Digital health and care: what lessons will we learn from COVID?

When we were going outside on a Thursday night to clap for carers and putting up rainbows in windows for the NHS, probably very few of us were thinking of IT staff.

But none of the major developments that have happened in the last year in response to COVID-19 would have been possible without the tech teams behind the scenes working to set up systems and make sure the necessary data was available and secure for each new development.

Eilidh McLaughlin, associate director for information security and governance at NHS National Services Scotland (NHS NSS), runs through just some of what they have been working on over the last year.

It’s the kind of change that would normally take years rather than months.

It all started with the rollout of Microsoft Teams so that all NHS staff who could work from home were able to, something that had been planned for the future but just not quite so soon.

Then came the governance for the first round of testing led by the UK Government, which was put in place to allow the data to be used in Scotland.

This was followed by developing a case management system for the contact centre from scratch, as well as training up staff in thinking about information security in their home set-up, such as making sure their screen is not overlooked, wearing headphones and keeping Alexa in a different room.

With more data coming in, there was a lot of thought about how to use the data and who it could be shared with, as well as work to look at clusters of the virus and what might be causing them.

Then came the Protect Scotland app and the Check In Scotland app, which uses QR codes to record visits to hospitality venues and could be rolled out to other areas.

After that it was plans for asymptomatic community testing, the vaccine rollout and the expansion of testing to schools.

All of these needed appropriate information security and governance around them.

For the vaccine rollout a completely new system had to be created because there was no existing system for a national vaccine programme to the whole of the adult population.

Initially, NHS Education for Scotland created the National Clinical Data Store, which is the “single source of truth for vaccination in Scotland” for COVID-19 and holds the COVID-19 vaccination record for every adult in Scotland.

That had to be created from other sources of information pulled from medical records, all with the relevant knowledge and understanding of all the data controllers of that information, which is usually health boards and GPs.

From there they also created the vaccination management tool, which allows the person who is administering the vaccine to input information on the vaccination that they have done on the patient.

That information then flows back into the National Clinical Data Store to allow it to be stored safely and securely and in one single source.

Alongside this, in just eight weeks, NHS NSS created a national scheduling module to allocate appointments, which health boards are gradually being migrated onto.

They’ve also put in place a portal that allows people to change or cancel their appointment if it’s not suitable for them, because, McLaughlin emphasises, the vaccine is not mandatory and people can turn down an appointment.

All of this means a lot of confidential data flowing about, whether that’s who’s got, or had, COVID, what part of the country they are in, who they’ve been in contact with and whether they’ve had the vaccine, and at every step of the way there have had to be protocols in place for how the information is secured, who can access it and why.

This has been a huge amount of work for a small team.

“It has been busy. It’s been a challenge,” says McLaughlin.

“In amongst all of these really, really good things to do, and correct things to do, to support people and really tackle this pandemic head on, it’s been a lot of work, and this is what I really want to call out.

“Our NHS frontline staff have been amazing, but so have the backroom staff.

“None of this would be possible without really strong information security teams, information governance teams and information technology teams who have really come together and worked with the clinicians to create secure and safe systems for the public to be able to use in the response to this pandemic.

“It has never been so vital with all of this stuff then to have information security and governance all over this. And bizarrely enough, connected with this, equality as well, and accessibility.

“All of these interlink to make sure that public trust is maintained, and all of it interlinks to make sure we’re delivering systems that meet our regulatory requirements, that are not doing things that are outwith the necessity and proportionality of what we need to do.

“And also while maintaining the confidentiality, integrity and availability of that data.”

It has been an “incredible ask” on very small teams of people, McLaughlin says.

But she adds that these staff are never going to be underused and the new systems that have been developed will not go away now they are in place, even once we return to something more like normal.

And these systems will need constant maintenance and insurance that they are safe and secure.

She explains: “These systems are never going to go away now. They’ll scale up and down as needed. So if there is a requirement, then if we have a further pandemic or further outbreaks, we have this safety net inbuilt.

“And it might need dusted down a bit and shaped out a bit and looked at, but it’s there. And that’s a better place for us to be in than we were in this time last year, because none of this existed.”

Regarding what can be done better in the future, McLaughlin’s view is that we need to have the kind of national systems that have been created over the past year.

“In terms of overall, what I think this pandemic and the systems and processes that we put place has shown, is that Scotland has to work better together across our different health systems.

“The amount of effort it’s taken to – and I would caveat, this is a personal view – the amount of work and effort it takes to look at where all the data is and get all the permissions and put all the sharing agreements in place and all of that kind of thing, it is absolutely phenomenal.

“And it could be simplified while still keeping people’s data safe and secure and appropriately sharing it ... And that really needs to be considered.

“The cost on the system of doing this is huge. And that cost is a holistic cost between the care of the patient at the frontline right the way through to the backend.

“We’re not a big nation. We need to make this simpler and easier. And there’s ways of doing that.”

One of the people who will be looking at lessons learned from the pandemic and taking them forward is Jonathan Cameron, head of digital health and care at the Scottish Government, who is working on a refresh of the government’s health and social care strategy, taking account of what has changed as a result of COVID.

The basic aims of the strategy haven’t altered, he says, but some of the detail will have.

And he emphasises that the strategy is about social care as much as health, which is significant given how that has been in the spotlight during the crisis.

Cameron says: “The digital health and care strategy aims still apply, but what’s changed since then, of course, is that COVID has come in and the world of digital’s really changed as a result of that.

“And, you know, there’s been some fantastic things really accelerated and different things done that we never would normally have expected to do.

“So what we’re doing is to really take the lessons learned from COVID, the collaboration, the good work that’s been done, and refresh the strategy in the sense of we want to keep building on that and there’s some things that have been developed that means we can accelerate some things as well.”

The refresh of the strategy is due in March. This may include detail about how they’re going to improve citizen access to data and the work they’re doing on information governance.

“But on top of that, later this year, for the first time, a specific strategy will be published on data in health and social care, which Cameron says he’s “personally quite passionate about”.

“I think there’s big opportunities to make much more of the data that we have and be much clearer about what we’ll do with it, what our ambitions are,” he says.

“And that’s working towards things like bringing in AI or machine learning, or just simply being able to share data more easily, which all helps with, again, all the broader strategy.”

Cameron says they’re starting to see more data come through nationally that they previously wouldn’t have had access to and there’s been a lot of progress made in that area during the pandemic, so the aim of the data strategy is to look at what it’s right to do nationally but also what it’s right to do locally and how best to support that.

Another step forward that is coming this year is the rollout of the new GP IT system, which is designed to be cloud compatible and make data sharing easier.

This is a key development in enabling better sharing of patient data within the NHS and towards creating a patient-facing system, although there is no specific timetable for the latter and Cameron believes more consultation is needed.

They will also be keeping an eye on international developments with regards to vaccine passports, but Cameron stresses there has been no decision on that yet.

In terms of positives to have come out of the pandemic, Cameron notes that COVID has opened up new networks and that there is more collaboration and joint working with a “shared single goal”.

There has also been a  great deal of work done through care homes and they have a digital plan for care homes for the first time.

The strategy refresh is an opportunity to shift the balance more towards care, to recognise the importance that we’re placing on that and to continue to build on that area, he says.

Asked what else he thinks has altered because of the pandemic that is likely to shape the future direction of digital health and social care, Cameron cites a more rapid pace of change and better recognition of the benefits of digital.

“I think the acceleration, the pace and the willingness to go with a very agile approach will be probably the biggest visible change on how we implement going forward,” he says.

“I think historically there was a tendency to write very long requirements, or very detailed requirements, do lots of engagement, and sometimes that would take quite a long time.

“And I think for me, the biggest lesson learned is, you’re sometimes better, in fact you’re usually better now, just getting started.”

“And I think the other thing coming out of COVID is just a recognition of the opportunity that digital brings.

“And I think it’s much more visible to everyone the importance of digital, even just simple things of keeping as many people working at home or, again, trying to keep connected with care homes and, you know, people just simply keeping in touch.

“I think that’s all changed the way that people view digital, and I think that will be reflected in the strategy.

“And I think the opportunity, and in some respects it’s a challenge, but definitely the opportunity for digital to make a big difference, but to do it in a faster, more agile way, is one of the biggest lessons learned from COVID for me.” 

Eilidh McLaughlin and Jonathan Cameron will both be speaking at Holyrood’s Digital Health and Care Scotland conference on 24-26 February: https://digitalhealth.holyrood.com