The most dangerous health IT trends: Insights from 8 execs

The pandemic amplified the need for advanced data analytics, virtual care and remote work in healthcare, which many consider positive trends to improve clinical quality and care access.

But the swift transition also created new challenges for executives at the top of healthcare organizations. While some are hitting the brakes on IT as COVID-19 cases wane and budget constraints place more scrutiny on spending, others see IT investment as critical to providing high-level patient care.

The pandemic also gave rise to new cybersecurity threats for health systems, which will require additional investment.

Here, eight IT executives outline the most dangerous trends they're seeing in health IT today.

BJ Moore. Executive Vice President and CIO of Providence (Renton, Wash.). A health IT trend that causes me pause right now is the rate in which healthcare companies embrace new technology. From my perspective, healthcare systems across the nation are about 15 to 20 years behind other industries. We need to be more quickly embracing cloud computing, machine learning and artificial intelligence, big data, Internet of Things, consumerization of health experiences and other emerging technologies to accelerate health insights, improve caregiver productivity and to improve access and health outcomes for our patients.

John Bosco. Senior Vice President and CIO of Northwell Health (New Hyde Park, N.Y.). To me, the most dangerous trend would be for CIOs to assume it's back to work as normal before the pandemic hit us. As with most major events like this, the hardest work doesn't happen during the event itself but rather with the recovery from it. This was the case with Superstorm Sandy on the East Coast as well as other emergencies we have experienced. Even though this pandemic is still ongoing, we learned many lessons, not only about how to respond even better the next time, but it also pointed out inefficiencies and areas in our organizations where improvement is needed.

For IT, the pandemic emphasized the importance of telehealth, more healthcare services in the home, more digital apps for patients to stay connected, more real-time data and analytic capabilities, and others. Even though we are all trying to deal with the financial fallout from the pandemic, it would be dangerous not to address these areas, as well as look for ways in IT to be more efficient and reduce costs.

Michelle Stansbury. Vice President of IT Innovation at Houston Methodist. As health organizations continue to innovate to provide a better consumer/patient experience, create efficiencies for clinicians and utilize data to improve the health of our population, organizations could easily overlook the importance of data security. Even one security breach is one too many, which is why Houston Methodist created a work group that focuses on data use and sharing. Innovation is important, but so is data security, and it must be protected. New startup companies will need to ensure their products meet security standards as we continue to innovate in the new digital space.

Zafar Chaudry, MD. Senior Vice President and CIO of Seattle Children's. I believe the most dangerous trend in health IT today is medical device vulnerabilities. We've been talking about this for years. The COVID-19 chaos has triggered hackers to exploit the weaknesses that are seen in legacy medical devices. Many medical devices continue to use outdated operating systems such as Windows 7, making them an easy entry point into a hospital network for a hacker. Add to this the expanded use of telehealth and remote patient monitoring and the plane of entry to a hospital's network is widened further. I only see the situation getting worse unless we take remedial action soon.

Lee Carmen. Associate Vice President for Information Systems at University of Iowa Hospitals & Clinics (Iowa City). I think one of the most dangerous trends in health IT right now is the increasing demand to integrate clinical data across different sources and from different organizations without a national patient ID. The potential to improve care by providing all clinicians involved in the care of a patient with a complete view of the clinical data associated with that patient is significant, but relying on patient-matching tools that reference multiple data elements with different levels of data integrity is unacceptable; it adds complexity to the systems and introduces unnecessary risk.

Rich Temple. Vice President and CIO at Deborah Heart and Lung Center (Brown Mills, N.J.). During these very difficult times, I see the most dangerous trend in health IT is the expectation that providers can cut IT staff and budgets without acknowledging the immediate and downstream costs of making these cuts, such as the diminishment of quality of vital technology support services, the reduction of insights into how to do more with less during very troubled financial times, and the increase in potential downtimes and cybersecurity risks due to aging equipment and lack of investment in needed protections. I very much credit my own hospital for resisting these urges as much as possible and always hope that our IT department can always deliver the necessary strategic and operational value to our organization to justify the need for as robust an IT footprint as is practicable.

Michael Restuccia. Senior Vice President and CIO of Penn Medicine (Philadelphia). In the midst of this pandemic, I believe the most dangerous trend to health IT is government overregulation regarding patient data-sharing. The newly proposed rules are complicated; all use cases have not been considered, and getting clarity from officials is virtually impossible. In addition, with most health systems' administrative workforce working remotely, collaboration amongst the necessary parties to successfully plan, operationalize and address the regulations is difficult, especially with the many critical activities facing organizations due to the pandemic.

Conrad Band. Chief Information Security Officer of Children's Hospital Los Angeles. The combination of hastily moving workers remote with the relaxed Office of Civil Rights rules has lowered the guard of many healthcare organizations. For those that plan to continue remote operations for the foreseeable future, the security perimeter is now likely more stretched than ever, reaching into peoples' homes and as far as their IoT devices. Organizations with new remote and hybrid workforces will need to adjust their cybersecurity budget and strategy to accommodate this new normal, working to better protect their assets from evolving risks associated with maintaining a decentralized workforce.

Additionally, they will need to adjust their strategies around training and awareness, asset management, vulnerability management, identity and access management, as well as data loss prevention, backups and supporting policies. For those that were forced to jump into telehealth, laser focus should be given to ensuring that appropriate measures have been taken to protect the privacy and security of the patients and their data.

Thank you to Katie Adams for contributing to the development of this article.

More articles on health IT:
5 hospitals, health systems piloting digital transformation programs
San Antonio hospital accidentally posts information of 1,200 patients online: 4 details
Epic alters employee return-to-campus plan, taps Cleveland Clinic for review

 

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.