The (Palantir) Procurement (part one)

NHS England’s staff probably shouldn’t describe their “Federated Data Platform” in meetings as “The Palantir Procurement”, but they do, which is helpful as it makes understanding what they’re doing easier (why they’re doing it will be in a different post).

The tension at the core of the Palantir procurement is something like this:

If there’s a new pandemic (wave), NHSE feel they need to be ready, and so feel they need all the capabilities Palantir advertise, but that capacity must be permanently available in case Palantir’s statements about how quickly it can be set up are untrue.

They’re not entirely wrong, but those aren’t the only choices.

NHS England came under great pressure in the pandemic, and will spend any amount of money to avoid ever feeling like that again. That is true more widely – NHS England’s middle management will spend any amount of money to avoid feeling bad every so often, especially if it gets things for them, not the hospitals, GPs, and others who actually provide care every day.

£480 million for another way to build Reproducible Analytic Pipelines seems… excessive. Especially compared to all the other environments (which cost closer to £480k).

As we say in one of the twitter threads, there’s no coherent narrative in the tender to argue against, so here’s one thread on one question, and a link to more below.

What is that money being spent on?

Branding and ads? There’s no narrative in this tender, it’s a collection of things NHS England’s data team has been asked to do, with a massive cheque attached.

Despite the narrative, we can look at the purposes named in the (CPV) categories for the tender: 

  • 30211300 – Computer platforms
  • 72000000 – IT services: consulting, software development, Internet and support
  • 48610000 – Database systems
  • 72322000 – Data management services
  • 48612000 – Database-management system
  • 48613000 – Electronic data management (EDM)
  • 72317000 – Data storage services
  • 72319000 – Data supply services
  • 72310000 – Data-processing services

No healthcare, no logistics, no doctors, no patients, just data processing. 

But then we look at the initial uses:

NHS England also proposes to run parts of the NHS logistics system off Palantir – NHS England is not responsible for logistics, it just wants more dashboards. Dashboards are reasonable for managers who don’t deliver anything, but the full table excludes logistics experts from bidding on a logistics system. Why?

NHS England proposes to run virtual wards out of Palantir. NHS England doesn’t currently run any wards (those are run by your hospital), but it wants all the functions as if it did? Will care go from your hospital to the national funding body that is NHS England? Will this EPR be accredited? Will NHSE be inspected by CQC?

It makes no sense at all to glue together the logistics system for vaccines with the patient records for inpatients, but that is what NHS England data team wishes to do. All of the discussion about interoperability doesn’t seem to extend to their procured hospital EPR functions connecting to their procured logistics functions.

When drawing the interoperability diagrams, why isn’t logistics in here like the EPR functions? Why have only one system other than the historical artifact of incumbency? 

There is no reason that these are in the same procurement bucket – there are many EPRs, and many logistics systems available, but how many companies offer both to the level that can match the incumbent supplier? Given the massive expense being incurred, one hopes they would at least ask for most-favoured-nation on pricing and features.

It will be difficult – when trying to cover up the proprietary terms that were papered over in some places, but missed in others. The term “PBAC” is defined as “Policy Based Access Control (PBAC) model” in one place, then also referred to as a “purpose based access Control” elsewhere, which just happens to be the Palantir  brand name for that exact functionality.

The Palantir PBAC functionality is good, but it’s only useful if it’s used, and it can only be seen as trusted, in the TRE sense of the term, if it’s transparent. This is merely an incompetent coverup. Meeting the minimal legal obligations to the public will not be enough, and is not enough if you wish public confidence in your actions..

It’s unclear whether “data cleansing” and “data enrichment” can be done via API access alone. Which means there will be copies of data made, and one of the forthcoming twitter threads will show just how much data needs to be copied (what it comes down to is: everything). How many copies of data will each tender respondent create? How will patients be told when these extra copies leak? Because sooner or later, they always do.

Palantir’s entire operating model is sucking data out of other databases into their own systems – that was a choice on their part, and continues to be a design choice on their part, and it doesn’t have to happen. Tender respondents could create their tables and do cleansing in their own tables within the data controller’s existing database systems – it would add some complexity for contractors, with the benefit to the NHS that there would be no copies created outside of existing systems.

NHS England claims it has no obligations to move forward beyond this prospectus, which seems politically untenable given all the work that has gone into it. However, whether there are enough respondents who can respond to a big unique prospectus like this is unclear. NHS England has banned the GP IT suppliers from responding – those suppliers would avoid the highest risk consequence of this tender: the need to copy much data (they already have almost all of it).

It’s not a good tender, but it’s also the best you can get when you mix up NHS England’s sociopathic micromanaging with blame culture and the fear of anything they don’t absolutely control, and say to the data team, you’re now responsible, it’ll be your fault.

So the data team went to the market, showed the mess, and asked for ideas, which are all phenomenally expensive as NHS England want the headline contact to transfer all the mess onto the successful bidder, who in the small print will shift it all back again. 

Data is not the problem. Analytics aren’t the problem. Analysts could do all the legitimate analytics they wanted in any one of the Reproducible Analytical Pipeline environments that NHS (both opensafely and NHSD’s TRE), ONS, HMRC, or others use, but in all of those existing, functional, working environments, they have to write down what it is they want to do, and then the analytics get run; the appetite for that currently seems to be zero because of the obligation and necessity of writing it down.

We hope OpenSAFELY continues to exist after the current temporary extension ends in a couple of months – the scope of that existence will show the desire for modern ways of working and trustworthy analysis environments. But no one ever got fired for buying IBM Palantir, and the momentum for budgetary excess that comes with it. 

We have a twitter thread of threads about the tender which starts here, and will probably be more specific and more up to date as things evolve. As we write more documents on the tender, we’ll talk about them in twitter threads or future blog posts, and they should also appear here:

(a line that was unclear was clarified on 23rd Jan)