I’ve been involved in a recent NHS Orkney project to replace printed materials in Board meetings. The project has received a fair amount of attention in the press. As a result, we’ve had lots of enquiries from other organisations about the details of the project. I put together a handout which tries to cover all the questions we’ve received so far. My boss has kindly agreed to let me host a version of the handout here on my blog. Doubtless there are ways we could improve on what we’ve done – I’d love to hear any suggestions via the comments:

Aim of the project – Paper-light meetings of the NHSO Board in order to make significant cost savings on printing, binding, etc.

Why iPads? – The other options we looked at were laptops or Kindles. The Kindle was not a viable option because it has no encryption or enterprise wifi. Laptops were not desirable because limited battery life meant all members of the Board would have to be plugged in to mains power for most of the Board meetings. In addition, our experience with iPhones led us to believe that iPads would require less IT support than laptops, further lowering the cost of ownership. Purchase price of laptops and iPads were similar. (For more info, see Benefits below.)

Device management – This can be done using the iPhone Configuration Utility. It doesn’t offer the same degree of device-lockdown which (for example) Blackberry offers, but it does allow you to configure all the necessary settings with a few clicks of the mouse, or even by sending the (encrypted) configuration file to the iPad via email. We use this to configure wifi, certificates, VPN and NHS Mail. Our goal was not to restrict what a Board member could do with their iPad, but to make it easy to set up and use securely. Security: configuration files are encrypted for each individual user/device and password protected. [UPDATED: Definitely worth taking a look at the new OS X Lion Server product. It has much better configuration, webdav file sharing and integrates with Active Directory. Unfortunately, you need a Mac computer to run it, so I doubt I’ll be getting a Lion Server anytime soon.]

Wifi – We have an enterprise wireless solution which was created as part of a previous project. It uses a combination of user/device certificates, WPA2/AES encryption, 802.1x authentication to a Microsoft IAS server on the backend. Unfortunately, the wireless only really covers the meeting rooms plus some of the wards, and all access points have to be configured individually – we hope to sort this out with a more comprehensive solution in the future. We bought the wifi+3G version of the iPad, but the Board Members have to buy their own SIM card if they want to use the 3G connection. [I don’t think anyone has bought a SIM card as yet.] Security: I don’t know of any potential security exploits for this type of wi-fi network.

Documents – The main purpose of our iPad project is to deliver the NHS Orkney Board papers to the Board Members. This is achieved by using our in-house website as a WebDAV store for documents. [We’ve had a blog/wiki product called Traction Teampage for the past four years – it allows everyone to do their own content management without the need for IT or a website editor. It also works as a webdav server.] The Board administrative support staff create a separate WebDAV folder for each of the Board members and populate it with the relevant PDFs. The GoodReader app on the iPad is used to synchronise the content of each Board member’s WebDAV folder to their iPad. They can create an annotated copy of each (PDF) document, and when they next sync to the WebDAV folder, the annotated copies are backed up at the same time that any new/updated files are downloaded. The GoodReader app is an excellent piece of software, with great flexibility in annotating and navigating documents. Security: The files stored on the website are only accessible to the Board. GoodReader encrypts the files stored on the device while is passcode-protected, see this link for more detail. Passcodes are enforced by NHS Mail mobile device policy. (I can’t link to the policy document as it doesn’t seem to be accessible outside of the NHS Mail web app.)

VPN – Getting the Board papers from our internal WebDAV server requires that each Board Member can connect over VPN. The iPads have been setup to use the N3 VPN.

Syncing with iTunes – This is one of the bits which is not quite right yet. Currently, you have to sync with iTunes on a desktop computer to backup, add photos, add music etc. Our Board Members do this (if at all) on their home PCs as they don’t have machines here in the hospital. I can’t offer them any support for the equipment they use at home, of course, so it’s not ideal. Security: NHS Mail mobile device policy enforces encrypted backup in iTunes.

App distribution – Another problem was how to give the GoodReader app to each of the Board Members. We wanted to let them have their own Apple Store ID, so that they could buy their own apps. In the end, we had to help each person get an Apple ID set up, then email them the GoodReader app as a gift. The next version of iOS includes the facility to make bulk purchases of apps and send them out to employees.

NHS Mail – All Board members get their iPads with their NHS Mail account already setup. The reason is not simply that we want to encourage use of NHS Mail, but also to enforce a range of security features, including passcode lock and encrypted storage. I frequently get asked about the perceived poor security of the iPad/iPhone in comparison to the Blackberry. This may have been true a couple of years ago, but it’s simply not the case anymore. See this link for example. I suspect that people often confuse security (i.e. unauthorised access to data on the device) with control (i.e. stopping people being able to do anything except work-mandated tasks with the device).  Security: As per the NHS Mail policy, all email, calendars, contacts downloaded from NHS Mail to the iPad are encrypted.

Rollout – We timed the rollout of the iPads so that the Board Members had the maximum time to get familiar with the devices before they used them in a full Board meeting. I did a 45 minute workshop where I demonstrated the basic use of the iPad, starting with how to use the cover, screen brightness, that sort of thing. There have also been quite a number of one-to-one sessions with individual Board members, and I make myself available for half an hour before each Board meeting to help in whatever way I can. The Board administrative support officers also help Board members when they get stuck, and there are a couple of the Board themselves who help other members. I must confess that I’ve been surprised at how quickly the iPads have been adopted, and by the relatively low number of problems/complaints. Almost all the problems we’ve had so far have been related to VPN/network/NHS Mail passwords, which is a perennial problem whatever system you are rolling out.

Board Papers – We are saving a lot of time by not having to print, bind and distribute papers.  We combine our documents for each meeting into one PDF file, with a table of contents which allows navigation to each agenda item.  The Board members are emailed to let them know that the papers are available in their folder on our WebDAV server, and they then sync their folder in GoodReader to pick up any documents which have been added.  We have put copies of all the meeting papers for the current year 2011 in their folders so that they have easy access and can refer back to previous reports if needed.

Benefits –The simplicity of the iPad pays off in that we get far fewer support calls than with laptops. The simplicity and consistency of the user-interface means that the less tech-savvy users are more open to using the iPad than a laptop, especially given the convenience of a portrait screen for reading documents. Battery life is far better than that of a laptop. One of the unforeseen benefits is that the Board Members use their NHS Mail email/calendars/contacts much more than before, which is of benefit to everyone involved e.g. for arranging meetings, improved email security, etc.