Compared with other industries, the healthcare industry might be a Johnny-come-lately to information governance, but provider organizations are increasingly recognizing the importance of IG and are taking concerted efforts to adopt a strategy for success.
According to the American Health Information Management Association, IG is an organization-wide framework for managing information throughout its lifecycle and supporting the organization’s strategy, operations, regulatory, legal, risk, and environmental requirements.
Kathy Downing, AHIMA’s senior director of information governance, contends that traditional data and information management strategies are not keeping pace with the needs of healthcare organizations, and that IG is no longer a luxury but an imperative that the industry cannot afford to ignore.
“Credit card companies and banks have had information governance programs in place for 10 years already,” says Downing. “They’ve had the big data problem longer than we’ve had. Now, healthcare is really come up against the challenges of big data with electronic health records.”
In particular, she argues that IG is essential to organizations’ successful health IT initiatives, such as EHR implementations, data analytics, privacy and security, as well as information sharing. With the adoption of EHRs, advances in HIT and an increase in regulations, it’s more important than ever for organizations to take legal and regulatory needs into consideration when building an information governance framework. However, Downing is quick to add that IG needs to be broadly supported, noting that, “We do not think it’s an IT project.”
A 2015 AHIMA survey of more than 1,200 respondents found that 32 percent made no progress on IG, while another 24 percent indicated that it’s not yet an organizational priority.
“Information governance is something that healthcare must embrace in order to manage and leverage the data that is coming in now,” Downing says.
Last year, AHIMA released an IG framework for helping healthcare organizations govern information based on eight comprehensive principles— accountability, transparency, integrity, protection, compliance, availability, retention and disposition. Called the Information Governance Principles for Healthcare, Downing says the principles can be applied to a variety of healthcare organizations, such as health payers.
Downing encourages organizations to use the framework as they start or refine their own information governance programs based on these principles, which are intended to be interpreted and applied depending on an organization’s type, size, sophistication, legal environment and resources.
“Organizations really need to get an executive sponsor, whether that’s their CIO or CFO. Hopefully, the board is asking for that because IG is part of corporate governance,” she says, adding that building an information governance program from the ground up can take three to five years. “Someone at the executive level supporting you is critical, as is a multi-disciplinary committee approach, and then maintaining it for the long run. Your IG strategy has to align with your business strategy.”
Earlier this year, AHIMA launched the Information Governance Adoption Model to help organizations implement and develop an IG program. The model consists of 10 core competencies and creates a framework for adopting information governance based on an established body of standards, best practices and legal and regulatory requirements specific to IG in healthcare.
AHIMA’s new subscription-based assessment tool, IGHealthRate, enables organizations to determine their maturity level in adopting information governance, through providing measurements, benchmarks and coaching to continue to improve their IG programs.