Home  |   Subscribe  |   Resources  |   Reprints  |   Writers' Guidelines

February 25, 2013

Control Your Data Domain
By Elizabeth S. Roop
For The Record
Vol. 25 No. 4 P. 10

A sharp data governance strategy allows healthcare organizations to better manage how information is collected, controlled, accessed, and used.

With each new system, software, or information exchange connection, the volume of patient data for which healthcare organizations are responsible increases exponentially. As a result, even those that are years away from the hundreds of terabytes of information required to enter Big Data territory are discovering that data governance is the weakest link in their HIT project plans.

Governance once “focused on information in the EMR, but now that patients are contributing though portals, e-mail communications, social networking, mobile apps, etc, the sources and types of data are growing along with the volume,” says Linda Kloss, RHIA, CAE, principal of Kloss Strategic Advisors. “It’s that volume and variety of data that are really giving rise to the interest in formalizing governance practices in healthcare organizations.”

Designing a data governance strategy can be daunting, but because of its role in the short- and long-term success of IT projects, it is no longer optional. The good news is that while data governance is an enterprisewide undertaking, it can be tackled incrementally. In fact, a bite-sized, per-project approach is perfectly acceptable and a smart way to lessen the intimidation factor.

Why it Matters
Kloss says when it comes to governance, there are three focus areas: IT governance, which governs the acquisition and management of technology; data governance, which focuses on the data flowing through the technology; and information governance, which encompasses all types of information, structured and unstructured, clinical and other types, and their use.

As a result, information governance is the broadest concept, with IT and data governance being essential components. Most organizations have put in place reasonable IT governance, but the management of information and data assets is generally lagging.

“Organizations are starting where they need to start, which is the core health record, but we need to think about this as something that is going to expand to other types of enterprise data and even beyond the enterprise,” Kloss says. “There are a couple of ways to frame this, but in its broadest sense, governance really refers to the specification of authorities and the guiding policies and practices. It is an enterprisewide framework that defines how information is collected, controlled, accessed, used, and managed. It spans strategies for use of information assets, how technology decisions are made, and how information is safeguarded and used. The policy framework and authority specifications of most healthcare organizations are inadequate for responsible stewardship given the explosion of digital information.”

Data governance also plays the critical role of ensuring the integrity of the data being used to make both clinical and business decisions, says Paula Edwards, PhD, a partner with HIMformatics LLC, a strategic consulting firm focused on helping healthcare organizations maximize their technology investments.

The focus on data integrity continues to sharpen as the healthcare industry evolves and consolidates. For example, acquisitions necessitate the merger of master patient indexes and financial records, while growing involvement in accountable care organizations and health information exchanges means care decisions are being based on information that often originates within other organizations.

Further, increasingly complex technology and data usage under advanced stages of meaningful use requires greater integration between disparate systems, expanded data access, and an increased amount of information exchange.

“Data governance shows the organization how to manage its data as an asset for operations, analytics, and predictive modeling,” Edwards says. “If you don’t have good-quality data and if people don’t understand what it means and how it should or should not be used, you could be making bad decisions because you’re using bad information.”

One of the easiest ways to understand the impact data governance can have on the success of IT projects is by examining the relationship between meaningful use and master data management, a key component of data governance. As part of their meaningful use strategies, facilities often purchase different modularly certified software to add on to existing systems. Whether these tools come from the same or different vendors, full integration is difficult to achieve.

“Different parts don’t share master data files, so multiple copies of master files, like a physician master, must be kept in different systems. If a copy in one system falls out of sync, multiple systems start to fail, and you can have a serious operational problem,” Edwards says. “The more integrated all these systems get, the more important data governance becomes to making sure they are working efficiently, accurately, and that there are rules in place to avoid production problems.”

Purchasing the latest and greatest technology solution may not be a panacea, Edwards cautions. “We try to make sure people understand that technology is not a silver bullet,” she says. “You can buy the best systems in the world, but if they aren’t implemented and used correctly, you won’t benefit. That’s where data governance has come up as a big need because [organizations] are running into data-quality issues and interface issues because master data management isn’t happening. Data flows across all the systems. It’s not just in little departmental silos anymore. Everything has to talk to each other.”

Edwards notes that a well-conceived data governance strategy must include defined roles and responsibilities that dictate how data are managed, including accountability for quality and guidelines for designing metrics and standards. Also important are policies governing how to manage data that flow across multiple systems.

“Historically, most places have done this piecemeal,” Edwards says. “There is governance to some degree, but it’s very informal and fragmented. People could still get done what they needed. But now, operations and systems are more integrated and people are sharing more information and doing more advanced analysis and reporting. Thus, things that used to be small data issues are now big data issues. [Lack of governance] is preventing them from doing what they need to in order to compete in today’s healthcare market.”

Kloss goes deeper, noting that the best data governance models include five elements, beginning with policies governing information design and data capture. The second element covers content and records management functions, such as how long information is retained and what constitutes the legal medical record.

“Those kinds of standard records management questions are more complex today than they were in the paper world,” she says. “It goes beyond selection to include how the technology is actually used. Who has authorization to do what? What kind of training is required? What is required to be on the patient’s problem list? All of these information design, capture, and management practices are very complex and many organizations are just learning as they go.”

The third element is what Kloss refers to as information analysis and exchange. This piece of the data governance puzzle is beginning to play out as organizations start extracting data for use in analytics. Again, it must entail who can access the data and how they will be used, handled, and shared across the organization.

Fourth is an umbrella element covering functions related to data integrity and quality, both of which must be managed proactively. This includes clear policies governing data entry, user training, and how databases are audited and errors corrected.

“The final chunk is all of the functions around accessing data securely and confidentially,” Kloss says. “When we talk about all of these functions, there are technologies that underlie how to do all these things, but the focus must be on the information and data.”

Like Edwards, Kloss is troubled with the thinking that purchasing another tool automatically is going to cure any headaches. “I am concerned that often the response to an information management need is to buy another tool when we know that sound policy should precede technology. While certainly a data warehouse or enterprise content management system or other technology may be helpful, it’s not going to provide the policy,” she says. “You have to do the hard intellectual work. How can you get your arms around this? You also need to realize that there is a lot of this that we don’t really now how to do yet. That’s the exciting opportunity for HIM, IT, CIOs [chief information officers], compliance, and legal. It’s absolutely a team sport. There’s an opportunity to really bring value to the organization and build bridges.”

Eliminating the Intimidation Factor
When the realization hits that data governance is the weakest link in IT project planning, many organizations can quickly become paralyzed by the seemingly overwhelming nature of the work required to rectify the situation. But there are ways to make the prospect of creating data governance far less intimidating.

For starters, it may not be feasible to tackle enterprisewide data governance. Developing strategies related to specific projects may be a more manageable approach. It allows organizations to evaluate polices that are already in place and leverage them to build individual elements of a framework that will eventually connect.

“You’re not going to put in world-class data governance overnight, nor do you want to,” Edwards says. “You need to start small and leverage some of the other formal and informal processes you have in place, then see where the gaps are and start addressing them. What is working and what is not evolves over time, so you need to see what you have now and how that can be leveraged to connect the dots across facilities and across silos within the enterprise.”

Oftentimes, a new IT project is the ideal catalyst for getting the data governance ball rolling. When committees are put in place to design and oversee a project, add an evaluation of policies that guide the use of the technology tool to the task list. By tasking the committee that is already focused on other aspects of a project with designing governance around that project, it is far less intimidating and far more effective.

For example, Kloss points to the transition to ICD-10 as an ideal project for chipping away at data governance because it is a function that touches nearly every part of an organization. “If we can think about data governance for that, we will learn more about what it will take to broaden it to other enterprise data,” she says. “The organization may already have a steering group guiding the project. It may be possible to add information governance as a charge to this group. Success will also require appointing a data governance lead staff.”

Getting Past the Paralysis
By approaching data governance as part of an overall project plan, healthcare organizations can break through the paralysis that prevents many from tackling the issue head-on. It also ensures the strategy that is ultimately established is comprehensive and current rather than a retrofit of past policies that may be outdated.

In addition to a multidisciplinary committee representing clinical, IT, HIM, and any other department that will interact with the data, appointing a well-respected leader to own data governance is a smart strategy. Such a tactic should keep things moving forward, even if it is incrementally by project.

“It’s like anything else. You want to identify areas where you can have some small wins and areas where if you don’t focus on [governance] it prevents the organization from deriving the benefits and value from the information investments that have been made,” Kloss says. “It will never be perfect … but we have to get more sophisticated about this in our organizations in order to give confidence to those we are asking to use these data to make decisions.”

— Elizabeth S. Roop is a Tampa, Florida-based freelance writer specializing in healthcare and HIT.