Question

Case 2.2

Business Case: Data Chaos Creates Risk

Data chaos often runs rampant in service organizations, such as health care and the government. For example, in many hospitals, each line of business, division, and department has implemented its own IT applications, often without a thorough analysis of its relationship with other departmental or divisional systems. This arrangement leads to the hospital having IT groups that specifically manage a particular type of application suite or data silo for a particular department or division.

Data Management

When applications are not well managed, they can generate terabytes of irrelevant data, causing hospitals to drown in such data. This data chaos could lead to medical errors. In the effort to manage excessive and massive amounts of data, there is increased risk of relevant information being lost (missing) or inaccurate—that is, faulty or dirty data. Another risk is data breaches.

• Faulty data By 2015, 96% of health-care organizations had adopted electronic health records, or EHRs (Office of the National Coordinator for HIT, 2016). It is well known that an unintended consequence of EHR is faulty data. According to a study published in the Journal of the American Medical Association, data in EHR systems may not be as accurate and complete as expected (Conn, 2016). Incorrect lab values, imaging results, or physician documentation lead to medical errors, harm patients, and damage the organization’s accreditation and reputation.
• Data breaches More than 25 million people have been affected by health-care system data breaches since the Office for Civil Rights, a division of the U.S. Department of Health and Human Services, began reporting breaches in 2009. Most breaches involved lost or stolen data on laptops, removable drives, or other portable media. Breaches are extremely expensive and destroy trust.

Accountability in health-care demands compliance with strong data governance efforts. Data governance programs verify that data input into EHR, clinical, financial, and operational systems are accurate and complete—and that only authorized edits can be made and logged.

Vanderbilt University Medical Center Adopts EHR and Data Governance

Vanderbilt University Medical Center (VUMC) in Nashville, TN, was an early adopter of EHR and implemented data governance in 2009. VUMC’s experience provides valuable lessons.

VUMC consists of three hospitals and the Vanderbilt Clinic, which have 918 beds, discharge 53,000 patients each year, and count 1.6 million clinic visits each year. On average, VUMC has an 83% occupancy rate and has achieved HIMSS Stage 6 hospital EHR adoption. HIMSS (Healthcare Information and Management Systems Society, himss.org) is a global, nonprofit organization dedicated to better health-care outcomes through IT. There are seven stages of EHR adoption, with Stage 7 being a fully paperless environment. That means all clinical data are part of an electronic medical record and, as a result, can be shared across and outside the enterprise. At Stage 7, the health-care organization is getting full advantage of the health information exchange (HIE). HIE provides interoperability so that information can flow back and forth among physicians, patients, and health networks (NextGen Healthcare, 2016).

VUMC began collecting data as part of its EHR efforts in 1997. By 2009, the center needed stronger, more disciplined data management. At that time, hospital leaders initiated a project to build a data governance infrastructure.

Data Governance Implementation

VUMC’s leadership team had several concerns.

1. IT investments and tools were evolving rapidly, but they were not governed by HIM (Healthcare Information and Management) policies.
2. As medical records became electronic so they might be transmitted and shared easily, they became more vulnerable to hacking.
3. As new uses of electronic information were emerging, the medical center struggled to keep up.

Health Record Executive Committee

Initially, VUMC’s leaders assigned data governance to their traditional medical records committee, but that approach failed. Next, they hired consultants to help develop a data governance structure and organized a health record executive committee to oversee the project. The committee reports to the medical board and an executive committee to ensure executive involvement and sponsorship. The committee is responsible for developing the strategy for standardizing health record practices, minimizing risk, and maintaining compliance. Members include the chief medical information officer (CMIO), CIO, legal counsel, medical staff, nursing informatics, HIM, administration, risk management, compliance, and accreditation. In addition, a legal medical records team was formed to support additions, corrections, and deletions to the EHR. This team defines procedures for removal of duplicate medical record numbers and policies for data management and compliance.

Costs of Data Failure

Data failures incur the following costs:

• Rework
• Loss of business
• Patient safety errors
• Malpractice lawsuits
• Delays in receiving payments because billing or medical codes data are not available.

Benefits Achieved from Data Governance

As in other industries, in health care, data are the most valuable asset. The handling of data is the real risk. EHRs are effective only if the data are accurate and useful to support patient care. Effective ongoing data governance has achieved that goal at VUMC.

Questions

1. What might happen when each line of business, division, and department develops its own IT apps?
2. What are the consequences of poorly managed apps?
3. What two risks are posed by data chaos? Explain why.
4. What are the functions of data governance in the health-care sector?
5. Why is it important to have executives involved in data governance projects?
6. List and explain the costs of data failure.
7. Why are data the most valuable asset in health care?

Sources: Compiled from NextGen Healthcare (2016), Office of the National Coordinator for HIT (2016), and Conn (2016).

Answer 1

What might happen when each line of business, division, and department develops its
own IT apps?

Ans: When each line of a business develops its own IT applications, it often is done without a
thorough analysis of its relationship with other departmental or divisional systems. This
arrangement may lead to the business having IT groups which specifically manage a particular
type of application suite or data silo for a particular department or division

What are the consequences of poorly managed apps?

Ans: When apps are not well managed, they can generate terabytes of irrelevant data, causing the
business to drown in such data. This data chaos could lead to errors. In an effort to manage
excessive and massive amounts of data, there is increased risk of relevant information being lost
(missing) or inaccurate — that is, faulty or dirty data. Another risk is a data breach.

What two risks are posed by data chaos? Explain why.

Ans: One risk is faulty, or dirty, data. Because apps are not well managed they can generate terabytes
of irrelevant data, causing a business to drown in such data. With excessive and massive amounts
of data, there is increased risk of relevant information being lost (missing) or inaccurate.
Another risk is data breaches. With large amounts of data spread over various data silos, the
security for each not well managed, the opportunities for data breeches are increased.

Upgrade to remove ads

Only $1/month

What are the functions of data governance in the healthcare sector?

Ans : The healthcare industry must comply with regulations or reporting requirements, defend against fraud, and protect patients' information.
Data governance in healthcare helps to reduce or eliminate faulty data and data chaos.
Inaccessible or unavailable in separate clinical data silos and valuable "messy" data are routinely
left out. Most health-care organizations are drowning in data, yet they cannot get reliable,
actionable insights from these data.
Good data governance helps to prevent data breaches.

Why is it important to have executives involved in data governance projects?

Ans: Data governance is the control of enterprise data through formal policies and procedures. Data
governance is an enterprise-wide project because data cross boundaries and are used by people
throughout the enterprise. Proper governance reduces risks for the organization.
Executives must be involved in order to determine who owns which data and who can access
and/or update that data, particularly data which crosses departmental boundaries. Also, to obtain
compliance to data policies and procedures, there must be support from executives who have
oversight across the organization

6. List and explain the costs of data failure.

Ans: Rework - if data are incorrect, someone has to go to the original source and re-enter the correct
data; loss of business: not having correct data for customers, prospective customers, services, or
products can cause an inability to be customer-centric and therefore cause a loss of business;
safety errors (for patients, in healthcare; for the public, in engineering);
malpractice lawsuits (in various fields, such as healthcare, legal, or engineering);
and a delay in receiving payments: when billing or payment data are not available, or inaccurate,
delays can occur before correct payment is received.

8. Why are data the most valuable asset in health care?

Ans: Due to health-care accountability and reporting obligations, and the huge amount of personal
data in electronic form, data becomes very valuable in healthcare, not only for serving the
patients' needs, but also for keeping the organization operational and protected from lawsuits.
"Beginning in 2012, hospitals have been penalized for high re-admission rates with cuts to the
payments they receive from the government (Miliard, 2011)." Managers need to be able to
"access an integrated view of relevant clinical and operational information to drive more
informed decision making. For example, by predicting which patients might be readmitted, we
can reduce costly and preventable readmissions, decrease mortality rates, and ultimately improve
the quality of life for our patients" (Miliard, 2011).

Explain the value or benefits of each organization's cloud investment.?

Ans:The three case studies are about cloud computing usage: SaaS (Software as a Service), IaaS
(Infrastructure as a Service), PaaS (Platform as a Service). In the first one, students at a University access Google Apps e-mail (instead of a university email server) from their university portal via a link. Since it is branded, they see their college
logo. The value to the university is that there is no need to have an e-mail server of their own.
In the second case, an organization leverages cloud computing through Terremark for managing
their virtual server (infrastructure) requirements which may be changing dynamically. This
optimizes the cost of infrastructure; there is no need to pay for peak-level resource requirements
all of the time. In the third one, the connection is from the cloud (a Facebook App) to a company's API (a service offered to its customers) on its platform, done in order to attract more customers