Committees of the board meeting minutes

HSE Technology and Transformation Committee Meeting Minutes 19 January 2023

A meeting of the HSE Technology and Transformation Committee was held on Thursday 19th January 2023 at 10am in Dr Steevens Hospital, Dublin 8.

Meeting details

Members Present

Tim Hynes (Chair), Fergus O’Kelly, Barry Lowry, Martin McCormack, Rosaleen Killalea, Derick Mitchell.

Apologies

Brendan Whelan.

HSE Executive Attendance

Dean Sullivan (Chief Strategy Officer), John Ward (Interim Chief Technology Transformation Officer), Niamh Drew (Deputy Corporate Secretary).

Joined the Meeting

Puneet Kukreja (Interim Chief Information Security Officer – Item 3), Michael Redmond (Chief Operations Officer eHealth – Item 3.2), Yvonne Goff (ND Change and Innovation – Item 4.1).

Minutes reflect the order in which items were considered and are numbered in accordance with the original agenda. All performance/activity data used in this document refers to the latest information available at the time

1. Committee Members Private Discussion

The Committee held a private session to review the agenda, the relevant papers and approach to conducting the meeting, noting that the focus of the meeting would be to receive updates on key items and to suggest relevant actions as they became apparent.

2. Governance and Administration

2.1 Declarations of Interest

No conflicts of interest were declared.

2.2 Minutes

The Committee approved the following minutes:

  • 17 October 2022
  • 3 November 2022
  • 28 November 2022

3. Technology

The Chair welcomed Executive members to the meeting.

3.1 Guiding Principles Document

The CTTO presented an updated Guiding Principles document which incorporated feedback provided by the Committee at its workshop on 28 November 2022. The CTTO answered questions from the Committee in relation to patient access to digital healthcare records under the EU Digital Decade policy which requires such access by 2030. He confirmed that the HSE is actively working in conjunction with the DoH towards meeting this deadline. The Committee provided additional feedback and wording for the Principles which was to be sent to the CTTO following the meeting.

3.2 Review of ICT Capital Plan

COO eHealth joined the meeting.

The COO eHealth provided the Committee with and update on eHealth and ICT funding in the HSE and confirmed that the ICT Capital Plan submitted to the DOH is still in draft form. He advised that the ICT and eHealth capital funding available in 2023 is €140m, an increase of €10m (7.69%) from 2022 and the multi-annual nature of major project and programme delivery means that decisions made, and priorities set in one year can have a major impact on spending across future years. The Committee queried whether there is a multi-annual capital plan which takes this into account. The COO eHealth confirmed there is an internal plan which he would circulate to the Committee to facilitate further discussion.

The COO eHealth presented a paper on the HSE IT Budget Benchmark provided by Gartner. He highlighted certain elements of the report including the addition of business unit IT in this year’s analysis, revenue budget, capital analysis, and workforce comparison. The Committee asked questions on the data provided in relation to refreshment of current technology and devices. The COO eHealth advised that although there are many legacy systems still used, there is good progress being made in this area with a big focus being placed on single digital identity. The Committee discussed the risk in this area and agreed that risk appetite on servers should be established and, through the ARC and Board, consider its addition to the CRR.

The Committee thanked the COO eHealth for his presentation.

COO eHealth left the meeting.

3.3 Board Strategic Scorecard – eHealth

The CTTO presented the proposed eHealth Board Strategic Scorecard to the Committee advising that it was based on five key deliverables with a focus on alignment with the National Service Plan and Capital Plan. The Committee emphasised that the development of the Score Card should have a clear focus on outcomes rather than inputs. The CTTO articulated that the scorecard was at a strategic level, and were underpinned by detailed reporting. The Committee indicated there are areas where they may seek monthly updates for instance HealthIRL. The culture perspective of reporting was also to be considered as the Committee advised people should not have concerns about ramifications when reporting incidents or if an areas reporting is not green, it is more important to have accurate data to allow issues to be addressed.

3.4 Threats and Mitigations Briefing

The CISO briefed the Committee on Cyber Threat and the HSE Cyber Risk profile, highlighting key attack vectors, cybersecurity metrics recommended by Gartner, cyber threats impacting the HSE and HSE recent cyber events. The Committee discussed the metrics highlighted and requested that information relating to certain areas of concern be reported to the Committee at each of its meetings. The Committee also requested further detail on Privileged Access Management procedures.

The Committee requested that CISO and CTTO recommend options for external assessment of the HSE’s cyber position, noting that the decision on this will rest with the Committee/Board and that it should allow for annual assessment to track progress.

The Committee thanked the CISO for his presentation and agreed that following further development in this area, a briefing will be brought to the Board.

CISO left the meeting.

4. Transformation

4.1 Discussion on HSE Transformational Strategic Initiatives

ND Change and Innovation joined the meeting.

The ND Change and Innovation provided the Committee with an overview of key strategic reform programmes currently underway in the HSE, highlighting the current technologies enabling reform and additional technologies required. She highlighted that implementing technology and eHealth solutions and accelerating the digitisation of our health service will support a culture of continuous improvement and innovation and allow for increased access, sharing, and analysis of information across the health service. The focus was on four main areas: Enhanced Community Care, Mental Health, Disabilities, and Scheduled Care.

The Committee discussed the policy surrounding the implementation of these programmes, emphasising that the complexity is not necessarily in the technology required but instead in programme rollout. The ND Change and Innovation confirmed that while the technology needed is being tested, the clinical and operational model will need to be integrated around this in future. The Committee emphasised the importance of ensuring clinicians are involved in the development of these policies and to ensure that they are not focused only on the needs of hospital systems, but also take in the views of users in community settings.

The Committee queried how service user data flow will be managed under these programmes and whether there are any challenges predicted. The CSO confirmed that though there are challenges currently with several of the voluntary hospital organisations, they are working towards a system of straightforward data sharing with the support of the DoH. The Committee emphasised that this area presents a good opportunity to engage service users in policy development and ensure that their views are incorporated.

The Committee discussed the other challenges which may be faced during the implementation of these programmes, advising the CSO that the Committee/Board needs a greater sense of understanding and confidence in the transformation map, priorities, and interdependencies. An example was given of the upcoming implementation of the Regional Health Areas (RHAs), with the Committee querying what would stop the HSE moving to this system immediately. To fully address this question, the CSO agreed to present to the Committee a paper updating members on the position with RHAs, and the key tasks, dependencies and challenges associated with RHA implementation.

CSO, CTTO and ND Change and Innovation left the meeting.

5. A.O.B

Nothing was raised under this item.

The meeting concluded at 13:20.


This is a beta version - your feedback will help us to improve it