Drexel DeFord is chief information officer at Steward Health Care, an integrated delivery system that provides care in the greater Boston area. Before coming to Steward this year, he had served as senior vice president and CIO at Seattle Children’s Hospital. For 2012, DeFord served as the chairman of the board of trustees for the College of Healthcare Information Management Executives (CHIME).
One of the core objectives for stage 2 meaningful use involves patient engagement with electronic health records — both accessing records and initiating secure messaging. Are those realistic goals and how can providers reach them?
Clearly the government has made a policy decision to integrate the patient more closely with their medical records. You see this with access to lab results, resources being put toward “Blue Button,” education campaigns regarding patients’ rights under HIPAA and other initiatives. The policies finalized for stage 2 meaningful use are a clear continuation of this trend. I was surprised to see that CMS would put providers on the hook for patients’ actions, but I also know they understood CHIME’s comments and reduced the threshold from 10% to 5% on those patient engagement measures. It will be a monumental task, for sure, and there are bound to be issues and challenges as industry figures things out. But in the end, I do think it is realistic, without necessarily being optimal.
For providers, I would suggest you understand how your current patient engagement strategies line up with “view, download, transmit” and “secure messaging” requirements. Next, I would be in close contact with your vendor to understand how those initiatives line up with their future plans. Finally, I would keep in touch with colleagues in the industry — through CHIME, HIMSS and other organizations — to determine best practices.
More companies are moving operations to the cloud. Is this a good idea for health care providers? What are the biggest advantages and drawbacks of using the cloud in health care?
In many ways, the term is overused and overhyped at this point, so much so that it’s difficult to define “cloud” services today — the handle has been stuck on almost everything by the marketing guys. But generally, IT executives need to carefully select services that might be candidates to be moved to the cloud.
This is fundamentally a question about how much control you and your organization believe you need over every bit of data in your systems. If you’re willing to shed a bit of your inner control freak, I think moving to the cloud is a great opportunity for the right services — and only you can decide which ones are right for your company.
Using the cloud, CIOs often can tighten service-level agreements, gain the ability to scale quickly and/or essentially pay a subscription fee for expertise and resources you otherwise can’t or don’t want to run locally. In many cases, it’s used to allow the Information Services department to focus on the most difficult parts of their mission — the real pioneering work — while shedding the services that have become more commoditized.
Where do you think the future health IT workers will come from and what can provider organizations do now to ensure there are enough skilled employees available?
We’re challenged now to find the right people with the right kind of experience for a lot of very specialized jobs in HIT; the past two CHIME surveys on staffing shortages have borne this out to be an ongoing problem in the industry. We’ve seen the government take a leadership role in retraining programs for those looking for second careers. My personal experience has been that we often recruit some of the best from the provider side of the house: great lab, radiology and pharmacy techs; brilliant doctors and nurses. They often start as a super-user during an implementation, and when the light bulb goes on over their heads, a new career path is born. For some of the jobs at the infrastructure level, I’ve actually found superb teammates to hire from construction, banking and other tech companies.
We will have to be creative. We have to take folks from outside the traditional HIT paths and help give them HIT “chops.” And, of course, it’s always going to be important to grow folks from inside your own teams.
Security of protected health information and other personal data has been a problem in the health care community. What do you think is the biggest culprit, and what can CIOs do to ensure their patients’ PHI is secure?
Security is a challenge that keeps all of us up at night. The biggest part of that challenge is finding the balance between locking everything down so tight that it’s not accessible or usable for making good clinical decisions vs. making everything so open there’s unreasonable exposure. That’s a tough balance to strike, and every organization has to find its own sweet spot.
Resourcing the security effort can be a tough sell too, because what you’re trying to do is prove a negative: the ideal situation is that nothing bad ever happens. But making a business case for that kind of situation can be difficult. My best strategy has been to partner with my privacy, security and compliance officers. They’re great resource advocates, and together, they usually do a fine job of finding the right balance.
What do you think is the biggest challenge CIOs will face in 2013? What steps should they be taking to meet those challenges?
I think the biggest challenge will be the prioritization of limited IT resources, coupled with managing expectations of both leaders and end-users. That means doing the very difficult work associated with building a solid and consistent Information Services governance structure that’s based on good planning, transparency and, most importantly, collaboration with clinical and business partners.
All organizations have a long list of truly great IT projects they want to start immediately. But for most of us, that list of projects far outweighs the resources available to get those projects done. Good collaboration and strong governance will help make sure the company is putting first things first. Plan projects well. Carefully execute those plans. And don’t forget about the fundamental HIT infrastructure: networks, storage, end-user devices and such. Those may not be the most glamorous or sexy projects on the list, but they’re the foundation upon which everything else is built.
This question-and-answer session was produced as part of SmartBrief’s 2012 Best Of reports, which capture the year’s most important stories in each industry. Sign up now for CHIME’s Healthcare CIO SmartBrief to get tomorrow’s report on the top must-read stories from the healthcare industry.
Image courtesy of the College of Healthcare Information Management Executives.