Board directors don't have to be experts in technology to make key decisions, in the same way not every board member needs to hold financial qualifications to sign off the trust accounts.

While leaders don't need to be experts, they need to ask the right questions. Based on their experience working with governments, corporations and large public sector organisations, the Public Digital team has suggested a short list of questions that board members – both executives and non-executives – may wish to consider when thinking about the trust's approach to technology.


  1. How well is technology working for our staff and patients?
    It's important for boards to understand what technology is working well and where the pain points are. Sometimes there is a gulf between the promise of technology – greater efficiency, lower costs, safer care – and the reality for staff who may be grappling with clunky systems that don’t talk to each other. Have you assessed whether the benefits of previous technology investments have been realised, or what stopped them being realised? The best way to find out what’s really going on is to speak to patients and staff and try out systems for yourself.
    See: Getting closer to the user experience

  2. Are we making the right technology investments?
    Given limited budgets, boards should aim for a balanced portfolio of technology investments. This will be a mixture of 'keeping the lights on' and making improvements, fixing the basics and investing in transformational technologies. Sometimes large technology projects can be seen as 'too big to fail' – boards can play an important role in making sure the trust is investing in technology that delivers real value to patients and staff. Investment in technology alone is unlikely to result in true transformation, you'll need to back it up with investment in clinical and operational change too.
    See: Making choices

  3. What's our biggest current technology risk and how do we plan to address it?
    Technology is at the heart of modern healthcare, which means that when it goes wrong it can have a severe impact on your trust's ability to operate. Board leaders have a duty to understand technology risks, and make sure the trust has a credible plan to address them. This means acting on risks, not just documenting them.
    See: Managing technology risks

  4. Do we have the right technology skills?
    It is becoming more common across the NHS to build technology expertise in-house, rather than rely on an entirely outsourced model. Even if your trust uses off-the-shelf systems, you will need some in-house technology skills to piece it all together and make sure it meets the expectations of patients and staff.
    See: Building and enabling digital teams

  5. How do we avoid making the wrong technology decisions?
    Most board leaders will have experience of a technology project gone wrong. While there is no guaranteed way to avoid technology failures, there are some practices that make them less likely: focusing on outcomes for patients and staff, involving clinical experts early, avoiding hype technologies, starting small, testing and then iterating. It's likely that other organisations – both inside and outside the NHS – have tried to tackle similar challenges, so we’d advise looking sideways and seeing how technologies are working in practice elsewhere.
    See: Avoiding bad decisions

  6. What's our approach to Electronic Patient Records (EPR)?
    Determining your EPR strategy is likely to be the single biggest technology decision your trust makes – you will be living with the consequences of this decision for many years to come. Whether you adopt a trust-wide EPR or undertake a 'best of breed' approach, boards should be aware of the realities and risks: lock-in, costs, commercial models and how implementation will work.
    See: Understanding EPRs

  7. What's our plan for both care and technology system integration?
    With integrated care systems (ICSs) high on the national agenda, technology will play a critical role in system integration. There’s no one-size-fits all approach: shared care records are getting traction, while some trusts are planning to share systems and resources with other organisations. Although interoperability can be a dense, technical subject, board leaders should understand the fundamentals of the trust’s interoperability strategy.
    See: Before you start and Understanding interoperability

  8. How are we defending against cyber attacks?
    Good cyber security is critical to establishing technologies that are trusted and used widely. Boards should beware of security misconceptions that could prevent them from adopting modern technologies or using data to improve care. Most cyber attacks exploit well-known weaknesses: out of date systems, poorly secured user accounts and staff deceived by malicious actors. Boards should make sure the trust is implementing triedand-tested cyber security practices, and ensure these controls are regularly tested.
    See: Managing technology risks

As ever, the role of the board is to seek assurance, which involves the triangulation of evidence. What is reasonable to conclude from what you've read, what you've seen and what you've heard? And are the answers based on more than anecdotes? This guide goes into more detail on each of these questions.

As a chief executive I need to be close to the procurement, implementation and optimisation of the technology. I need to be a supportive champion in a way that lets people know this is a top priority. This may mean other projects may have to be sidelined for a period of time so as not to overwhelm people.

Sue Jacques    Chief Executive, County Durham and Darlington NHS Foundation Trust