What's Next: Software Never Events?

Nextgov reported on Monday that "more than 30 public and private cybersecurity organizations released a list of the 25 most dangerous software programming errors" so that agencies could put pressure on software vendors to make sure these errors were did not exist in their programs that they sell to government.

Risk management expert and Tech Insider blogger Robert Charette argues on his other blog, The Risk Factor, that the federal government should take the list to create a policy similar to what the Centers for Medicare and Medicaid Services did last year. That is, refuse to pay for 28 medical errors that never should have happened in the first place. Leave a sponge in a patient during surgery? The federal government will not pay for the procedure to go back in to remove it. These are called "never events," as in, they should never happen in the first place.

Writes Charette:

The IT community should rally around these 25 errors and deem them our never events. And the government - and private enterprise - should start to refuse to pay for software that contain them. Some of the programming errors listed are in the same league as a doctor removing the wrong limb.