Radiation Treatment Errors and Bad Design

The New York Times has an excellent investigative report into radiation treatment errors. They tell the story of two patients who died due to errors, and report on the frequency of these events. Sadly the errors usually look preventable in hindsight. And predictably, manufacturers of the machines blame the technicians who operate the machines, when in truth a main cause is bad software design without proper attention to safety and usability practices.

Link: Radiation Offers New Cures, and Ways to do Harm.

The article is the first in a series called The Radiation Boom. This kind of deep reporting is what makes the NYT and organizations like it so valuable.

Bill Buxton’s CHI 2008 Closing Keynote

I’m back from CHI and will be posting notes about it over the coming weeks (I am so not a live-blogger).  There were a number of sessions that I think will be of interest to readers of this blog, starting with Bill Buxton‘s fantastic closing plenary.  He threw out the canned talk he had planned to give and instead improvised along the theme of "Being Human in a Digital Age."

I hope video of the talk gets posted, but until then you should check out Nate Bolt’s rough transcript.  Here are a few points from memory:

  • The level of discourse about technology, and human-computer interfaces in particular, is awful.  He contrasted two articles he and he wife were reading on a plane recently: hers was a review of an art exhibit, his a review of the $100 laptop (OLPC).  Hers was deeply written and considered the exhibit within social, historical, and philosophical contexts — something that’s just naturally a part of art criticism; his talked about technical specs and barely considered the human context of the device.  We don’t have a well-developed practice of "interaction criticism" (a theme that popped up elsewhere at CHI too).  HCI professionals should take time out to write for a public audience.
  • Creativity requires a culture that values it.  This is a theme he has written about earlier in a short article "What if Leopold Didn’t Have a Piano?"  Mozart was a genius, but the culture he was born into valued and supported creativity — if it didn’t he might have grown up instead to be the greatest sausage maker in Salzburg.  Our current emphasis on individuality risks losing these values.
  • There is a lot of choice in how we design and use technology.  Culture can change.
  • Good design is aware of its history.  Jonathan Ives doesn’t just invent things for Apple, he borrows creatively from history (and this is a good thing).  All new technologies percolate for at least 20 years before they become big — Buxton’s "Long Nose of Innovation" theory.
  • Much of Buxton’s HCI work has simply been aimed at getting back to where we were.  In the 1970s he worked at the National Film Board of Canada editing soundtracks using one of the most sophisticated and usable computer systems yet built (two-handed, mouse, chord keyboard, graphical display).  Since then he’s been trying to achieve what its designers had already done back than.  Buxton’s chapter in the book HCI Remixed talks about this: My Vision Isn’t My Vision: Making a Career Out of Getting Back to Where I Started.
  • On fostering creative values in business, he recommends Yvon Chouinard’s (badly titled) book Let My People Go Surfing: The Education of a Reluctant Businessman (Chouinard is the founder of Patagonia).

Account Sign-Ins: Broken in So Many Ways

Usability expert Jared Spool has written a couple of articles on how companies can avoid design mistakes on their web sign-in pages.  Here is his list of common sign-in problems:

  1. Having a Sign-in In The First Place
  2. Requiring Sign-in Too Soon
  3. Not Stating the Benefits to Registering
  4. Hiding the Sign-In Button
  5. Not Making "Create New Account" or "Forgot Your Password" a Button or Link
  6. Not Providing Sign-in Opportunities at Key Locations
  7. Asking for Too Much Information When Registering
  8. Not Telling Users How You’ll Use Their Information
  9. Not Telling Users the Requirements for Username and Password Up Front
  10. Requiring Stricter Password Requirements Than The NSA
  11. Using Challenge Questions They Won’t Remember In A Year
  12. Not Returning Users to Their Desired Objective
  13. Not Explaining If It’s The Username or Password They Got Wrong
  14. Not Putting A Register Link When The Sign-In Is An Error
  15. Not Giving the User A Non-email Solution To Recover Their Password
  16. Requiring More Than One Element When Recovering Password

Links: Account Sign-in: 8 Mistakes to Avoid,
8 More Design Mistakes with Account Sign-in

A few more suggestions (these might be rare but are really annoying!):

  • Don’t limit the number of tries people get.  Okay, maybe there’s some rationale for limiting it to, say, 100 to stop automated password sniffers, but limiting it to three is just silly.
  • Don’t use an account number as a user ID.  That makes it easy for the site to keep unique user IDs, but it forces the user to search through their e-mail every time they want to log in.  Ironically, this mistake is committed on the member site of the Usability Professionals Association.
  • Don’t change your system every two months.  It seems like every time I log in to some places they’ve got a new set of challenge questions, pictures, or some crap that just makes the whole thing slower and more frustrating.

I have had the worst web page sign-in experiences with medical sites.  I love that I can now access my records and communicate with my doctor online, but it’s so difficult to remember how to log in and I do it so infrequently that it’s a struggle every time.  Part of the reason may be the US HIPAA privacy regulations (which are
certainly important, don’t get me wrong).  My doctor’s site has extremely strict requirements for passwords and user IDs, and the only way you can get a reminder is by snail mail (and actually they assign you a new password, so you can’t sign in if you happen to remember it before the mail arrives).  So what happens to me is I’ll get a phone message or email that just says "you have a message — please log in."  I try to log in and fail, so I request a reminder.  Two weeks later I receive a new password in the mail but by that point I’ve already called them so I don’t need to log in.  The letter with the new password gets buried (or I choose a new password and forget it) and then months later I go through the whole thing again.  Granted I’m not the most organized person in the world, but this still seems tougher than it should.

See also this article by Anna Pickard in the Guardian today: Are you suffering from password pressure?