One of the most common questions Healthcare leaders across the country as me is “How did any one of the many Collibra healthcare customers ‘justify’ the investments for their data governance program?” It’s tempting to respond with the classic consulting response of “it depends” or to dive into the details of each customer. But the frequency of the question has led me to take a broader look at the state of Healthcare data and information governance and find common threads in how customers justify data governance.
Not surprisingly, the justifications for data and information governance in healthcare fall into the same three categories as they do for virtually all our customers: Risk Avoidance, Increased Value, and Decreased Cost.
While virtually every organization pulls from each of these categories to justify data governance initiatives, this discussion will focus on Risk and Risk Avoidance. We’ll look at how Collibra customers leverage Increased Value and Decreased Cost to justify their data governance investments in subsequent articles.
Of course, saying that a seven-plus figure, multi-year investment in consultants, staff, technology, and change management because it decreases risk or decreases costs is hardly enough to convince most Healthcare CEOs and board members to drop the hundreds of other projects (that also promise to decrease risk) and make data governance the number one priority. So let’s dig a bit deeper to look at a few of the ways that a well-funded data governance program can address each of these areas. The need for more effective data governance is universal across all types and sizes of healthcare organizations. Notice that I didn’t say that every healthcare organization needs more data governance. Although I’d argue that today, few healthcare organizations suffer from too much governance.
For years, organizations have understood the potential risks of using data improperly in the clinical decision process. Many have erected Byzantine processes and systems to manage clinical data in and around the patient record. And with current land rush into analytics and data-driven healthcare, organizations are frequently moving data from tightly-controlled electronic medical record (EMR) systems into new analytic platforms, big data environments, 3 party analytic applications, and data sharing with Accountable Care Organizations ACOs) and countless external organizations. Most organizations have well thought out plans and process to minimize risk of data loss and data breach associated with these new analytic tools and technologies.
However, the familiar old risks of misuse of clinical data in these new environments are not well-mitigated. I’m not talking about the intentional misuse of clinical data for financial benefit. Rather, the far more likely unintentional misuse of clinical data resulting from lack of understanding as to the meaning and provenance of clinical data.
To mitigate this risk as both the owner and consumer of clinical data, organizations must leverage their governance teams to ensure they are documenting, maintaining, and making available the critical context and meaning throughout the lifecycle of this clinical data. Practically, this means they should have:
Once clinical data moves beyond the EMR and EMR vendor-provided analytics, organizations must deal with the potential risk of unintentional misuse of clinical data.