> NPfIT Local Ownership Programme (devolves responsibility for local delivery of the program from NHS CFH to groupings of strategic health authorities
> Replaces original five clusters with three program areas: Southern (local service provider Fujitsu), London (local service provider BT), and North, Midlands and East (local service provider CSC).
> Contract reset 2 (BT) for “best of breed” London solutions


> Fujitsu contract for local service provider in Southern area terminated; legal dispute continues
> Contract reset negotiations 3 (BT) for new delivery model in London
> Richard Granger, head of NHS CFH, leaves in January
> Gordon Hextall, acting head, leaves in April
> Christine Connelly and Martin Bellamy appointed to jointly lead NHS CFH in September


> BT awarded additional contract to take over eight trusts formerly with Fujitsu, plus 25 trusts for RiO and four additional acute trusts in Southern area.
> Other Southern trusts given choice of local service provider solution from BT or CSC or from various suppliers in Additional Supply Capability and Capacity List (ASCC)
> Martin Bellamy, director of programmes and systems delivery, NHS CFH, resigns
> NHS CFH, headed by Christine Connelly, is integrated with Department of Health Informatics Directorate
> Parliamentary announcement of contract negotiations with BT and CSC - seeking NPfIT costs savings


> New memorandum of agreement signed between BT and NHS CFH, including reduced number of deployments in acute trusts in London
> Contract discussions with CSC continuing
> UK general election in May - new coalition government


> The National Programme for IT has finally come to an end, although the bill for the enormously expensive and controversial project will continue to be paid for years to come.
> The deadline to exit NPfIT national contracts in the North, Midlands and East passed on 7 July, marking the end of the final chapter of the £12.7 billion attempt to bring the NHS into the digital age.
> Around £2.6 billion of actual benefits had been identified as of March 2011

What Went Wrong

In order to bring some light on all the things that went wrong I follow the structure of Oliver Campion-Awwad, Alexander Hayton, Leila Smith and Mark Vuaran. You will find their case history document in the directory mentioned above. It identifies three main themes: rush, design, and culture/skills.


In their rush to reap the rewards of the program, politicians and program managers raced headlong into policy-making, procurement and implementation processes that allowed little time for consultation with key stakeholders and failed to deal with confidentiality concerns. This resulted in:

> An unrealistic timetable

> No time to engage with users and privacy campaigners

> Inadequate preliminary work

> Failure to check progress against expectations

> Failure to test systems


In an effort to reduce costs and ensure swift uptake at the local levels, the government pursued an overambitious and unwieldy centralized model, without giving consideration to how this would impact user satisfaction and confidentiality issues. This resulted in:

> Failure to recognize the risks or limitations of big IT projects

> Failure to recognize that the longer the project takes, the more likely it is to be overtaken by new technology

> Sheer ambition

> The project being too large for the leadership to manage competently

> Confidentiality issues

Culture and skills

The NPfIT lacked clear direction, project management and an exit strategy, meaning that the inevitable setbacks of pursuing such an ambitious program quickly turned into system-wide failures. Furthermore, the culture within the Department of Health and government in general was not conducive to swift identification and rectification of strategic or technical errors. This resulted in:

> A lack of clear leadership

> Not knowing, or continually changing, the aim of the project

> Not committing the necessary budget from the outset

> Not providing training

> A lack of concern for privacy issues

> No exit plans and no alternatives

> A lack of project management skills

> Treasury emphasis on price over quality

> IT suppliers that depend on lowballing for contracts and charge heavily for variations to poorly written specifications

How NHS Could Have Done Things Differently

This case study contains several lessons useful for project managers, IT professionals, and business leaders. 

Understanding the problem

"Top-down" projects are much more likely to fail than "bottom-up" projects, and NPfIT was top-down project par excellence. I identify a top-down project as one done for political reasons: and this can be both genuinely Political with a capital P in the public sector or a "vanity" or CEO-inspired project in the private sector. The history of public sector ICT and outsourcing is littered with politically-inspired projects that failed.

The motivation to commence NPfIT came from Cabinet level and it's hard to argue against the fact that many of its aims were entirely laudable. But there is a big gap between laudability and deliverability. The decision to commence any project - let alone one which will transform a fundamental building block of a nation's healthcare system - must be made by the right people who really know about the issues involved. It's unfortunate for civil servants and the departments they run that they have to carry the can for projects devised by ministers that often only make sense on the political drawing board and are almost impossible to translate into reality.

See "Understanding Your Problem Is Half the Solution (Actually the Most Important Half)" for more insights on this topic.

Stakeholder engagement

Rarely is a project ever just an IT project; generally it should be viewed as a broader process to deliver business benefits.

It is a given of successful technology projects that there should be good consultation with all stakeholders involved, including end-users. Ever since NPfIT began, there have been concerns expressed by key stakeholders within the health system, especially doctors and GPs, about the accessibility and utility of the planned system.

In particular, it was not clear even from the outset of NPfIT exactly what was going to be delivered to the ultimate end-users. Add to that the entrenched interests in NHS trusts about loss of control over their own systems and you have an inherently suspicious, if not downright hostile, user base. Few projects can succeed over the outright opposition of the proposed users.

See "10 Principles of Stakeholder Engagement" for more insights on this topic.

Start slow in order to run fast later

One so-called innovation for which NPfIT was originally praised was the speed and efficiency of its procurement and contracting process. That process has subsequently become a mill-stone around the project's neck.

NPfIT rushed to award contracts in almost indecent speed with insufficient planning, particularly for such a large contract. Contract scope was unclear and much work needed to be done after contract award to agree key contract parameters such as scope and deliverables. At the time, this was felt by many to be a sign of success and the model for how future procurement should be done.

No-one could argue that there must always be a desire to procure and award contracts as efficiently as possible. But this can't come at the sacrifice of agreeing all appropriate contract terms up-front, rather than retrospectively once the contract has been put in place. Nor is this a substitute for doing appropriate due diligence before the contract is awarded and actually writing clear statements of work and requirements.

One of the lessons that should be learned is that projects will always run into trouble if they try to complete the contractual paperwork before actually working out the scope of what a project is about, what its deliverables will be and how they will be implemented.

See "Your Projects Should Start Slow in Order to Run Fast Later" for more insights on this topic.

Balancing risk and reward

The NPfIT procurement model called for a drastic cut in timescales, with no negotiation allowed, contracts offered on a "take-it-or-leave-it" basis and a very aggressive approach to legal remedies against service providers. NPfIT and its advisers appeared to forget the golden rule that these contracts involve a long-term relationship; so a hyper-aggressive approach to supplier management is counter-productive.

One of the issues that bedevilled the project from the outset was the extent to which the NPfIT was attempting to force service providers to accept onerous and one-sided contracts. Negotiation was a dirty word and NPfIT used heavy-handed tactics to ram through contract terms that were considerably harsher than had ever been seen within a government (or even private sector) context before.

It is worth noting that some of these provisions (for example, in relation to what happens on financial distress of a service provider or in relation to clawback of prepaid milestone payments) have found their way into standard practice within government - not always with entirely successful results.

The combination of the implemented payment provisions (under which service providers had to do all the work upfront with no payments until successful delivery) and the harsh termination and liability provisions, meant that the risks being absorbed by service providers were extremely high.

While many may say that service providers make a healthy margin and, therefore, ought to absorb risk, no service provider is a bottomless pit able to accept enormous costs and risks of delivery, particularly where the customer is in a position of being able to re-interpret and add requirements during the course of delivery. A number of significant service providers have fallen by the wayside during the course of the NPfIT project simply because of the difficulty of delivering what NPfIT wanted within its timelines and risk profile.

Hopefully, one lesson government will learn from NPfIT is that there needs to be a balance of risk and reward in negotiating contracts even for very large projects. It is notable that the standard paradigm for public sector contract terms has moderated significantly since NPfIT was initiated. Many might wish that there had been more reasonable voices involved in the original project who could have argued for putting in place a more moderate, deliverable contract that didn't force service providers to take on so many contractual risks that their own internal business cases became unstable.


NPfIT was certainly innovative in its structure of making different service providers work together by awarding work in a series of lots. Part of the rationale for this approach was that different regional service providers could be swapped in or out if and when other regional service providers failed.

At least this has meant that, as some service providers have had their contracts terminated over the past few years, there have been others prepared to pick up the slack. But it does illustrate that anything other than a "one customer, one service provider" structure is very difficult to operate.

This doesn't mean that it cannot be established in this way - as the current hype of multisourcing contracts has shown. But it does mean that there needs to be much more careful thought and planning in advance about how different service providers will be incentivised to collaborate - not forced to co-operate almost against their will and without some "script" or plan as to how disputes will be resolved.

Checks and balances

There is a tendency amongst people involved in a project which isn't going well to adopt the "I've started so I'll finish" approach, circle the wagons and not step back and take the inevitable decision at a more appropriate stage.

Good managers on technology projects are always asking themselves whether the original course of action is correct and whether adjustments are required - and they are prepared to take the ultimate decision at the right time and not delay the inevitable.

NPfIT was run by a very strong project director with a powerful personality. Maybe that was the best way to give the project a chance of success. Unfortunately, once the project ran into trouble there much less room for manoeuvre and few supporters outside the core team. Clear accountability is fine (indeed, essential) but accountability needs to be in the right hands and with the right checks and balances. If the public sector learns anything from NPfIT, let's hope that it will be how to identify and implement those checks and balances from the outset.

Closing Thoughts

The Public Accounts Committee (PAC) calls the saga one of the “worst and most expensive contracting fiascos” in public sector history, and adds: “Although the Department told us that the National Programme had been dismantled, the component programmes are all continuing, the existing contracts are being honoured and significant costs are still being incurred. The only change from the National Programme that the Department could tell us about was that new governance arrangements were now in place.”

The estimated costs of the scheme rose from £6.4bn to £9.8bn, but ongoing costs arising from legal battles and other issues will keep dragging this figure higher, the MP said, especially the price of terminating the Fujitsu contract in the south of England, and the ongoing costs of Lorenzo in the north, Midlands and east.

Committee member Richard Bacon MP said the fact that only 22 trusts are now expected to take the Lorenzo system – despite the original contracts with CSC totalling £3.1bn – is another indictment.

Let’s hope the whole public sector has learned something from this disaster. It is our money that is wasted.

If you want to make sure your business critical project is off to a great start instead of on its way on my list with project failures? Then a New Project Audit is what you are looking for.

If you want to know where you are standing with that large, multi-year, strategic project? Or you think one of your key projects is in trouble? Then a Project Review is what you are looking for.

If you just want to read more project failure case studies? Then have a look at the overview of all case studies I have written here.


Posted on Sunday, January 20, 2019 by Henrico Dolfing