Few health IT professionals understand what it takes to foster great vendor-hospital partnerships like Gus Malezis, president and CEO of Imprivata.
Mr. Malezis is widely respected as a visionary leader in the information technology security industry, where he draws on 30-plus years of experience. Throughout his career, he has earned a track record for building and growing technology and security companies such as Tripwire, McAfee and 3com.
Becker's Hospital Review caught up with Mr. Malezis about hospital-IT vendor relations and what Silicon Valley can learn from the health IT environment.
Editor's note: Responses have been lightly edited for style and clarity.
Question: Cerner awarded Imprivata their 2017 partner of the year award! What does it mean to be a great partner, and where do you see room for improvement in vendor-to-vendor or vendor-to-hospital relationships?
Gus Malezis: We are truly excited and delighted to have received this award from Cerner. It underscores the fact that Imprivata is viewed as a strategic vendor, and as a partner, to both Cerner and the Healthcare IT market we serve. This recognition points to how vendors should work: for the success of the customer, in highly complex, mission/people-critical multivendor environments. Interoperability is the key to improving any vendor and customer relationship. Quite simply, core EHR and other health IT vendors must open up and embrace the vendor ecosystem. Instead of just interoperability in assembly, for example, vendors need to think first of design and manufacturing interoperability. Cerner leads in that regard by thinking ahead of what customers might require and putting those design integrations in place. In fact, they have a whole division dedicated to design integration, Device Works.
To get ahead of what customers will want in two to three years, let's design, build and implement with interoperability in mind. EHRs can lead the way here, by driving to add more value and streamlining functions of clinicians and hospital staff, as well as patients.
Q: Cyber attacks, clinical informatics, poor interoperability — hospital CIOs and CTOs certainly have a lot on their plate, all of it urgent. How do healthcare executives decide what to address first and what to put on the back burner?
GM: CIOs, CTOs and chief information security officers have a truly challenging environment to operate and deliver in. They have a mission-critical business environment to support, and they often also support and maintain an extensive third-party commercial ecosystem, all of which demands effective, reliable and simplified service. Yet all technology decisions should be considered on one basis: adding strategic value to the business. From this perspective, the company's CIO, CTO, CISO — and possibly even the CEO — should all consider and align on how technology can deliver the following:
- Value to the business
- Enable and support core/critical business initiatives and functions
- Offer unique differentiated and competitive business value
- Present a quantifiable and compelling ROI
- Create/adopt and observe a well-respected framework for both IT and cybersecurity, with the following attributes
- Non-intrusive — and ideally invisible — technology and functionality
- Dependable, resilient, secure, compliant
- Affordable
- A path to the future
The above demonstrates there is much to do, yet these will also significantly address the opening questions. This strategy will be able to counteract nearly all security events, including malware and cyberattacks. When impacted, the network system will be able to rapidly restore service and improve its controls.
On the specifics of interoperability, healthcare IT has made great progress, yet a great deal remains to be done. Customers should demand higher levels of interoperability and standards adherence from vendors, while vendors should continue to embrace (and ideally seek ways to further enhance) the ecosystem.
So, the main consideration is: How do you deliver value to the business, with a consistent and resilient delivery of service? You need to think of all the elements, have a strong strategy and plan, and consider rapid recovery. Effective delivery of service requires a design that delivers great workflow along with security and interoperability.
Q: Public perceptions of Silicon Valley and its IT giants changed significantly in 2017. Do you see any ripple effect in the health IT world?
GM: Health IT is traditionally more conservative than the conventional IT industry, and for good reasons. Because we have patient safety as our primary responsibility, we can't waver on mandatory requirements that may be considered optional in other industries. In healthcare, it isn't about just delivering a service; it's about doing so in a consistent, high-trust, secure and compliant manner without compromising the patient in any way.
I think we're seeing Silicon Valley taking a more responsible approach to service levels in ways that are closer to the healthcare IT standard of service. Silicon Valley companies are realizing healthcare IT service must be secure, compliant, invisible, always available and high quality. This is making Silicon Valley a far more attractive business partner, and they are seeing the corresponding benefits. As these companies raise their level of service, we establish more trust with our customers — we all benefit.
Q: If you could change one thing about healthcare overnight, what would it be?
GM: Interoperability of the IT ecosystem would probably be first and foremost. We are in a highly connected and codependent ecosystem (even if it is dominated by a few players), and so we should work as a truly connected healthcare delivery system in which mobile patients and their records go back and forth from one care setting to another.
To achieve this, however, we need to establish trust. The best way to do that will be through a high-quality, high-trust digital identity.
If I could wave a magic wand, I would provide industry interoperability — but we can't fully enjoy interoperability without digital identity.