Case 2.2

Business Case: Data Chaos Creates Risk

Data chaos often runs rampant in service organizations, such as health care and the government. For example, in many hospitals, each line of business, division, and department has implemented its own IT applications, often without a thorough analysis of its relationship with other departmental or divisional systems. This arrangement leads to the hospital having IT groups that specifically manage a particular type of application suite or data silo for a particular department or division.

Data Management

When applications are not well managed, they can generate terabytes of irrelevant data, causing hospitals to drown in such data. This data chaos could lead to medical errors. In the effort to manage excessive and massive amounts of data, there is increased risk of relevant information being lost (missing) or inaccuratethat is, faulty or dirty data. Another risk is data breaches.

• Faulty data By 2015, 96% of health-care organizations had adopted electronic health records, or EHRs (Office of the National Coordinator for HIT, 2016). It is well known that an unintended consequence of EHR is faulty data. According to a study published in the Journal of the American Medical Association, data in EHR systems may not be as accurate and complete as expected (Conn, 2016). Incorrect lab values, imaging results, or physician documentation lead to medical errors, harm patients, and damage the organizations accreditation and reputation.
• Data breaches More than 25 million people have been affected by health-care system data breaches since the Office for Civil Rights, a division of the U.S. Department of Health and Human Services, began reporting breaches in 2009. Most breaches involved lost or stolen data on laptops, removable drives, or other portable media. Breaches are extremely expensive and destroy trust.

Accountability in health-care demands compliance with strong data governance efforts. Data governance programs verify that data input into EHR, clinical, financial, and operational systems are accurate and completeand that only authorized edits can be made and logged.

Vanderbilt University Medical Center Adopts EHR and Data Governance

Vanderbilt University Medical Center (VUMC) in Nashville, TN, was an early adopter of EHR and implemented data governance in 2009. VUMCs experience provides valuable lessons.

VUMC consists of three hospitals and the Vanderbilt Clinic, which have 918 beds, discharge 53,000 patients each year, and count 1.6 million clinic visits each year. On average, VUMC has an 83% occupancy rate and has achieved HIMSS Stage 6 hospital EHR adoption. HIMSS (Healthcare Information and Management Systems Society, himss.org) is a global, nonprofit organization dedicated to better health-care outcomes through IT. There are seven stages of EHR adoption, with Stage 7 being a fully paperless environment. That means all clinical data are part of an electronic medical record and, as a result, can be shared across and outside the enterprise. At Stage 7, the health-care organization is getting full advantage of the health information exchange (HIE). HIE provides interoperability so that information can flow back and forth among physicians, patients, and health networks (NextGen Healthcare, 2016).

VUMC began collecting data as part of its EHR efforts in 1997. By 2009, the center needed stronger, more disciplined data management. At that time, hospital leaders initiated a project to build a data governance infrastructure.

Data Governance Implementation

VUMCs leadership team had several concerns.

1. IT investments and tools were evolving rapidly, but they were not governed by HIM (Healthcare Information and Management) policies.
2. As medical records became electronic so they might be transmitted and shared easily, they became more vulnerable to hacking.
3. As new uses of electronic information were emerging, the medical center struggled to keep up.

Health Record Executive Committee

Initially, VUMCs leaders assigned data governance to their traditional medical records committee, but that approach failed. Next, they hired consultants to help develop a data governance structure and organized a health record executive committee to oversee the project. The committee reports to the medical board and an executive committee to ensure executive involvement and sponsorship. The committee is responsible for developing the strategy for standardizing health record practices, minimizing risk, and maintaining compliance. Members include the chief medical information officer (CMIO), CIO, legal counsel, medical staff, nursing informatics, HIM, administration, risk management, compliance, and accreditation. In addition, a legal medical records team was formed to support additions, corrections, and deletions to the EHR. This team defines procedures for removal of duplicate medical record numbers and policies for data management and compliance.

Costs of Data Failure

Data failures incur the following costs:

• Rework
• Loss of business
• Patient safety errors
• Malpractice lawsuits
• Delays in receiving payments because billing or medical codes data are not available.

Benefits Achieved from Data Governance

As in other industries, in health care, data are the most valuable asset. The handling of data is the real risk. EHRs are effective only if the data are accurate and useful to support patient care. Effective ongoing data governance has achieved that goal at VUMC.

Questions

1. What might happen when each line of business, division, and department develops its own IT apps?
2. What are the consequences of poorly managed apps?
3. What two risks are posed by data chaos? Explain why.
4. What are the functions of data governance in the health-care sector?
5. Why is it important to have executives involved in data governance projects?
6. List and explain the costs of data failure.
7. Why are data the most valuable asset in health care?

Sources: Compiled from NextGen Healthcare (2016), Office of the National Coordinator for HIT (2016), and Conn (2016).