Royal Papworth: Laying Digital Paths for Healthcare’s Future
Andrew Raynes, Chief Information Officer (CIO) at Cambridge-based Royal Papworth Hospital, one of the world’s top 100 medical institutions, believes “we all have a unique story to tell”.
Indeed, Raynes’ story is certainly unique. Starting his career as a hospital porter, Raynes’ introduction to the UK’s National Health Service (NHS) saw him “moving bodies to mortuaries, collecting posts, taking patients to X-ray and even driving ambulances.”
With a role in technology and information seemingly far off from these beginnings, Raynes soon became interested in a project the NHS undertook in the early 1990s, developing the first green screen technology implementations of a PAS system.
Joining the development team, Raynes enjoyed being part of that team and working for a community hospital at the time.
“I was helping to train and deploy the new technology,” he adds, “and I very much remember going through that early technological change. It was a nerve-racking time because NHS staff hadn’t used technology like this before.”
Nonetheless, this experience set the path for Raynes’ tech future in public service. From there he moved to different roles in IT, from past implementation to information governance.
“I actually became Head of Information Governance at one point, and had an opportunity to act as Assistant IT Director at a Primary Care Trust, which had around 29 GP practices under its belt,” notes Raynes.
Things soon became a whole lot bigger for Raynes when he moved to work at a Strategic Health Authority (now abolished as part of the Health and Social Care Act 2012), a nationwide initiative aimed at digitising the NHS through electronic patient records.
From there, following time at the National Programme for IT (NPfIT), Raynes moved to a consultancy to gain experience in the commercial sector, before self-funding a masters degree and rejoining the public sector at one of London's prisons, HMP Thameside on the Belmarsh estate.
From the prison estate he joined a local Authority rolling out a children’s and adult’s electronic social care record in Leicester before finding himself back in the healthcare sector, though, at a major acute hospital in London as an IM&T Director which saw the impact and response to the Wannacry cyber attack which he recalled staying overnight in the hospital.
“The learning from this was incredible,” notes Raynes, and placed him in good stead for his role today – CIO of Royal Papworth Hospital.
“I feel so privileged to be working at a hospital again, and I have a deep passion for the NHS that I’m sure is shared by my colleagues,” he adds.
“I've been here now for six years as CIO, and what I love about the role is our patients, the staff and this incredible institution. Its achievements and innovation are humbling and I being responsible for the technology, supporting transformation and helping staff with their needs and technological understanding.
“The role is also about problem-solving and creating value. Where there are issues, it's about how we solve that problem.
“It’s about taking people on a journey with you and managing everyone’s different views and insights. It can be a challenge, but as soon as we can get the majority onboard with transformative change for the better, the rest of the organisation will follow.”
Driving digital change at the NHS
Of course, as a state-run service, driving technological transformation is dependent on operational costs. How much can be spared on digital change without compromising patient care costs and staff wages?
“You can’t just keep switching technology on for the sake of it,” says Raynes. “You've got to look at what technology you’re going to turn off before introducing something new.
“It’s also about asking what you can afford to turn off while continuing to maintain safety standards and keep the lights on. Around 80% of what my team and I do is simply keep the lights on and make sure our technologies are working efficiently. About 15%-20% of our work is around transformational capability.”
Transformation itself is by no means enough to warrant wholesale change either. As Raynes notes: “It’s important to look at the objectives of the organisation and the problems we may have, then come up with technological solutions to solve those problems.
“Today we hear a lot about new technologies whether it’s Gen AI, robotic processes or intelligent automation. While they’re all exciting, the job of any CIO is not to focus on the latest red balloon that comes by, but on specific solutions for specific problems.
“One of the challenges facing the CIO this year is the ability to stay the course in terms of continuing the knowledge base. That is the problem I'm trying to fix, and it’s important to have a toolkit to help you along the way in that.”
Though being selective and deliberate in the technologies implemented at Royal Papworth Hospital and the wider NHS is a must for CIOs like Raynes, this doesn’t mean there hasn’t been significant transformation for the better in recent times.
Raynes has seen a huge amount of transformative progress in his six years at Royal Papworth. Now, he says the hospital is “world’s apart” in its technological capabilities than it was when he first joined.
“Today, we get to experience the effect of full fibre, with much more use of AV pretty much in every patient room. We’ve scaled up patient entertainment with a distributed antenna system (DAS) throughout the hospital including plug-in antennai from all the major mobile signals to help boost our mobile device capability, and we’ve got full RFID throughout the hospital for traceability on equipment.”
However, for Raynes, one of the biggest successes at Royal Papworth Hospital is its “ability to integrate and interoperate with other technology solutions”.
“One of the major historical things we’ve learned, particularly across my time at the NHS, is that to have an effective patient record doesn’t mean we all have to be on the same patient record.
“We've proved over and over again, we don't need to do that. There's a massive benefit to the use of interoperability standards. We were the first site in the UK to create a bidirectional interface using interoperability with EPIC.
“Through interoperability, we’ve also been able to produce and send blood samples to neighbouring hospitals and get information back by sending data to and from different systems.”
The interoperable capabilities at Royal Papworth Hospital have only continued to grow. Most recently, technologists at the NHS have produced a shared care record (essentially middleware), allowing NHS staff to share data with the middleware that can then be distributed and exposed to other computer systems.
“This approach will help to fix broken care pathways,” adds Raynes, “because it allows other hospitals or systems to see the data about a patient from one system in the context of their own electronic records infrastructure.
“This has been a game changer for us in terms of how we move forward and highlights how healthcare can become much more connected and efficient without incurring the cost of wholesale system change.”
Innovations like these represent a really important step in our learning from the past and for the future of the NHS, and Raynes is excited to see what more capabilities can be created by interweaving patient care with citizen portals to engage patients more in their own care.
He says: “This can encourage more self-directed care because patient portals will contain a person’s records, and the more a patient adds to their record the more holistic their healthcare picture becomes. Much like when you take out car insurance, you’ll be able to interact with your record, offering a much greater tailored experience for the patient.
“This creates a much more interactive, more carbon and emission neutral process too, just by meeting patients where they're at.”
Technology for defence as well as innovation
It’s clear that technology has enabled an improved customer experience for NHS patients, both at Royal Papworth and across the UK, largely because a selective, considered approach has enabled the service to innovate where innovation is most needed.
However, technological capabilities employed by the NHS are not just tailored to innovation; unfortunately, cyber security has to be high on the agenda too.
Recently, cyber attacks on hospitals have risen by as much as 95%, so while Royal Papworth’s technology and data infrastructure is geared to innovate, it also protects hospital data from hackers seeking to gain access to sensitive patient information.
“This issue is really high on the agenda at Royal Papworth,” says Raynes. “It’s one of the biggest risks we face, so I’m always keen to get metrics coming through on the side of cybersecurity, on our posture defence and the size of any potential attack.
“The NHS is a wide-ranging public service, so the attack surface for cyber criminals hackers is massive. This means perimeter security may be variable in places, and the health and care data set itself is a rich source of information that in the wrong hands can probably provide great insights into helping authenticate and therefore steal data.”
Of course, cyberattacks on the NHS have already taken place in recent times, with the compromise of NHS 111 and an attack on the ambulance service in 2022.
The NHS is a highly interconnected service, so if one area of operations is targeted, it can lead to untold impacts in other areas of the organisation.
Now in 2024, there is growing concern around the capabilities of new AI-based attacks, which have capabilities beyond the human interventions that currently exist in health and care services.
“We need to create a rebuttal to these kinds of attacks,” says Raynes. “But how do you do that if you're not using artificial intelligence to defend against artificial intelligence-based attacks?
“This cranks the pressure up on using AI in the right way to defend your organisation and grow your cyber posture. So that’s definitely something to be wary of.
“I’m privileged and responsible as CIO to look after all of our patient data. It’s about being the safeguard of trust. Patients trust the NHS, so what happens if their data falls into the wrong hands? My colleagues and I need to do everything we can to make sure we protect that trust.
“Cybersecurity is a real issue, and organisations really need to consider what kind of investments and securities they are putting in place this year as the cyber threat becomes more real.”
Improving security and driving innovation through partnerships
Indeed, driving greater security standards and ensuring adequate protection can be achieved through partnerships, and over the last year, the NHS has been working with Zivver to help improve the security standards of its emailing services.
“Zivver has been great for flagging odd occasions when there are misdirected emails with sensitive information in them. It uses AI to help point out potentially sensitive data in an email before it is sent.
“It puts a nice checks and balances system in place for users. We all live and work in a fast-paced environment, so this helps mitigate against any accidental incidents.”
Of course, the NHS’ partner ecosystem extends across its network, and most recently, Royal Papworth announced a joint project with Softcat to help transform the way it works inside the hospital using traceability.
Raynes notes: “One of the aspects of the Softcat project has been to introduce a network of radio frequency identification, which means we've got ceiling scanners, ceiling readers and handheld devices that staff can go around and find equipment with. It can even locate equipment for us.
“When you've got busy staff, what you don't want is people spending hours looking for a bed pump or a high-end piece of equipment.
“The system we’ve worked on with Softcat is on every floor of our hospital, using barcodes and passive tags which contain what we call a GS1I standard. And those standards enable us to trace throughout the building all of our equipment within a scan.”
It’s evident that partnerships like these are crucial in helping Royal Papworth extend its interoperability agenda, enabling technology to do the work and optimise all facets of operations which provides a better solution rather than locking into single vendors.
Royal Papworth: Looking to the future
As such, Raynes hopes Royal Papworth and the wider NHS can continue this trend as he looks to drive further interoperability standards for the future.
He concludes: “Looking ahead, continued work on shared care with our partners will help drive innovation forward, particularly within our own system. We need to ensure that data continues to remain available when needed too.
“We've got other work we're doing in terms of intelligent automation, again, trying to look at how we free up staff time and make improvements in that respect. We're doing a lot of work around imaging and improving diagnostics, which will help things like recovery of backlog and making sure we're seeing patients faster through the help of AI.
“What’s more, we’ll be scaling technologies that enable our clinical services to look at that data and see what is available, again, where and when it's needed.
“I think we've got more work we can do around artificial intelligence too, but in a balanced way that equally measures up to other technologies that we want to introduce. We need to get to a place where AI can meet us where we’re at, addressing our specific problems, while not forgetting the value of other important technologies just as important in the care we provide.
“So I believe 2024 will continue to prove incredibly exciting. As always, there’s lots to do and we look forward to bringing it on.”
Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
**************
Cyber Magazine is a BizClik brand
- Cloudflare: Dissecting the Cyberattacks of the US ElectionCyber Security
- Why the Financial Sector Faces AI-driven Cybersecurity DebtOperational Security
- DDoS Attacks Surge 49% as Hackers Target Financial SectorCyber Security
- GDIT Report: IT Decision-Makers Waking up to Quantum RealityOperational Security