Committees of the board meeting minutes

HSE Technology and Transformation Committee meeting minutes 9 June 2023

A meeting of the HSE Technology and Transformation Committee was held on Friday 9 June 2023 at 9am via video conference.

Meeting details

Members Present

Tim Hynes (Chair), Fergus O’Kelly, Barry Lowry, Martin McCormack.

Apologies

Brendan Whelan, Rosaleen Killalea, Derick Mitchell.

HSE Executive Attendance

Dean Sullivan (Chief Strategy Officer), John Ward (Interim Chief Technology Transformation Officer), Fran Thompson (CIO), Grace Rothwell (Chief Officer, South East Community Healthcare), Brian Murphy (Head of Corporate Affairs), Niamh Drew (Deputy Corporate Secretary), Rebecca Kennedy (Office of the Board).

Joined the Meeting

Mary Cooke (eHealth Delivery Director for Community Health Services - Item 3.2), Kathryn Kissane (eHealth Deputy Delivery Director, Engagement & Delivery - Item 3.2), Priscilla Mary Crombie (National Digital Health Business Lead - Item 3.2), Maurice Farnan (AND Community Operations - Item 3.2), Patrick Lynch (CRO – Item 4-5).

Minutes reflect the order in which items were considered and are numbered in accordance with the original agenda. All performance/activity data used in this document refers to the latest information available at the time.

1. Committee Members Private Discussion

The Committee held a private session to review the agenda, the relevant papers and approach to conducting the meeting, noting that the focus of the meeting would be to receive updates on key items and to suggest relevant actions as they became apparent.

2. Governance and Administration

Executive members joined the meeting

2.1 Declarations of Interest

No conflicts of interest were declared.

2.2 Minutes

The Committee approved the following minutes:

  • 3 February 2023

3. Technology

3.1 Current organisational structure as at June 2023

The CTTO presented to the Committee the current eHealth organisation structure. He informed the Committee that since the update provided at its October 2022 meeting, the HSE has completed its 2023 planning process, the ICT & Cyber programme has been mobilised, and the CISO function has been established. The CTTO confirmed that the eHealth team are primarily focused on delivery of the service plan and are also collaborating on options for a future model for Regional Health Authority (RHA) delivery to align with overall approach to RHAs.

The Committee queried whether the organisational structure of digital teams in the RHAs has been signed off and the CTTO confirmed that it was not. The Committee emphasised that a robust governance structure should be in place for the RHAs to ensure nationwide consistency with the implementation of digital health strategy and that a party responsible for ensuring compliance is required. The CIO confirmed that it is planned that this will be the individual RHA Chief with support from the HSE CEO.

3.2 Key technology programmes

3.2.1 Digital Health Strategy update

The CTTO provided the Committee with a status update on the engagement underway in collaboration with the Department of Health on the Digital Health & Social Care Strategic Framework (DoH), and the HSE Digital Health Strategic Implementation Plan (HSE). He advised that the Consultation & Stakeholder Engagement phase of the DoH Digital Health & Social Care Framework 2023-2030 has been completed with significant stakeholder engagement across government, the wider health sector and key stakeholders across the HSE. The HSE team have aligned with the DoH’s framework through collaboration to develop the HSE Digital Health Strategic Implementation Plan. The CTTO confirmed that the strategy is being developed in line with the HSE Capital and Revenue funding plans and cost estimate validation is currently underway.

The Committee discussed the placement of this strategy in relation to other initiatives such as the EU 2030 target for all citizens to have access to electronic health records. It was agreed that this strategy should be brought to the Board as a focus area and that different versions of proposals brought to DPER are outlined.

3.2.2 eHealth division report

The Committee noted the eHealth Division report which was circulated in advance of the meeting. The report is produced for the Department of Health as part of their oversight of the HSE’e eHealth division and is extensive, covering releases, programme updates, staffing, budgets and risks and issues. It was agreed that the report would be shared with Committee for noting going forward.

3.2.3 Integrated Community Case Management System (ICCMS)

M Cooke, K Kissane, PM Crosbie, and M Farnan joined the meeting The CIO provided an update on the ICCMS programme which has an implementation timeframe of 3 years, with first deployment in 2025. The ICCMS programme has been identified as the crucial foundation and key priority development that will facilitate service delivery across all community services nationally improving health & social care as well as staff, patient and service user experience in line with Sláintecare.

The Committee discussed the importance of engagement with GPs during the roll-out of this programme. Committee member F O’Kelly agreed to engage with the College of GPs in relation to this. The Committee also highlighted the need for safeguards in relation to data access on the system. The CTTO confirmed that locking mechanisms will be in place and there will be audit trails to show changes made to records.

The CIO advised that the next stage of the programme’s first significant milestone is the completion of the procurement process for the ICCMS system. The Committee agreed that the ICCMS programme should proceed to the completion of procurement.

CIO and B Murphy left the meeting.

3.2.4 Shared Care Records (SCR)

The CTTO provided an update on the National SCR programme which will make an important contribution to the integration of care between acute and community services, including the shift of services toward the community and the establishment of vertically integrated Regional Health Areas.

The Committee queried whether there will be a universal rollout of any one system and whether this would impact services which already have a form of electronic healthcare record e.g. Children’s Health Ireland and GP services. The CTTO advised that they are seeking a product which will allow different types of records to be viewable on the same system.

The Committee expressed their support for the work completed to date and it was agreed that updates on the programme should continue to be provided to the Committee.

M Cooke, K Kissane, PM Crosbie, and M Farnan left the meeting.

4. Risk Management

4.1 Corporate Risk Register Q 1 2023 Technology and Transformation extract

CRO joined the meeting.

The CRO updated the Committee on the Q1 2023 Review of the Corporate Risk Register (CRR). This review is being conducted in line with the ‘Moody’ Risk Report recommendation. The ongoing assessment of each of the HSE corporate risks is expected to result in significant changes being proposed to the risks recorded on the CRR.

The CRO advised that the papers circulated in advance of the meeting relate to the current CRR Risk 011 Digital Environment and Cyber Failure. The Committee discussion was based on these papers and covered the areas of focus for the current corporate risk review, the Conti cyber-attack and Postincident review, and how the risk is currently defined.

The Committee focused their discussion on how this risk is defined, highlighting that there should be a clear link between investment and the risk. The Committee also discussed the importance of changing the culture around risk and highlighted that people should not be hesitant to report mistakes when they occur.

5. Cyber

5.1 Overview for Committee regarding Committee Cyber Workshop July 2023

The Committee discussed the format for a proposed upcoming workshop which will focus on the Cyber-attack and Post-incident review. The Chair highlighted the importance of ensuring that the Committee and Board are assured on the cyber position of the HSE. It was agreed that cyber should be added as an annual focus area for the Board and that Board members would be invited to attend the workshop when it is finalised.

CRO left the meeting.

6. A.O.B

6.1 Post Incident Timeline Debrief

The Committee noted the paper circulated in advance of the meeting and the CTTO advised that this debrief would be covered in detail at the Committee’s cyber workshop.

CTTO left the meeting

The CIO provided an update on the “MoveIT” Cyber attack on a vendor of the HSE. The HSE’s own network was not compromised. This is an ongoing situation the committee will be provided with further updates if the situation changes.

The meeting concluded at 13:00.


This is a beta version - your feedback will help us to improve it