Ideally, IT will augment the care clinicians deliver to patients — providing information at their fingertips, saving them time, making processes simpler — all while keeping patient data safe. Unfortunately, data security and user experience are not always in equilibrium. A simple query can quickly turn into repeated password entry, denied access, help desk phone calls and delayed care.
"Ultimately in healthcare IT, I think our job is to make technology transparent to our clinical and business partners. That is, to remove the friction of technology from [their] day-to-day workflow," Wes Wright, CTO of Imprivata, said in a June 20 webinar sponsored by Imprivata and hosted by Becker's Hospital Review.
Mr. Wright — a retired Air Force Major and former CTO of San Diego-based Scripps Health, Sutter Health and Seattle Children's — believes the best way IT can support healthcare delivery is by increasing the speed with which clinicians can access the tools they need. "It's all about agility now. Not the speed of compute, but how fast can you get that differentiating product into your partner's hands," he said. "It should all be built on the foundation of simplicity."
If IT teams focus on simplicity, then stability, security and speed will follow — paving the way for quality care, according to Mr. Wright. He dubs this technical vision — that quality stems from stability, security, speed, which all grow from simplicity — QS4.
Here are three ways IT leaders can leverage the QS4 vision to improve the IT experience at their hospital.
1. Use a skateboard deployment model. The traditional waterfall model of IT deployment is quickly becoming a strategy of the past, according to Mr. Wright. "Most of our clinical and business partners don't think we deploy IT to make their lives more helpful because most of the stuff we have been forced to deploy from a security perspective does the opposite," Mr. Wright said. In a typical waterfall deployment, clinicians come to IT with a request, and the IT team sets out to build it. But when that application is ready 18 months later, it may already be outdated. "We end up building a Myspace page for them and we are living in a Facebook world," he said.
Instead, when a CXO, CTO or CIO faces a technology deployment, they should consider using what Mr. Wright calls the "skateboard methodology" or minimum viable product methodology. Under this strategy, IT rolls out upgrades in small, simple increments. So if a clinical or business partner is walking and needs to go faster, IT gives them a metaphorical skateboard so they can go faster right away. When that technology has run its course and the clinical or business partner says they need something better because they keep falling off, IT can add a handlebar to the skateboard, creating a scooter. "You are giving your clinical or business partners these little drops of value along the whole build cycle, and that's what keeps your clinical and business partners happy," Mr. Wright said.
2. Create an identity governance strategy. Identity governance helps automate access control as more applications are added, it helps leverage role-based permission so users can be granted access in groups and it can also aid with compliance by providing comprehensive reporting and risk analysis — ultimately simplifying IT across the board.
Many health systems may use homegrown identity governance, but the sheer number of roles in a healthcare institution often sets this type of solution up for failure, according to Mr. Wright. Instead he recommends using a dedicated product like Imprivata's for identity governance, which solely provisions people and tells the organization who was provisioned. "The closer we can get to building a simple solution for identity governance, the better off we are from a CTO perspective and the better off our clinical and business partners are," he said.
3. Single sign-on is the foundation of strong authentication. Single sign-on improves security without requiring more passwords and impeding clinicians from focusing on patient care. Ultimately hospitals can get to a point where they offer both remote access and seamless two-factor authentication, allowing uninterrupted access to workflows both inside and outside the hospital.
"We are trying to get back to that bottom pillar of QS4, and that's simplicity," Mr. Wright said. "The simpler I can make it for you to manage your entire enterprise single sign-on activity the better off you are and the better you can serve your clinical and business partner through security stability and speed because we already manipulated simplicity."
To learn more, watch the webinar here.