Take Up For GP Online Services Hits 42% rise YOY in 2018

With 1 million patients now using the NHS every 36 hours, the pressure is firmly on the nation’s healthcare system to cope with an increased, ageing population, more complex medical conditions being treated, increased waiting time for treatment and more ingenious medicine which is keeping people alive for longer.  Tie that to Brexit and the drive for a 7 day service against today’s staffing pressures and you can see a perfect storm brewing.

Enter then, Health Minister Jeremy Hunt and reflect on his 5 Year Forward View for the NHS. Published in 2015, he laid out his vision for a gradual but persistent transition to patient power – in which digital technology would play a central role.  This was expanded on with his appointment of digital guru Martha Lane Fox to identify four key changes to map out a digital NHS for everyone.  Her stated targets included the following:

o  To reach the furthest first and leave nobody behind
o  To provide free WiFi for all throughout the NHS
o  To build the skills of NHS staff to support people’s needs in the digital age
o  To boost take up of online GP services

So it’s exciting three years on to hear good news coming from NHS Digital’s Leeds HQ. Their latest figures show patient registration take up for secure GP online services in England has risen sharply.  Nearly 14 million patients are now going to their GP’s online for a variety of NHS services without the need to visit a surgery or phoning the practice. These include:

•  Booking appointments
•  Ordering repeat prescriptions
•  Patients view their own records

The figure of 14 million patients is up 42% on February 2017 and amounts to a total of 24% of patients in England now being registered.

For the GP surgeries in local communities who have taken the plunge to embrace technology and overcome initial reservations in parts, these digital pioneers are now reaping the benefits from a variety of online GP cloud service providers.  The results are significant time savings for both the staff and practice GPs, fewer ‘no shows’ and improved patient awareness as patients become more knowledgeable about long term conditions.  The net benefit is derived because GPS have integrated the online public service with single source information clinical systems like EMIS and SystmOne.

There will always rightly need to be a hawkish attitude around protecting sensitive data, however if these new online systems are well governed and securely managed, the public that take up this offer can enjoy a degree of ownership of their healthcare data in intelligent partnership with their GPs and healthcare providers – and in so doing, feel good too they are contributing to improving NHS service efficiencies in the 21st Century.

Bots – Amicus ITS dips its toes in the art of conversation with our baby bot ‘Ami’

  

At Amicus ITS, with Spring looming at last, we are considering taking our first baby steps to explore the world of smart bot technology.  Developing a bot as a new route of engagement and communication is an experiment, demanding fresh thinking, analysis, reflection and nurture from us all.  We are up for the challenge.  However, just because Amicus ITS is a tech firm and IT solution provider, there’s no assumption that the route to adoption is a given.  It needs to be a positive compliment alongside our existing customer service.  Our baby bot, affectionately christened Amicus ‘Ami‘ by one of our Sales team, will have to prove herself, not just by being a smart technology, but by developing a good working vocabulary.  Her first words we hope will focus on helping customers with general sales enquiries before she has any chance of graduating to anything grander.

Why develop a bot?

The potential for AI in customer service is twofold. With machine learning and Neural Linguistic Programming it can seamlessly give customers the right information they need at the right time by offering self-service options and eliminating the need for a call to a service centre. Secondly, AI has the potential to give customer service representatives more information to help them handle the complicated issues that self-service cannot resolve.

Our instincts to start this journey now in our business lifecycle are borne out by the latest statistics.  At this week’s #MarketingExpo at London’s Excel, chatbots were trending as a key topic of conversation.  34% of call centres in the UK are stated as using AI now, with the expectation that this will rise to 68% by the end of 2018.

The human bit

How we as people communicate and our responses to different types of engagement, is fundamental to the art of good conversation and we have to seek to provide a great customer experience with Ami.  Yielding positive results in a customer’s interactions with a business through a bot has commercial potential in the long term.  But for now, it’s all about getting it right.   We know that a bot should not pretend to be a person.  If we can ensure Ami provides provide relevant information, answers and signposts for you, some of you will enjoy trying this route of enquiry.  But there will always be our people too, alongside and behind Ami, always on hand 24×365 to help support you in every way we can.

B2B

Having a bot in a B2B environment is perhaps less straightforward than if we were in the retail trade. However, there is as much opportunity to make a difference if we do this well.  Amy will need to become customer savvy if she’s to make a difference and be welcomed as part of our service family.  We are keen for our bot not to be a turn off and we would love to include you in helping raise this tech child!  There will be a feedback option built in to the platform when it’s launched in a few months time.  If you do choose to comment, you will help in our education too!  So, watch this space for news as we look forward to becoming a digital parent to this disruptive technology child.   What do you think of bots?   Let’s start the conversation!

 

Warning to UK Public Sector about leaky Amazon Web Services

Amazon Web Services (AWS) are currently in the news for all the wrong reasons.  Their Simple Storage Servers (S3) – known as ‘buckets’ – have been successfully targeted by hackers.  The AWS servers have been found to be alarmingly leaky, enabling the new Buckhacker search engine tool to readily access unsecured sensitive data.

AWS, as one of the UK Government’s chosen cloud service providers (GOV.UK PaaS) runs from AWS in Ireland (a UK-based hosting centre is planned for 2018) and is accredited for handling personal and confidential information classified at ‘Official’ level.

Users are able to search either by ‘bucket’ name, which may typically include the name of the company or organisation using the server, or by filename. The service collects bucket names, grabs the bucket’s index page, analyses the results and stores it in a database for others to search.  There are other tools like AWSBucketDump and according to the hackers exposed buckets can also be trawled for rich pickings with a specific Google Search.

Created by anonymous hackers, a Buckhacker developer commented:  “The purpose of the project is to increase the awareness on bucket security, too many companies were [sic] hit for having wrong permissions on buckets in the last years”.

Clearly, it is in the public sector’s interests not to risk exposure of any sensitive data (theirs or the public’s) and thus a prime consideration for any public sector organisation is to scrutinise the credentials, security performance and sovereignty badge protections of their chosen cloud provider.  Public sector organisations struggle to find funding in already tight IT budgets to defend against cyber attack, but with so many different lines of attack facing them, IT managers are having to take a risk-based approach to identify where to allocate their limited funds.

Amicus ITS Director of Technology, Security & Governance JP Norman commented:   It is worth remembering that the security of the data, no matter where it resides is the responsibility of the Data Controller in each organisation. There are ways to provide security assurance in the cloud layer that conform to the basics of Cyber Essentials. Furthermore, the right partner organisation, such as Amicus ITS, can act as a cloud broker providing proven security assurance recommendations and actions to mitigate such risks.

At Amicus ITS, we are happy to challenge the status quo as we brand ourselves are the safe pair of hands for our customers.  So with any digital transformation journey we will ensure intelligent, joined up thinking to ensure our Security and Governance views chime with those of our technical architects and sales professionals.

You have been told…. GDPR is not Y2K

The Information Commissioner made an interesting observation about GDPR in her end of year summation on 22nd December 2017.

Elizabeth Denham commented that some businesses held the false perception that GDPR was on a par with the Y2K Millenium Bug worry that all systems would fail, which festered amongst business in the run up to New Year’s Eve 1999.

In a view which Amicus ITS shares, she commented that organisations that had taken steps to put in place preparations for GDPR, should not be concerned.  This follows a notable increase in scaremongering stories and also profiteering activity during 2017 for ‘GDPR solutions’.

Ultimately, companies have had two years to prepare for GDPR – and all the details are known (unlike with Y2K) and 25th May 2018 is simply the date the legislation takes effect.

However the identification of risks, understanding and good data management (accompanied by transparency to explain and communicate individuals’ rights) will, the ICO believes, create a sea change of positivity over time, as organisations catch up and apply the appropriate security to keep data safe.

Being committed to good process measures and demonstrating accountability for data management will, for Amicus ITS’ Director of Technology & Governance, JP Norman create a clear sign of assurance, competence and insight, especially valuable for IT Managed Service Providers. “For an MSP, the word ‘solution’ is a dangerous thing in relation to GDPR. There is no panacea. GDPR is essentially about a collection of measures diligently applied to fully understand and map how data comes into an organisation, where it is held, where it goes to – and then ensure it is safely protected and managed appropriately at all times in an open and transparent manner for stakeholders”.

See JP Norman’s interview and thoughts on GDPR for CRN as part of their expert European panel and download the e-book for more information http://view.ceros.com/incisive-media/solarwinds-gdpr-1/p/3

GDPR (EU data protection) from an HR perspective

The GDPR will replace the mixed blend of 28 different EU Member States’ laws with a single, unifying data protection law, which should lead to significantly greater data protection harmonisation throughout the EU.   Its main objectives are threefold:

1. The GDPR increases the rights for individuals.
2. It strengthens the obligations for companies.
3. The GDPR dramatically increases fines in case of non-compliance, up to €20m(£17m) – or up to 4% of total
worldwide annual turnover.

What important changes should be on your HR team’s radar?

1             Consent – Under GDPR an employee’s consent remains a legitimate basis for processing his or her personal data. However, such consent must be “freely given, specific, informed and unambiguous” and clearly “distinguishable” Further it is important that the employee is able to withdraw their consent as easily as they gave it in the first place. In light of the clear stipulations around the form that the employee’s consent must take, it is highly unlikely that blanket data protection consent clauses in contracts of employment and policies will suffice.

2            Subject Access Requests – The right of employees to request information about the personal data processed by the employer remains broadly the same. However, under GDPR the starting position will be that the employer must respond to a request without undue delay. The current 40 days will be replaced by 30 days. The £10 fee some companies levy for making the request will be abolished.

3             New (and enhanced) Rights – GDPR introduces some new employee rights as well as enhancing existing ones. For example, employees will have a new data portability right which will allow them to request that certain personal data is transferred directly to a third party. Further, employees will be armed with a suite of so-called “delete it, freeze it, correct it rights” which are aimed at giving them more control ( in certain circumstances) over how their personal data is processed.

4              Data Breach Notification – In the UK employers must notify personal data breaches to the Information Commissioner’s Office (ICO) with 72 hours of becoming aware of it.  The term ‘personal data breach’ covers a plethora of common workplace mistakes such as a laptop or file left on a train or an e-mail sent to an incorrect address. It is important to remind employees that even apparently minor incidents must be reported internally if data has been lost or compromised.

5             Routine CRB Checks – Enhanced DBS checks will still be permitted, however if employers adopt a routine policy of conducting DBS checks on all employees regardless of role and whether or not there is an English legal requirement to that effect, this may be unlawful under the GDPR.  Although standard and enhanced DBS (Disclosure and Barring Service) checks will still be permitted under GDPR, employers (as it currently stands) will not be able to conduct routine basic DBS checks on all employees (unless their role requires them to be security cleared).

GDPR has already started to appear in CJEU’s (Court of Justice European Union) soft case law (AG Opinion in Manni)
The recent judgment of the CJEU in Case C-398/15 Manni (9 March 2017) brings a couple of significant points to the EU data protection case law:

• The court clarifies that an individual seeking to limit the access to his/her personal data published in a Companies Register does not have the right to obtain erasure of that data, not even after his/her company ceased to exist;
• The court clarifies that the individual has the right to object to the processing of that data, based on his/her particular circumstances and on justified grounds.

Organisations should be checking that all their HR staff are fully engaged on GDPR to ensure there is a comprehensive grasp of the responsibilities and actions required ahead of implementation.  How ready is your HR department?   Let us know.

 

 

C Level Execs Reveal UK Business Still Not Prepared for GDPR

Trend Micro’s recently published survey has revealed a worrying lack of recognition that GDPR is going to seriously impact UK business if left unmanaged.  The results revealed a lax attitude about the severity of what is around the corner if data protection is not diligently overseen for compliance to ensure that employees, directors and decision makers all use data correctly.  The survey stats revealed the following:

•    Senior execs shunned GDPR responsibility in 57% of businesses.
•    Only 21% of businesses surveyed currently have a senior executive involved in the GDPR process.
•    66% were dismissive about the amount they could be fined.
•    42% of businesses do not know that email marketing databases contain PII.

•    In an example given, businesses were very uncertain as to who was accountable for the loss of EU data by a US service provider – with only 14% correctly identifying it is the responsibility of both parties.

•    Businesses were broadly found to lack the expertise to combat threat:

o   Only 34% have implemented advanced capabilities to detect intruders
o   Only 33% have invested in data leak prevention
o   Only 31% have employed encryption technologies

JP Norman, Amicus ITS Director of Technology, Security & Governance urged a proactive response without delay for anyone not already taking steps.  “Any organisation that does not recognise the importance of GDPR compliance and data protection responsibility needs to wake up fast.  A data breach after next May will no longer result in the organisation facing a slap on the wrist, some reputational damage and a manageable fine.  We have worked closely with the ICO and recommend their 12 step guide as a starting point for review.  Whatever challenges businesses think we may face through Brexit, GDPR has the potential to wipe businesses off the map entirely.  For the public sector, where the purse is controlled by Government and ringfenced locally, this will become even more damaging – personally, financially and politically.  However, whereas the cap is currently £500,000 till May 2018, this corporate penalty will rise to up to 4% of global turnover or a €20 million fine plus the potential of criminal prosecution thereafter.  I would urge all organisations who have not begun their information audit to start now”.

 

Building the blocks around the smartest cryptocurrency on the market



We’re talking Blockchain – but it began with Bitcoin.

So what is Bitcoin?
Bitcoin is a cryptocurrency and a digital payment system.  Invented by an unknown programmer (or a group of programmers), it was released as open-source software in 2009. There is a market cap with Bitcoin.  The value of an individual Bitcoin has increased substantially during this time, every year more and more merchants and vendors accept bitcoin as payments for goods and services, and millions more unique users are using a cryptocurrency (digital) wallet.

Why is there a worry about Bitcoin?
There are many concerns related to Bitcoin, price volatility, doubts around legal status, tax and (lack of any) regulation, Bitcoin has been notorious in criminal activity, and is well renowned for the role it has in cyber-attacks like Ransomware.  But for believers, Bitcoin has huge upsides, de-centralised thus outside the control of a central authority, privacy, deflationary, low cost to transfer funds across borders, but most it is an attractive “store of value”.

Why is Bitcoin important?
Bitcoin is important because it requires a blockchain.  A blockchain is an undeniably ingenious invention, but since Bitcoin, blockchain has evolved into something greater.  And the main question every person is asking is – what is a blockchain?

So what is a blockchain?
The simplest explanation “Blockchain is to Bitcoin, what the internet is to email. A big electronic system, on top of which you can build applications. Currency is just one.”  Sally Davies, FT Technology Reporter.

How does blockchain work?
A blockchain is a distributed database that is used to maintain a continuously growing list of records, called ‘blocks’.   Each block contains a timestamp and a link to a previous block. A blockchain is typically managed by a peer-to-peer network collectively adhering to a protocol for validating new blocks. By design, blockchains are inherently resistant to modification of the data. Once recorded, the data in any given block cannot be altered retrospectively without the alteration of all subsequent blocks and a collusion of the network majority.   Functionally, a Blockchain can serve as “an open, distributed ledger that can record transactions between two parties efficiently and in a verifiable and permanent way”.

“The blockchain is an incorruptible digital ledger of economic transactions that can be programmed to record not just financial transactions but virtually everything of value.” Don & Alex Tapscott, authors Blockchain Revolution (2016).

Blockchains are secure by design and are an example of a distributed computing system with high Byzantine fault tolerance.  Decentralised consensus has therefore been achieved with a Blockchain.  This makes Blockchains potentially suitable for the recording of events, medical records and other records management activities, such as Identity Management, transaction processing and documenting provenance.

The entire financial, legal, and record-keeping industries are being disrupted using this decentralised, secure, and inexpensive method. It has therefore caught the eye of the Bank of England plus other large organisations including Microsoft, IBM and Cisco have consequently started to take note of it.

In summary the opportunities are infinite.

People need to understand that “blockchain” is NOT the same thing as “Bitcoin”.

Bitcoin was the first blockchain system designed, but there have been a number of others since then which are very different, designed by different people, often for different purposes. These people are in the business of designing things for use by corporations to operate their businesses to drive a competitive edge. This is no different to what Amicus ITS has been doing for 30 years, problem solving and designing solutions that deliver business value as we look constantly to the horizon at future technologies.

Click here to read our White Paper