Open in app

Sign in

Write

Sign in

Weeknotes s02e01

TL,DR: First week back after break. Taking stock on Cloud, Office 365 & Cyber Security progress and & the work programme ahead. Revenue business cases. Saying farewell to the boss.

Jaswant Singh Sagoo
8 min readJan 12, 2022

[W/C 03/01/2022]

Happy new year to all! been a while since my last weeknotes in November ’21 mainly due to a really busy lead up to Christmas. New year being here and all, fresh starts and the sound of making it to season 2 was too hard to resist to get back to weeknoting this week. Short working week this week, with a fair bit crammed in and also some reflections mixed in from the end of last year, so here it goes…

Who did you talk to outside your organisation?

Spoke with the Cloud Project Team at Phoenix, caught up with AMP funding progress for Sentinel and AVD, next steps and our roadmap ahead. Planning in full swing to start Wave 4 post the current change freeze window. Also items that we need to pick up in the coming weeks around Group Cloud Options and next steps. I had arranged a number of KGH/NGH Group workshops with Phoenix to discuss Azure Cloud tenant and landing zone for the Group prior to the Xmas break. This was quite a challenge in getting everyone together given the busy period before xmas, although I felt it was important we had senior and exec level attendance from across the Group to ensure the vision and expectations for cloud were set out as well as reviewing our current position at KGH and NGH going forward from currently on-prem services.

Myself and Mary were keen on exploring how we can leverage the work already done at KGH over the last 9 months and also knowing that by March 2022 we will have completed our ‘in scope' server migrations to Azure. Ian articulated our Group Strategy design principles — doing it once for both and doing the hard work up front to make it simple for our users and the vision for Cloud in a Group setting. Our key focus will be to ensure that when clinicians are moving between the two hospital trusts the user experience is as seamless and easy for them as possible. Reducing the number of logins, increasing accessibility and irrespective of which hospital they are based at. Easier said than done, given our starting point is 2 sovereign Trusts with their own local AD domains. We have had some initial workshop outputs where we managed to whittle down from about 16+ options down to a consolidated 3. They each cover a spectrum of risks and each with different timescales and caveats.

  • Option 1: Create a totally new UHN Group Landing Zone and Tenant, and migrate KGH and NGH services into it. If we were green field and I could roll back 9 months this is what we could have done. However the organisations were not there yet to enable this and still in part a challenge today. In the present it also means another migration for KGH based services.
  • Option 2: Create a new NGH landing zone and tenant and look at a KGH/NGH migration to a Group Tennant at a point in the future. — Easiest option and the path of least resistance with a clear set out template to follow from KGH experience. This feels like a bit of a cul de sac move, given our end goal is a single group based cloud infrastructure with single or seamless user identity for access to systems regardless of location. Also means another migration for KGH and NGH based services, doubling down on the disruption to end users.
  • Option 3: Utilise the existing KGH tenant as the Group tenant and migrate NGH services. (Preferred) This is the most complex of the options, but looks to be doable with some networking issues to resolve. It also looks like the shortest path with less user disruption.

Currently leaning towards Option 3, although we need to yet do the due diligence and understand the operational risks.

Moving past financial and Information Governance challenges eg Data Controller, EA subscription owner, which hospital funds the Group tenant, etc, the biggest technology challenge will be how we move forward with identity management as a Group of Hospitals. My present view is the sooner we start work on a converged single AD domain the better given the timeframes involved in such a move. Also need to look at how we leverage NHSmail which is hosted on the NHS central tenant. Things in the mix, Azure Virtual Desktops (AVD) and NHSmail Azure based authentication. Hoping to discuss this with NHS Digital colleagues who I reached out to before the Xmas break. Having a Central NHS Tenant for all things Microsoft 365 and then our own Azure Tenant for our data centres for everything else is a complex set of problems to work through.

I will be reviewing options over the coming weeks to make some recommendations on next steps based on a balance of risk, timescales, being bold and keeping us in focus with our Digital Strategy. The opportunity to get this right is really exciting albeit complex given the current landscape. Looking forward to unpicking and working through this in 2022.

What would you have liked to do more of?

Worked on progressing iGrow implementation just before Xmas and missed out in being able to attend some of the technical meetings this week post procurement in December 2021.

iGrow is a new system for recording paediatric growth charts and one of our first straight to cloud services as opposed to on-prem, which is how we would have done it before. It’s been interesting working on the design for the infrastructure as the next phase includes further integration with KGH EPR systems and the potential for NGH using the same instance in the future and how we could enable this.

What do you wish you could have changed?

This week was particularly challenging and not one I was looking forward to albeit being the first week of the new year. why? ian roddis, Digital Director left KGH at the end of this week. People move on its part of professional life, but I must admit this one was harder. He has been not only an amazing boss to work for on multiple fronts and a great mentor. Some of the work we have done at KGH just wouldn’t have happened at the rate it did without Ian driving it from an Exec level, for me this was the case with both Cloud, Office 365 and new ways of working with introducing Agile. How he managed to make the time for cloud programme standups twice a week and O365 on top of everything else he had on his plate was beyond me. The grasp on complex situations, solutions and the ability to ask the right questions at the right time in the right way and also the grace when not to, (at times you intrinsically knew you had missed a ball even when no words were said, just full on support). A great humanbeing first and a great leader, who saw the individuals and their wholeselves and never shied away from a difficult conversation but always kind. Will miss that tremendously on a day to day basis. He made himself available to everyone, and never struggled with diary tetris when we needed him. He definitely broke the mould for a Digital Director and set the bar high.

What challenged me?

Late Thursday evening was informed that we need to get high-level summary business cases together for next year’s large revenue spend and that they are due next week. Thankfully an extension is being negotiated as we have only just been notified. So I had a scramble around with the relevant people to try and pull some of these together next week whilst trying to workout what some of our forecasting will look like for Azure Cloud, Cyber Security, Office 365/NHSmail projects for the coming year, eg InTune, SCCM… difficult to do in less than a week given some of the thought process needed and ideally would need workshopping with a wider audience. Hopefully first round is a marker in the ground and we still have the opportunity to do this and put some meat on the bones for the cases later.

What did you enjoy?

Farewell lunch with ian roddis.

What did you achieve?

  • Caught up on progress with Cloud and next steps with the programme of work. Wave 3 completion and mop activities along with Wave 4 planning underway.
  • Review of progress on the N365 Programme for Office 365 so far and next steps. One Drive migrations completes and just the complex permission fileshares left on prem to do now. Areas which were 100% AfE licence users have been mostly deployed to usitlising 1400 plus licences. The next phase of deployment will be more complex as we are rolling out in mixed licencing areas with both AfE and E3/R (Office Online Only). A number dependencies have now been worked through and removed some smaller systems are still being worked through. Our approach so far has been to use E3/R wherever we can. However, we have also increased our AfE licence count to accommodate dependencies we are not going to be remove in the next 12 months. Also discussed phase 2 of the Programme around InTune/SCCM deployment, NHSmail same sign on etc Meetings planned to kick these off shortly.
  • Cyber Security business case for Ordr was pulled together just before Xmas and approved at Investment Management Committee (IMC) for governance as this was a fully funded business case - we were successful in securing NHSx funding through a bid process. Procurement is now progressing with implementation commencing in the coming month.
  • A second cyber security business case draft is almost ready to submit to IMC for the 2nd successful bid for IT Health Cyber Security Assurance Dashboard this month.
  • Caught up with Dave Smith who took up his new role this week as Group Head of ICT across both KGH/NGH hospitals. The next 6 to 12 months will bring much needed change to enable a more Group working model for IT as per the Group Digital Strategy. Will no doubt be a challenging period for everyone but also opportunities and possibilities for staff and our end users.
  • Caught up with Natasha regarding Cloud AMP funding, timescales for AVD delivery and Project Management cover for it. Also went through which high level revenue business cases we need to get ready for next week for 2022/23 budget setting.

What did you learn?

If at first you don’t succeed try again… was my mantra leaning into Friday Struggled with some parts of this short week so needed a reboot and look at things from a different perspective and keep a positive focus!

What are you looking forward to next week?

  • Initial discussion with NHS Digital colleagues to discuss how the NHSmail identity could work across our Group setting with our own Azure Cloud tenant data centres.
  • InTune Project kick off meeting.
  • Regroup project meeting on progressing Azure Windows Desktop (AVD).
  • Monthly KGH Cyber Security Group meeting.
  • Start reviewing Cloud options for our Group Model.
Nhs
Azure Cloud
Office 365
Nhsmail
Cybersecurity

--

--

Jaswant Singh Sagoo

Written by Jaswant Singh Sagoo

41 Followers

Husband. Dad. Sikh. Associate Director for Enterprise Architecture - iDigital (Alder Hey Children's and Liverpool Heart & Chest - NHS Hospitals) Views my own.

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams