Based on the information below. Make a Findings of it "SystmOne Clinical computer system error case study":( own answer ) Elaborate and more comprehensive
•Introduction by providing how important or crucial IT /IT audit is in healthcare and how IT AUDIT FAILS (PROVIDE A THEORY OR RELEVANT EVIDENCE LINK)
• Identify the key problems you have identified by:
• presenting the central issue(s) under analysis,

 

Case:
The SystmOne scandal was a case of software failure that affected the health of many patients in England. It involved a bug in the SystmOne clinical IT software, which was used by some GPs to assess the risk of cardiovascular disease (CVD) in patients and prescribe statins accordingly¹. The bug, which was present since 2009, caused the software to miscalculate the risk of CVD by using the wrong algorithm². As a result, some patients may have been wrongly put on statins or taken off them, potentially increasing their risk of heart attack or stroke².

The bug was discovered in 2016 by a GP who noticed a discrepancy between the SystmOne risk score and the QRISK2 score, which is the recommended tool for CVD risk assessment². The GP reported the issue to the Medicines and Healthcare products Regulatory Agency (MHRA), which launched an investigation and contacted the software developer TPP². TPP admitted the error and apologised unreservedly for the fault¹. The MHRA estimated that about 270,000 patients were affected by the glitch, of whom about 2% (5,400) may have received incorrect treatment².

The MHRA advised GPs to review the records of the affected patients and contact them if any further action was necessary¹. The MHRA also said that the risk to patients was low and that there was no evidence of harm or adverse events caused by the error¹. However, some experts and patients criticised the MHRA for downplaying the impact of the scandal and for not informing the public sooner². Some patients also expressed anger and frustration over the lack of transparency and accountability from the NHS and TPP².

The SystmOne scandal raised questions about the quality and safety of the software used in the NHS and the need for better regulation and oversight of the IT systems². It also highlighted the importance of data sharing and consent, as some patients who opted out of having their data used for research and planning purposes were also affected by the breach¹. The scandal prompted the introduction of the national data opt-out programme, which allows patients to control how their health data is used without involving their GP¹. The scandal also led to a legal action against TPP by a group of patients who claimed compensation for the damage caused by the software error³. The outcome of the lawsuit is not yet known.

The SystmOne scandal can be an area of topic for a case study that focuses on IT control audit because it involves a software failure that affected the health of many patients and exposed the weaknesses of the IT systems and controls in the NHS. A case study on this topic can examine the following aspects:
- The causes and consequences of the software error, such as how the bug was introduced, how long it remained undetected, how it was discovered, how many patients were affected, and what were the potential health risks and legal implications.
- The roles and responsibilities of the stakeholders involved, such as the software developer TPP, the regulator MHRA, the NHS, the GPs, and the patients, and how they communicated and coordinated with each other to address the issue.
- The lessons learned and the recommendations for improvement, such as how to prevent similar errors from happening again, how to improve the quality and safety of the software used in the NHS, how to enhance the regulation and oversight of the IT systems, how to increase the transparency and accountability of the data sharing and consent, and how to compensate the affected patients.