Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Australia Government Medicine

South Australia Refuses To Stop Using An Expired, MS-DOS-Based Health Software (abc.net.au) 230

jaa101 writes: The Australian state of South Australia is being sued for refusing to stop using CHIRON, an MS-DOS-based software from the '90s that stores patient records. Their license expired in March of 2015, but they claim it would be risky to stop using it. CHIRON's vendor, Working Systems, says SA Health has been the only user of CHIRON since 2008 when they declined to migrate to the successor product MasterCare ePAS.
SA Health has 64 sites across South Australia -- all of which are apparently still using the MS-DOS-based health software from the 1990s.
This discussion has been archived. No new comments can be posted.

South Australia Refuses To Stop Using An Expired, MS-DOS-Based Health Software

Comments Filter:
  • If they pay the license fee, what does it matter what version they use? XP should be available along side 10.
    • Re: (Score:3, Informative)

      by Lirodon ( 2847623 )
      No, they can't pay the license fee. They will no longer sell the license because it is end-of-life, but using it requires a license, hence the software may no longer be used by anyone.
      • Re: (Score:3, Insightful)

        by Anonymous Coward

        Fuck them! Keep using it!

        • Good for them! (Score:5, Insightful)

          by freeze128 ( 544774 ) on Sunday June 19, 2016 @10:21AM (#52347137)
          A DOS based software product is likely to be more secure from remote hacks, and from cloud-provider based security breaches. Thanks to VM technology, this program could be usable for decades!
          • Re: (Score:2, Interesting)

            by subanark ( 937286 )

            I would think it would be more risky. Chances are the data is replicated on every machine, and is "transmitted" (network or copy by physical media) in an unencrypted form. In general I would consider it less risky using a newer system that doesn't store all the data in one place. Microsoft, Amazon, Google spend a lot more effort in securing their data than pretty much any other tech company.

            Also can you provide examples of "cloud-provider based security breaches"?

            • by Khyber ( 864651 )

              "cloud-provider based security breaches"

              CloudFront has almost no security, so websites using their stuff for a CDN get their artwork ripped all the time.

            • Using virtualisation and a VPN at the hypervisor level, you can present an unencrypted network to the DOS software which is secure and encrypted when viewed from outside. MS-style EOL tactics should be outlawed in health software. Patients lives are more important than making money. If SA Health has a perfectly funtional system, the original vendor should be required to make their software maintainable past any business motivated EOL. That is the big problem with proprietary solutions.

            • by tsotha ( 720379 )

              I would also bet it's more risky - back in the MS-DOS days only governments worried about security desktop machines. There are probably all sorts of holes that would be considered security malpractice today. The only way to even sort-of secure it would be to have it running on VMs off it its own little world.

              I worked for the US DoD as a contractor. When faced with the same situation (a program running on, of all things, Microsoft Xenix) we bought, not just a license, but the program itself including sour

          • And what happens when some unsigned index counter wraps around and the database gets corrupted? At some point even the best written software needs bug fixes.

            • And what happens when some unsigned index counter wraps around and the database gets corrupted?

              Given the age of the software, it wouldn't surprise me if they used a common database format where the structure can be interrogated by SA Health's IT department. They have probably already looked for problems like that. I would also think that they have probably found all the bugs that they are going to find from some 30 year old software.

              I think that it is fairly safe to keep using this until EPAS is rolled out either later this year or the next. It's not like they are going to try to keep using this soft

            • by tsotha ( 720379 )
              You'd think by now that kind of stuff would have been worked out of the system.
            • by dbIII ( 701233 )

              And what happens when some unsigned index counter wraps around and the database gets corrupted? At some point even the best written software needs bug fixes.

              Then you restore from backup.
              Do you really think they have used this software for decades without some problem forcing that already?

              One important factor not mentioned in the article is that IBM seriously fucked over the Australian state of Queensland over a failed software migration for the health department there and the cost blowout was enough for it to be the major factor for a lot of people in politics to lose their jobs. People in politics care about their own jobs more than anything else. Until a f

          • by Macfox ( 50100 )
            Except it's not DOS based. Dumb journo's see unix terminal app = DOS. It runs on SunOS FWIW.
    • by Yvan256 ( 722131 ) on Sunday June 19, 2016 @09:43AM (#52346963) Homepage Journal

      If I understand correctly, their CHIRON license expired in March of 2015 but Working Systems doesn't want to renew it.

      So Working Systems are suing South Australia for using a product without a license but won't renew said license.

      I can't wait to see the court verdict on this one. It smells like abandonware to me. It probably won't help with old software in the rest of the world but it could set a legal precedent for Australia. Microsoft doesn't want to sell Windows 7 licenses anymore in a few months? You can legally copy and use it.

      • Re: (Score:2, Insightful)

        by Anonymous Coward

        They've probably paid the development cost 10 times over by now ...

        This is why open source folks. Software vendors are assholes.

      • You cannot force a company to sell licenses for a software they don't support anymore and maintain staff to maintain a piece of software the revenues cannot justify to. So, don't hope too much from the court verdict. There is no law that state you must sell and support a piece of software forever.
        • by ilguido ( 1704434 ) on Sunday June 19, 2016 @10:03AM (#52347051)

          You cannot force a company to sell licenses for a software they don't support anymore and maintain staff to maintain a piece of software the revenues cannot justify to.

          Yes, but who is saying that they need "support" and a staff? That piece of software has worked for some 25 years now, I supposed that the support they need is none and they're just happy to be able to use it.

          • by Anonymous Coward

            The software should be considered abandonware and part of the public domain. Anyone should be free to download and use it for any purpose -- software vendor is not culpable for damages from its use.

          • And what happens if there is suddenly a major issue the week after the "its ok, theres no support really needed on this account" extension to the licence period is signed? All shit breaks loose, thats what happens.

            • WHAT would break lose? The only remaining issues are
              1. System being network connected. But its MS DOS, so I hope they had the sanity to isolate it
              2. Parts breaking down and needing replacement
              3. Incompatibility on new parts
              4. Somehow producing new error codes(unlikely)

              • by Yvan256 ( 722131 )

                https://en.wikipedia.org/wiki/... [wikipedia.org]

                We all think it's still very far away, but they're still using an MS-DOS system in 2016 so I wouldn't push that future problem aside just yet.

                • by HiThere ( 15173 )

                  It's not far away, but people are already shifting to 64-bit time clocks. That pushes the 2038 problem so far into the future that it really *is* safe to ignore it. More work is still needed, but it's already being addressed.

                • by Megol ( 3135005 )

                  MSDOS actually have no date problem before 1980+127=2107, almost a hundred years in the future. IIRC but I'm pretty sure I do.

        • by Keith Mickunas ( 460655 ) on Sunday June 19, 2016 @10:06AM (#52347075) Homepage

          Where does it indicate that the state is trying to force them to maintain a staff to support this software?

          It seems very wrong to me that the company can tell the state to stop using a piece of software that they have been using for years. They can provide a license that offers no support, no updates and no warranty of any kind.

          • Switching can sure be a pain for types of software, if it's the center of your enterprise. It sure is silly to lease that kind of software for a few years rather than but (or build) it.

            Of course, the article says they choose to lease because from the very beginning they planned to replace it. So the plan all along was that they would replace it, but now they decided they'd rather not. That kinda sucks, but when you can't make up your mind, can't make a decision, you sometimes end up an inconvenient positi

            • Of course, the article says they choose to lease because from the very beginning they planned to replace it. So the plan all along was that they would replace it, but now they decided they'd rather not.

              No, you have misread the article (and mixed up choose and chose [beedictionary.com]). I presume that you were referring to this paragraph:

              Chiron, an MS-DOS-based system first developed in the 1980s and rolled out in many SA Health rural hospitals in the early 90s, was to have been replaced by the Enterprise Patient Administration System (EPAS) from Allscripts that was originally planned as a state-wide EMR and PAS solution.

              The part about when the software was introduced was a subclause of the sentence, and it did not mean th

          • It may seem wrong, but if that's the license agreement that the state agreed to, then that's the agreement. The company now has a right to enforce that agreement. If you don't like a EULA, you need to protest it when you buy the software, not 20+ years later when chickens come home to roost.
        • "maintain staff to maintain a piece of software"

          Ya, I am sure this 30 year old piece of software, that runs on MS-DOS, gets loads of updates.

          • It is not about actual updates it is about the responsability that comes with selling a license for the software you actually wrote.
            • It is not about actual updates it is about the responsability that comes with selling a license for the software you actually wrote.

              If SA Health want to keep using the software after it stops being officially supported then they assume the risk. It's simple!

        • You cannot force a company to sell licenses for a software they don't support anymore and maintain staff to maintain a piece of software the revenues cannot justify to.

          Sure, that's fine. But what you can do is simply declare the software to be in the Public Domain, since the only thing stopping that from happening automatically is government fiat in the first place!

        • by batkiwi ( 137781 )

          Support contracts and usage licenses are completely different things.

          For example, if you bought windows 95 you still have a license and can legally use it, it is just that MS provides NO support for it. Part of my job recently has been doing windows server 2k3 migrations due to extended support EOL, and about 50% of the software on it is out of support contract as well, but is still legally licensed.

          No one is trying to force them to support it, but if they will not accept money for the licenses then it's e

      • In this case, they are trying to yank out a perfectly fine, if older, medical system, and there are duties to care that may come into play.

      • You CAN keep using Windows 7, for as ling as you want. The standard license for software is indefinite. South Australia planned to replace this software after something else was available, so they chose to lease a short term solution. Now they changed their mind and wish they had bought a regular software license instead.

        • South Australia planned to replace this software after something else was available, so they chose to lease a short term solution. Now they changed their mind and wish they had bought a regular software license instead.

          As somebody else has since pointed out up above [slashdot.org], you've got that almost exactly wrong...

      • by Zocalo ( 252965 )
        I doubt it. Quite likely the licensing agreement between Working Systems and SW Health is part of a bespoke contract rather than the kind of license that comes with software for the average Joe's PC - especially given that it's strongly implied that there was an on-going license fee until March 2015 or some other kind of cut-off at that point. Assuming that whoever wrote the original contract knew their stuff and put in specific clauses to cover the inevitable software EoL, I suspect this is going to be r
        • by HiThere ( 15173 )

          Your use of the term "obsolete" in regard to working software displays either bias or ignorance. Despite the term "bit rot" software doesn't become obsolete. It may become less appropriate than a more modern version, but quite often the "more modern version" is actually significantly inferior to the older version. And running on MS-DOS doesn't imply that it doesn't do the job more properly than any available potential replacement. That they are willing to go to the effort of running it under virtualizat

          • by Zocalo ( 252965 )
            All good and valid points, but taking "obsolete" to automatically mean "of no further use" is an awfully narrow definition and certainly not the one I was intending which, to be clear, was that it hasn't been developed by the original vendor for more than a decade, is no longer supported at all, and has been replaced by a more up to date version by the vendor. In the same vein, I think that most people would accept that steam trains are obsolete for passenger transport in the first world, yet there are doz
            • by HiThere ( 15173 )

              I don't find that usage of "obsolete" to be useful to anyone outside of marketing. It is true that there are definite costs to using software for an environment that is no longer maintained, but I do so every day for some software written for Linux 2.2. I don't consider it obsolete, because I have found no acceptable replacement. Occasionally I look for a better way to virtualize it.

              There is other software that I WOULD handle in the same way, except that it's illegal...and I can't afford a lawyer and a c

      • I can't wait to see the court verdict on this one. It smells like abandonware to me.

        Adobe no longer sells Photoshop 7.0 Does that make it abandonware too?

  • by Anonymous Coward on Sunday June 19, 2016 @09:48AM (#52346987)
    Bits don't rot.

    "The company said a licence extension for CHIRON was not possible because it was too old and no longer supported."

    If you've never placed a support call in the 13 years since installation, if you've got backup hardware that will still run the stuff, if it's not connected to a network (MS-DOS presumably isn't), if it's not getting patched (because it's not connected to a network), then there's no risk of a change breaking the existing configuration -- and in those circumstances, what does it matter if it's not "supported?"

    Sorry, vendor. I'm sorry that your old software was so un-agile that it was actually "done" in the '90s and probably needs no further patches in order to remain fit for purpose until 2038. A pity for all vendors whose business models have pivoted towards Service As A Substitute for software, but fortunately, these guys never got on the upgrade treadmill. EPAS 2017: Hey, let's change the UX to "Flat!" this year so all the nurses have to relearn where the menu options are beneath that hamburger menu. It'll be hell for the end users, but the marketing guys think it looks great in a PowerPoint slide deck, and this is Enterprise Software; we're not trying to sell it to the physicians!

    And sorry, devs. Sorry that the human body works pretty much the same today as it did in 200,000 years ago. And that basic medical care works pretty much the same today as it did 50 years ago. And that even the bureacracy "required" to oversee the recordkeeping associated with "meatbag came in, was assigned bed, was assigned physician, who performed care" doesn't change as fast the latest Javascript framework.

    Some software is just Done.

    • Now software this old likely may have low limits that when hit can just crash / error out or even overflow. Now any of them happen is a bad thing for patient records

    • by bazorg ( 911295 ) on Sunday June 19, 2016 @10:28AM (#52347165)

      I'm not a big fan of replying to AC, but here goes....

      When enterprise-grade software is supplied, normally there are plenty of contractual terms that go with it. Requiring that the whole stack (operating system, database, application, whatever else) is under current support from the suppliers is a good demand in exchange for offering guarantees of break-fix support. The company providing support for the patient care component does not want to have the customer making claims of breach of SLA when the database component failed and its respective supplier has halted development and won't take new trouble tickets for the specific version in use since 10 years ago.

      In the MS world of licensing where I have some modest experience, I've seen that it is common for MS to charge an annual maintenance fee in return for a number of entitlements for the user. Things like access to patches and upgrade rights (ie: you don't buy the software licence again when a new version comes up, just grab the new version and move on) are not unusual. On top of this, I've also seen independent software vendors and MS technology partners build up more stuff that goes on top of the MS product that was licensed in the first place. These vendors sometimes use the same model of maintenance payments every year to have some sort of cash coming from those customers who bought additional software or customisations to the base product. If the maintenance payments are not made to MS, they do not switch things off (to my knowledge at least) but if the customer changes their mind, MS will charge lapsed years or ask for a new licence to be purchased. Independent vendors may have their own policies in relation to the software they develop on the MS application/stack.

      Having read both articles (wow!), I get the impression that while this state in Australia used to be but is no longer a large customer account. They are really the only people using this software any more, and it is a pain in the backside to make a proper upgrade path just for them. They opted out of incremental upgrades, and now a big bang will look expensive and complicated. It is also possible that the software vendor is under obligation to offer guarantees IF they do offer another year or more of maintenance or extend the licence for their software. In what appears to be an exercise in bridge burning, they want the customer to stop using their software unless they completely replace it with a supported version. It's not very Microsoft-y thing to do, but between MS licensing rules, independent vendor licensing rules and specific contracts made when this deal was a big one for a whole state in Australia, this might have exceptional treatment agreed somewhere.

      To me it looks like both parties want out of the contract they have and the company going to court is another way to put pressure on the other side.
      Some have written in this forum that this would never be a problem if they just used open source software, which is IMHO optimistic. Legacy crap is complicated for everyone, 10 or 20 years of it will make anyone want to have a fresh start. To paraphrase another favourite AC of mine, they really should go with supported apps, that get upgraded and updated on the fly by a cloud services provider. Legacy programmes can be a pain in the backside, compared to centrally managed apps. Cloud! Apps!

      • So its a court case to permanently mark all formalities? Or is it a court case because the system is practically abandenware, but the corporation wants their cash?

        • by bazorg ( 911295 )

          I'd say both both. It might be a court case to get the state of South Australia to pay their last bill and then cancel the existing contract without penalty to the supplier.

      • by Malc ( 1751 )

        Pay me now or pay me later. Can they even get replacemnt hardware to run this now?

      • Please never use Microsoft as a recommended licensing model. It's never the lesser evil, but I digress...

        The situation is simple. The health provider is using software without a license, and the software developer refuses to issue a license. To draw an analogy, this is really little different (legally) from a book author who contracted to allow a movie studio to use his work, but now that contract is expired. The raised questions are a little more difficult, calling into question the very nature of software

        • by batkiwi ( 137781 )

          Please never use Microsoft as a recommended licensing model. It's never the lesser evil, but I digress...

          What specific issues do you have with MS's corporate licensing model?

          -if you own a software license bought outright at any time you own it in perpetuity
          -CALs are bought yearly (typically) but are "essentially" the same no matter the platform or age. There are exceptions for this (dynamics CRM end user vs admin licenses, etc) but in general it works this way
          -Licenses are separate from support contracts, so you can opt for zero support for zero fee, or have MS premier support on-site 24/7 for a HUGE fee
          -You

          • My personal nightmare was three VM servers on two identical ESXi VM hosts (a primary, replicated for a hot spare), running four quad-core CPUs virtually allocated to only commit 8 cores to each VM, and each VM also got 4 GB of memory. One of those VMs ran our Exchange server. We also had a Win7 VM to run on the server, and needed to upgrade about a dozen WinXP clients to Windows 7. Several new computers had been purchased prior to this project with Win7 already installed, and they weren't going to be change

  • So should we have a new class of abandonware? Why should someone have to stop using software if the makers abandoned it? This sounds like a kind of legalized extortion or something.
    • by Sneftel ( 15416 )

      Because that's what they agreed to. They signed a contract saying "We'll pay you X amount of dollars, and use the software for Y amount of years, and then stop using the software. We understand that you're under no obligation to allow us to renew the license, for any amount of dollars." Which was certainly a really, really stupid contract for them to have signed, but hey, here we are.

    • South Australia had orignially planned for this to be a short term solution until a replacement was ready. So they found somebody willing to do the lease they wanted, rather than a standard perpetual license. They figured they would save money that way, since they weren't going to use it very long.

      Then they changed their mind. They wanted a lease. They paid for a lease until March. That's why they should have it until March.

      • In short, the IT department at SA Health is run by a bunch of f... morons.
        • In short, the IT department at SA Health is run by a bunch of f... morons.

          ..unless the courts rule in their favor, then they are geniuses.

          I view this thing as similar to someone that opts to subscribe to say Photoshop rather than purchase it outright because they figure it would be cheaper, and then cryng foul later when Adobe only offers subscription and purchase options for a newer version.

          It shouldnt matter that the older version still works for you. You didnt choose the buy it option, you chose the lease option. But in this case its "OMG medical software!!" so maybe they

        • by ruir ( 2709173 )
          I would say they tend to be info phobic when it comes to Australia. I remember pretty well the jobs adverts being for novell well when I was using Linux for some at least a decade, and many people being into Windows 2k in the rest of the world.
  • In Deus Ex - Human Revolution, Adam Jensen lives in the CHIRON building. Coincidence? I don't think so!
  • The purpose of copyright is to allow authors to make money on their creativity. When they stop doing that it should go into the public domain. All abandonware should be public domain.
  • A prominent author refuses to stop using a typewriter, even though the warranty on it had expired and the manufacturer no longer makes them.
    A misguided luddite refuses to stop using a 1950s Packard, even though the company that produced it no longer exists.
    A world-renowned musician refuses to stop using his Stradivarius, even though...

    • by ADRA ( 37398 )

      All your points are irrelevant to issues in the story, but thanks for playing.

      Thinkgs that are important:
      1. A critical'ish health system is being run on a system unsupported by a vendor
      2. Said software is LICENSED
      3. Said vendor can't find people willing to support maintaining the product so they discontinued it and leave no legal venue to continue operating said software
      4. The cost and timeline of an upgrade now (they should seriously consider it regardless) would cripple their health infrastructure. We're

      • by mark-t ( 151149 )

        4. The cost and timeline of an upgrade now (they should seriously consider it regardless) would cripple their health infrastructure. We're talking 3-5 years minimum of conversion time

        Which suggests that the government should have been actually planning for this at least three to five years ago. While I think it's assinine for a company to sue for using unlicensed software when they won't sell a license in the first place, I think that the government is in the wrong here.

        For all practical purposes, howeve

        • Which suggests that the government should have been actually planning for this at least three to five years ago. While I think it's assinine for a company to sue for using unlicensed software when they won't sell a license in the first place, I think that the government is in the wrong here.

          The government is in the wrong, but not because they haven't planned ahead. They started shopping around for a new system in 2010, but they have had problems with the web-based solution and so have put the roll-out on hold. Only a few city hospitals have started using the new EPAS system. It will be later this year or (as I suspect) some time next year before the country hospitals finally get migrated to the new, centralised solution. Only then will they be able to kick Chiron to the curb.

  • ... Working Systems?

    They don't give a fuck about patient safety. They are a money-making enterprise. So, what's their motivation?

    That's the question.

    • by guruevi ( 827432 )

      Making money... Duh. They want to sell new systems and their contract states they should've stopped using this package by now. They are completely free to go with another vendor or do it themselves, but this vendor wants their money. Regardless of whether or what they want to replace, it is mostly irrelevant, the vendor has stated that for renewal of the contract it will cost A$x and the hospital system doesn't want to pay it. The "cost" of software is not just a license cost, it is also maintenance and upg

  • .... from just continuing to use it while paying the penalties for using an unlicensed version of their software? I mean for at least the interim, until they can get an upgrade firmly in place?
  • Really, for less than it costs to maintain this legacy crap, my team would be willing to develop something decent for them. (and give them the sourcr) This is all really stupid.
  • by Greyfox ( 87712 )
    Could they fund an open source replacement for it? They're probably spending a lot of money keeping the old thing alive, they'd probably also have to spend a lot of money to migrate to the new software. So why not roll that money into an open development effort and make the resulting code freely available to everyone?
  • Hey, it was good enough for Bill Gates, it should work for a hospital system.
  • by iamacat ( 583406 ) on Sunday June 19, 2016 @12:45PM (#52347783)

    Pass the law that any software which is no longer sold at price comparable to what it went for at it's prime is public domain and anyone is entitled to hack it and bypass any anti-copying measures. Many instant wins, no downside to speak of:

    • Production systems are not disturbed by upgrades they don't need
    • Reliable, legal ways to enjoy old games
    • New versions of software have to actually be superior to old versions for majority of user base to sell.
  • What is "a software"? Is that like "an information" or "a hardware"? Ugh.
  • DOS-based programs probably don't have so many of the GUI-security flaws, and I've seen DOS-based programs run rings around their Windoze brethren.

    Also, it's likely that the newer versions have substantially different database designs and requirements, and it would probably take months or years in effort to convert the existing data to the new version.

    Change for the sake of change isn't always "progress".

  • The whole state is frequently the most backwards in many ways. Want to know where the source of the majority of the anti-video game bills for Australia come from?
    Adelaide "city of churches", indeed.

  • NOT MS-DOS (Score:5, Informative)

    by sc0ob5 ( 836562 ) on Sunday June 19, 2016 @07:39PM (#52349421)
    CHIRON is not MS-DOS based, It runs on SunOS and is delivered by a terminal session.

    There are a number of other old patient administration systems (all UNIX based, mostly SunOS but OpenVMS as well, all delivered by terminal session) that are in use currently and hospitals that use them are being migrated to the new single system but it's a slow process as the new system does more than just patient administration, it replaces a number of other old systems as well.

    So that it's MS-DOS based is just plain wrong.

    I don't want to get into the licensing issues with Working Systems.

    How do I know this? I work for the department..

    • by sc0ob5 ( 836562 )
      Also the summary is incorrect, there are 64 sites that use CHIRON in the state and they are all regional sites with low numbers of presentations. There are 11 metropolitan sites (plus their satellite sites) that use either the updated system or another old legacy UNIX system that is in-line for replacement with the new system.

To stay youthful, stay useful.

Working...