Changing Influence of the Healthcare CIO

3 The creation of the HL7 protocol in 1989 represented a milestone in the challenge of getting many different systems, some selected and managed outside of the IT department, to work in a more integrated fashion.

With healthcare IT investments continuing to increase year over year, increasingly touching every aspect of the healthcare organization, the one group that seems least prepared to participate productively are administrative leaders. Master of Health Administration (MHA) degree programs, which are relatively common among healthcare CEOs, typically offer little more than a semester course or “project experience” in information technology. Similarly, the American College of Healthcare Executives (ACHE), the predominant professional association for healthcare executives, doesn’t offer information technology as a significant component in their educational programs. Masters of Business Administration (MBA) degrees are also a frequent degree for CEOs and COOs (and CIOs), but few of these programs prepare their students for the complexities of IT investment decisions, particularly in healthcare. Yet CEOs and COOs operate at the highest administrative level of the healthcare organization and are the formal (and often “final”) decision makers with regard to IT investments.

Physician training faces similar challenges. There is so much medical content that needs to be included in the few short years of medical school, that physicians learn about IT capabilities (and risks) largely through OJT—On the Job Training. But it must also be acknowledged that an increasing number of physicians (and administrators) educated over the past decade or two have grown up using computers (including desktops, laptops and now smart phones) as an accepted and essential part of their lives.

4 Lehmann, et. Al., “Five Years of Clinical Informatics Board Certification for Physicians in the United States of America” Lehmann, et al., IMIA Yearbook of Medical Informatics 2018, pp 237-242.

5 https://www.allianceni.org/

6 https://www.zippia.com/chief-medical-officer-jobs/demographics/

7 https://chimecentral.org/wp-content/uploads/2020/01/CHCIO-Brochure-July-2020.pdf

8 https://amia.org/careers-certifications/amia-health-informatics-certification-ahic

IT Strategy: a Competition for Resources

As IT investment operating and capital expenditures increased, C-Suite executives (and often the Board) increasingly worried that there would be no end to the expectations of clinicians, administrators (and the CIO!) as to how much needed to be spent and in what time frame. Initial investments typically led to more expense for maintenance, upgrades, and “new and better” applications, and C-Suite executives jockeyed to influence what and how to spend.

In these types of discussions, the CIO has been at a disadvantage. C-Suite executives (with the exception of the CEO and COO, who occupy the highest ranks) come to the table representing not only their area, but typically with accepted—and respected– expertise (and certifications and degrees) unique to their areas of responsibility. In other words, they bring recognized content expertise to the table. For example, Finance is represented by a CFO, who typically has a CPA; Human Resources, is represented by the CHRO, who brings expertise in employee relations, government regulations, etc.; Nursing, is represented by the Chief Nursing Officer, who has clinical nursing training; other clinical activities are often represented by a Chief Medical Officer, who has medical training. CIOs typically don’t come to the table with similar types of recognized formal content expertise (other than the aforementioned MBA and the CHCIO certification).

With the expansion in IT knowledge and experience across the enterprise, the CIO is no longer perceived as the sole IT expert. We are now seeing clinicians with undergraduate degrees in computer science and, of course, an increasing number receiving board credentials in Informatics. While acknowledged 30+ years ago as the content expert in IT, the CIO no longer can lay claim to this role. Virtually every member of a healthcare organization may now think of themselves as an IT content expert—at least in their area of work.

As noted earlier, CIOs often report to another member of the C-Suite. In addition, even though a CIO may come to the table with an advanced degree (e.g., MBA), other than the CHCIO certification, he/she often isn’t considered to have the content expertise that would be similar to what other members of the other C-Suite bring. The CIOs IT content expertise, which was acknowledged in the earlier days of healthcare IT, has largely been eclipsed by the increasing experience and knowledge of non-IT clinicians and administrative staff.

IT Strategic Plans

There isn’t enough money in any healthcare organization to satisfy the IT expectations of every administrator and clinician. C-Suite members, looking to expand their influence on IT investment decisions that impact their area of responsibility, constantly seek more control over the organization’s IT investment strategy. IT investment decisions become a competition among administrators, clinicians and, too often, the CIO. So, trade-offs have to be made. Unfortunately, politics, organizational position and too often, outright favoritism, have determined many IT investment decisions. The result has been decisions that are short-sighted, often isolated, driven more by personalities than by what the business needs to succeed.

IT strategies for healthcare organizations have in many cases “evolved” over time, driven largely by specific needs and opportunities. Much of the IT evolution from the 1980s onward wasn’t a part of an overall “IT strategy”, but more the result of needs and requirements voiced by “the loudest voice in the room”. Decisions about IT investments were made based on (often dubious) claims about cost saving and revenue enhancement.

Information technology investments in any organization are most effective if they are considered as integral and essential components of an overall business strategy. Successful IT strategies are designed to support the organization’s business strategy(9):

IT strategy . . . is a comprehensive plan that outlines how technology should be used to meet IT and business goals. An IT strategy is a written document that details the multiple factors that affect the organization’s investment in and use of technology.(10)

A key question for business strategy is, “Who decides what the business strategy should be?”, and the most important questions for IT strategy are, “Who decides what the IT strategy should be and how it should support the business strategy?” and “Who should be responsible for its success or failure?”

By the late 1990s, many CIOs (and consulting firms!) were successful in developing “IT Strategic Plans” for healthcare organizations, focused primarily on the list of applications to be purchased, timeframes for implementations, and the network and hardware infrastructure needed to support the expected applications. By the early 2000s, most healthcare organizations had some type of “IT Strategic Plan”.

Having a formal IT Strategy is an important starting point, but is of limited value unless there is also a structure and processes designed to implement that strategy. Strategies without a mechanism to execute can be ineffective. The structure and processes of allocating IT investment resources is typically referred to as “IT Governance”, the processes and structures which specify “the decision rights and accountability framework to encourage desirable behavior in the use of IT”.(11) In other words, IT governance concerns who should be making IT investment decisions, and who is responsible for the results of those decisions.

9 A common definition of business strategy describes it as “ . . . a clear set of plans, actions and goals that outlines how a business will compete in a particular market, or markets, with a product or number of products or services”. https://www.imd.org/imd-reflections/reflection-page/business-

10 https://www.techtarget.com/searchcio/definition/IT-strategy-information-technology- strategy#:~:text=IT%20strategy%20(information%20technology%20strategy)%20is%20a%20comprehensive%2 0plan%20that,in%20and%20use%20of%20technology.

11 Peter Weil, IT Governance: How Top Performers Manage IT Decision Rights for Superior Results, Harvard Business Review Press, 2004.

CIO Role: Managing the Competition for Resources

Healthcare organizations no longer have an option whether to invest in information technology. As a result, most have some type of statement about their “IT Strategy”. White papers, PowerPoint presentations and even full-length books have been written about what an IT strategy is and how to develop one.(12) Moreover, it is assumed that the CIO has an important role to play in developing and implementing an organization’s IT strategy. But defining this role—and therefore, its influence–in clear and unambiguous terms is not so well understood.

There is no person better equipped to manage IT Governance–the structure and processes of selecting the most appropriate IT investments–than the CIO. These processes, described earlier as “IT Governance”, include a set of structures (i.e., committees) and processes (most requiring formal project management techniques) that guide the organization’s assessment, selection, implementation and management of IT investments. Given the huge sums of money at stake with these investments, and the serious consequences of failure, it is of utmost importance that IT Governance be formalized (and mandated) by the highest levels of authority in the organization— typically the CEO—and supported enthusiastically and consistently by everyone in the organization, starting with members of the C-Suite.

In the absence of formal IT Governance structures and processes, healthcare organizations have no way to keep IT investments aligned with corporate goals and objectives. Without IT Governance, IT investment decisions can become almost ad hoc and opportunistic, rather than clearly aligning with the organization’s business goals. A transparent IT Governance structure and related processes greatly facilitate the ability of employees to align with the organization’s goals. Done right and well, IT Governance can become the most important and effective risk management tool for IT investments.(13)

Implementing IT Governance can be a significant challenge to organizational cultures and leadership, especially if investment decisions have historically been made by a small number of C-Suite individuals, informed by personal preferences with a minimum of analysis. Successful IT Governance in a healthcare organization involves clinicians, administrators and IT staff, working together, communicating and reaching agreement on which investments to make and how much to spend.

12 See, as an earlier example, John Glaser and Claudia Salzberg, The Strategic Application of Information Technology in Health Care Organizations, (3rd Edition), Jossy-Bass, 2011.

13 https://www.forbes.com/sites/forbescoachescouncil/2021/07/06/why-executives-shouldnt-eliminate-it- governance-from-their-vocabularies/?sh=1dc6e1f23362

The Complexity of Healthcare IT Investments

IT investments bring a level of complexity not typically found in other types of investments, and further, are often not well understood by procurement officers or others beyond the CIO and members of the IT organization. They are at once substantive and technical. The substantive question is whether the application does what the customer expects it to do. The technical question is more complex, especially given that there are no truly “stand-alone” applications in today’s highly interconnected and interdependent healthcare environment. In order to function well, most applications need data from other applications and in turn feed data into other applications, leading to significant technical challenges:

• Is the IT investment (typically a combination of hardware and software) supportable by the IT organization, and have provisions been made to pay for this support going forward?
• Is the application capable of receiving data from other already installed applications?
• Is the application capable of sending data to other already installed applications in a format that they can accept?
• Can the application operate within the organization’s current network environment?
• Who will manage the hardware (e.g., file servers and desktops) on which the application will be installed and accessed, and will they meet the organization’s standards for security, backup and recovery?
• Does the application meet the organization’s standard for the security and management of (often patient) data?

CIO Influence: Credibility Earned and Granted

In today’s environment, the CIO should be leading and managing the process of selecting, implementing and managing IT investments. In order to do this, the CIO needs credibility—a status that must be both earned and granted.

Influence and credibility earned through performance must also be granted, typically by the organization’s most senior executive (e.g., CEO). Both must be in place for the CIO to function as a leader of the organization’s IT Governance processes. In some situations, a high performing CIO may not be granted the authority to lead the IT Governance processes. The CEO on his/her own (or in conjunction with other C-Suite executives) may choose to keep IT investment decisions to themselves. This can lead to decisions about IT products and services that present serious connectivity challenges, may not be supportable by the IT Department (or in some cases, even by the vendor), and may even introduce significant risks to the organization. In these situations, the CIO’s primary challenge is educational, calling out the importance of risk management, the cost of ownership for investments, possible technological incompatibilities, and the need for active vendor management. Unfortunately, observations of this type may not be well-received, with the result being either “just get it done” or “move on”.

Earning credibility is a challenge much more within the control of the CIO. By establishing him/herself as a strong performer, the CIO can overcome issues associated with reporting relationships that have him/her reporting to another C-Suite executive and lacking a recognized “expertise” that earns other executives a seat at the C-Suite table.

The CIO can earn credibility and influence in part by being acknowledged by other members of the C-Suite and by the organization more generally, as a superb performer by taking responsibility and being accountable for the following activities:

• Establishing and supporting clear standards for IT activities throughout the organization;
• Successfully managing a high performing team of IT professionals who support organizational IT activities, including mainframe and server hardware and software, network, desktops, mobile, etc., to a high standard of performance;
• Creating opportunities for IT staff not only to perform at high levels, but to accept greater levels of responsibility;
• Engaging with non-IT staff in activities designed to increase the depth and extent of IT knowledge throughout the organization;
• Maintaining an appropriate balance between an IT environment that is secure from external intrusions while appearing almost seamless in its usability for internal customers;
• Establishing and maintaining highly transparent change management processes as the systems environment undergoes upgrades, enhancements and new implementations;
• Establishing, supporting and maintaining accountability for performance of new system installations in terms of time and resources;
• Establishing Total Cost of Ownership models for all applications and infrastructure investments;
• Being perceived as the “go to” department for the management of IT- related activities, which will include a strong project management discipline;
• Managing and overseeing a reliable IT infrastructure staffed by experts who in many cases have deeper technical knowledge than the CIO;
• Maintaining a clear-eyed understanding of what the business needs to be successful.

Concluding Observations

The most important role for the CIO in today’s healthcare organization is to manage the IT investment processes and to frame the questions that need to be asked about the potential effectiveness of various IT investment opportunities and alternatives. The CIO should not decide the IT strategy, but rather should manage the processes by which IT strategic investment decisions are made. In order to create the opportunity to influence—and manage–IT Governance, the CIO must bring credibility to the organization’s IT activities. Demonstrated credibility can lead to acknowledged expertise, which in turn can lead to an influential and respected role in the C-Suite, regardless of the CIO’s reporting relationship.

CIOs are often characterized as technology “evangelists”. It is tempting to chase every new technology that shows up at HIMSS or garners a financial commitment from a venture capital firm. And always, the next new game in town is expected to “transform” healthcare. News flash: it won’t.(14) Healthcare is arguably the most complex industry in our economy, and in many ways is seriously dysfunctional. Issues of cost, access and quality measurement have remained unsolved after decades of effort. And technology can do little to improve a fundamentally dysfunctional industry.

CIOs can have a clear and unique role to play in ensuring that an organization’s IT investments are best positioned to support its business strategy by influencing and managing the IT investment decision-making processes. This will in its own way increase the probability that the organization’s business strategy, and the care of its patients, will be successful.