The HSE’s Chief Information Officer (CIO) told a special meeting of the Executive’s performance and delivery committee that it would be difficult to achieve completion of “all agreed” information and communication technology (ICT) projects this year.
At the meeting on 16 November, Interim CIO and CEO of eHealth Ireland Mr Fran Thompson provided a “high level overview” of the e-health and ICT capital plans for 2022. “The CIO noted that the ICT and e-health capital funding available in 2022 is €130 million, an increase of €10 million on 2021,” according to minutes of the meeting. “It is less than what was requested to complete the planned projects for 2022 and it was noted balancing the investments across the demands of both the foundational and the transformational strategic imperatives simultaneously is the challenge of… 2022.”
According to the minutes, the CIO stated: “It will be difficult to achieve completion of all agreed projects while continuing to deliver on the multiple priorities that the organisation has articulated.”
“The current focus is to decide on which programmes will proceed and which will have to be held off. The challenge is to balance the available ICT capital, ICT staffing, associated service staffing, and the ability to absorb change to deliver the ICT change programmes and at the same time continue to deliver services.” The committee also discussed how cyber security is being addressed in the ICT capital plan for 2022 in the wake of the cyberattack last year.
The CIO told the meeting that “the HSE is moving their infrastructure to a predominately cloud-based infrastructure and that reducing on premises footprint is critical to improving the overall security profile”. “All new solutions will be cloud-based wherever possible and existing solutions will also be moved to the cloud wherever possible, while managing the disruption…. This will take a number of years and will require investment in several areas within the infrastructure area.”
Last month, the HSE published an independent review into the cyberattack on its IT systems. The review found that “there was a lack of structures and processes in place to deal with the incident”.“It is clear that our IT systems and cybersecurity preparedness need major transformation,” the Chair of the HSE board Mr Ciarán Devane said, following publication of the review. “This report highlights the speed with which the sophistication of cyber criminals has grown and there are important lessons in this report for public and private sector organisations in Ireland and beyond.”