Welcome to the first blog in our series on Information Governance. Before we dive in to the nitty-gritty details, let’s cover the basics.
What is information governance?
Information governance is the management of information at an organization – a deceptively simple definition for something that is, in fact, very complicated.
First, consider all the different types of information your organization has and all the disparate systems that capture it (some of which you may not even know about). Think about the different kinds of data collected: contact information, clinician notes, blood pressure values, lab results, billing information, employee information, and so on and so forth, and how the clinicians and staff in your organization interact with it. Now that you can appreciate the volume and the complexity of the information, let’s factor in the different regulations that come into play for each piece of information – RAC or other audits, HR and legal restrictions, HIPAA compliance, etc. To complicate things even further, in addition to federal initiatives, there are local and state regulations that vary from state-to-state.
Like I said, that definition is deceptively simple.
Why is information governance important?
Besides the fact that complying with healthcare data regulations is the law, knowing what systems you have in place and how much they cost, what information those systems gather, how long you’ve got to store it and how often your staff needs to access it can help you:
Identify opportunities to shrink your IT footprint and save money. You can’t identify potential savings if you don’t know what systems you’re currently spending money on and why. Eliminating the maintenance and licensing fees for a legacy system housing data that no one needs to access anymore is a quick win in the budget column.
Improve your users’ experience. In addition to streamlining your technology, properly managing information is important for your end users. You need to understand how your current infrastructure fits into your staff’s workflows. What systems do they access? How frequently? Answering these questions may help you discover your providers must input duplicate information in multiple systems. Implementing one integrated system would save time (and money) while elevating the user experience.
Stay focused on cyber security. Hackers love aging technology. Legacy systems that have outlived support are significantly more vulnerable to cyber security threats. Maintaining a list of hardware and software your organization uses, as well as the relevant information on renewals, support availability, and your users’ satisfaction will help in identifying where your risks lie.
Serve up valuable information for analytics and research. It’s a snowball effect: Having healthcare data to analyze leads to new ideas, treatments and innovations – which leads to better outcomes. But it only happens if you can provide the right people access to the right data, when, where and how they need it. No one can properly harness and utilize your organization’s “Big Data” without information governance.
Avoid fines. We’d be remiss if we didn’t circle back to the whole “it’s the law” thing. Knowing your local, state, and federal regulatory mandates is critical to your information governance policy.
Where to start?
…or improve upon your information governance policy? We recommend you start with an applications inventory. You don’t know what you don’t know, and until you do know, you can’t manage it. So, get to know your systems, inside and out—especially the ones you may not have known existed at your organization!
If this first step seems daunting, don’t worry… we’ve got a blog for that. Up next in our information governance series we’ll review what to include in your applications inventory.