Horst Herb wrote:
>
> But you are damned right about your view of interoperability. I start getting tired
>listening to all this "sophisticated" bullshitting of "software-primadonnas" who
>obviously have lost contact to reality. (Flames -> NUL)
>
I appreciate your point of view, although I rather suspect I am on your
list of primadonnas.
>
> Medical software needs to be secure, fast & user friendly.
>
Well, I hate to do it again, but every real security expert I know would
say, pick one or two of the three, but you can't have all of them at the
same time. (And before you think this is more theoretical bullshit, read
on.)
>
My 16 years of involvement with medical software has shown me plenty of
systems that got developed quickly by a small number of people and were
small and to the point, at least initially. Every single one of them is
dead now. No sustainability. On the other hand, the administrative
nightmares of buying big-time vendor software and trying to make it
inter operate is rightly a descent into hell, you don't have to convince
me of that! I have lived and worked in it. But it does seem
sustainable, at least it keeps a fairly large scale enterprise running.
So, I think we need something in the middle. Something that is bigger
than a small project group can actually manage, but something that can
be built up from well engineered parts. To me that's what this
discussion is all about. The software industry up until recently, has
not provided such a capability that every other engineering profession
takes advantage of. I can put in a state of the art HVAC system into my
house without really understanding how it was designed, but I will have
to understand a few basic interfacing concepts. If I tried to design
one from scratch, it would probably be a disaster.
For example, I have spent the past five years descending into the
bowels of security and I can really tell you all one thing, you can't
develop a security product that will work on your own. You really want
to use an existing architecture and engineering work....even then, you
will have to hire a top flight security engineering team to review your
integration work...If you don't think so, you havn't been paying
attention to all those bright folks at Netscape and Microsoft, who added
a little security architecture to the web, hired some of the top five
security experts outside of the military to supervise it, and then spent
years getting spanked in public over implemenation flaws. And this was
on a browser/web server system which is order's of magnitude less
functional than any medical patient oriented requirements I know of.
