Evariste

When Dalo, the pro­ject man­ager, received the call that morn­ing, she did not expect that it would last for so long. Frida, the IT man­ager at the hos­pit­al, was frantic: someone has been chan­ging the prices of pros­theses in some of the invoices sent to the insur­ance com­pany. How was this pos­sible? The billing applic­a­tion used an advanced access con­trol and secur­ity sys­tem.

Before end­ing the call, Dalo prom­ised to invest­ig­ate the mat­ter and revert dur­ing the day. She put the phone down and worked her way through the work­flow. She was look­ing now at the screen that allowed the billing man­ager, or his replace­ment, to veri­fy the bills before send­ing them to the insur­ance com­pany. It was only at this point that the secur­ity sub­sys­tem allowed price modi­fic­a­tions. Only two people had the per­mis­sion to access this field on the screen.

Dalo recalled a con­ver­sa­tion with Frida about an audit trail. She remembered Frida’s reluct­ance to invest in an expens­ive fea­ture that will call on a mem­ber of her team to pro­duce audit reports, full time. This would sat­is­fy every whim and fancy of the aud­it­ors and the hos­pit­al man­age­ment. The applic­a­tion had thou­sands of tables, the pre­par­a­tion of audit reports, although abated by the report design­er, would need the cre­ation of views to relate numer­ous list of val­ues to their descrip­tions, and this was tedi­ous, lengthy, and time con­sum­ing.

However, today, this would have been handy, as the sys­tem would have logged the modi­fic­a­tions, their author and oth­er inter­est­ing tid­bits… Frida could have caught the cul­prit in no time, vin­dic­at­ing the long days of report writ­ing.
Nevertheless, Frida for­got that so many things could change in a flash. Does she or the IT admin­is­trat­or have the time to look through the mul­ti­tude of reports that the audit trail will gen­er­ate?

This is a real story. Businesses face sim­il­ar situ­ations every day. Wouldn’t it be nice if such a fea­ture were included in applic­a­tions, espe­cially if it did not require the ded­ic­a­tion of a pro­gram­mer? How about being able to cre­ate, on the fly, all the asso­ci­ations between SKU’s and their descrip­tion, cus­tom­er codes and their names, invoice head­ings and their lines, items and their seri­al num­ber and a lot more…?

It would also be great if we could look at the his­tory of all events related to the fields on a dis­play, on the mul­ti­tude of tabs (mod­ern user inter­faces include these to sim­pli­fy our life, so they say) attached to this screen, and, the hid­den data­base inform­a­tion affected by vis­ible changes. Moreover, for those who prefer to read it on paper, a full dis­clos­ure report, without writ­ing a single line of code, would have been be nice. Could we alert Frida of these changes? On the spot, on her screen, by email, SMS or through a daily report delivered, every morn­ing, in her inbox.

As usu­al, there is also the clev­er one who will want to audit the user-defined fields: right? These should also be included again, without wast­ing the pre­cious time of Frida.

Dalo sug­ges­ted these fea­tures to Frida. And Frida, in a des­pond­ent mood, would not end the con­ver­sa­tion on a pos­it­ive note: she wanted oth­er fea­tures added to the applic­a­tion, because she said, we should also pro­tect the secrecy of the patients’ inform­a­tion. Only the per­son­nel of a spe­cif­ic ward should be able to see the files of the ward’s patients. At last, the “data mask­ing” request! A fea­ture that legis­lat­ors dream of and ana­lysts debate upon wak­ing-up from its night­mare. What else?

Our major con­cern, she thought, was that, even if we could include these fea­tures in the new applic­a­tion we were devel­op­ing, how to apply it to all the mod­ules of the base applic­a­tion?

The pro­ject dir­ect­or had the answers… he was in a pred­at­ory mood… these require­ments, and oth­ers, we dis­covered, were the facets of a single issue: how to devel­op once and use every­where…