Four hospital IT experts shared best practices for top-of-mind digital health issues during a panel discussion March 6 at the HIMSS Annual Conference & Exhibition in Las Vegas.
The panel, presented by The Advisory Board Company and titled "What's keeping superstar CIOs up at night — and what they're doing about it," included Pamela Arora, CIO of Children's Health in Dallas; Arthur Harvey, CIO of Boston Medical Center; Ed Marx, CIO of Cleveland Clinic; and Naomi Levinthal, practice manager for research at The Advisory Board Company. Emily Rappleye, managing editor of Becker's Hospital Review, moderated the conversation.
Here are seven key thoughts the panelists shared during the discussion.
On the shift to the cloud
"The cloud is just somebody else's data center, and the reality is other people are way better at running data centers than I am," Mr. Harvey said, adding Boston Medical Center is a hybrid cloud environment. "Let the people who are better at [the cloud] do that. I wouldn't want them providing a trauma center, so why should I be providing the data center? … It's 'cloud first,' that doesn't mean 'cloud only.' That means be reasonable and rational about it, and put things in the cloud that make sense."
On deploying telemedicine to fuel a hospital's mission
"A lot of the drive around telemedicine was, and continues to be, the population health piece," Ms. Arora said, noting Children's Health has launched telemedicine programs at regional community hospitals and roughly 100 schools in the Dallas area. "Our mission is to make life better for children, and the way we do that is by going to where they live, learn or play."
On employee responsibility in cybersecurity
"It's not a matter of if, it's when. That's how we educate our leadership," Mr. Marx said. "I often ask myself and my peers: How many people do you have in cybersecurity at your organization? The answer, at Cleveland Clinic, is 55,000, because everyone is held responsible and accountable for security. It's not just up to me, and it's not just up to my chief information security officer. Sure, we steward over that, and we are transparent with that, but it comes down to individual responsibility. That's a key that's often overlooked."
On cybersecurity training for employees
"We do 'white hat' phishing periodically," Ms. Arora said, describing the practice of a mock phishing attempt to test a computer network's security systems. "Everyone is phished, and there [are] repercussions if you don't do well, and we work through that. One minor thing — it's low-tech, but seems to get some energy — is when we have people who [report a phishing attempt] … we have 'tin star' awards, and whoever gets the most tin star awards at the end of the year, we have this big trophy that we give them in a public setting."
On working out the kinks in an ACO
"The ACO is really a challenge for us, because it involves interoperability across a lot of different partners," Mr. Harvey said, referring to Boston Medical Center's Medicaid ACO, launched March 1. "As a CIO of a pretty good sized hospital, I'm used to being able to say, 'This is what we're going to do,' and seeing that it gets done. Now, we're collaborating with people who don't work for me, they're my partners, and we have to have a shared interest. That means there's a lot more negotiations … but it's been really good, because we've got a bunch of organizations partnered who share our values to care for this underserved population."
On retaining a strong IT workforce
"From a workforce standpoint, what we tend to hear is many employees in IT departments are overburdened, particularly with change initiatives," Ms. Levinthal said. "One of the best practices we've seen on that front is introducing a 'change calendar,' so people actually know what's coming down the pike. Another is just making sure that [employees] are not overburdened — whether that's with fun work or work that's not so fun — and that can involve things as simple as being transparent about workload."
On 'disruptors' entering healthcare
"My personal opinion as Ed, not as my employer, is we abdicated our responsibility to deliver patient-centered care as an industry, and as a result, these other companies are entering to do what we didn't do," Mr. Marx said. "It's a referendum on us, as an industry. They will disrupt us, there's no question about it … Our task is to collaborate with these new entrants, and really help lead the transformation of healthcare. Not to react to it or fight it, but to embrace it."