Many organizations equate information technology governance with an IT steering committee that reports to the CIO. While this structure has been the norm for decades, it is not viable for organizations that want IT to deliver real value in terms of operational efficiency and effectiveness, and improved care delivery.
Organizations must retool IT governance to more appropriately match its role and impact in the organization. IT is already critical to hospital operations and productivity, and provides opportunities for competitive advantage. This trend will only escalate in the future.
At the same time, hospitals are facing many critical IT challenges. For example, the cost of system and network downtime has steadily risen. Security breaches and lost or stolen data are in the news, and can cause a decline in consumer confidence. The cost of implementing new projects and maintaining existing application portfolios is climbing. Organizations now are implementing new systems that cost millions and require years of staff time to implement.
In light of the level of automation, challenges and investment required, IT governance must be the responsibility of the board of directors and executive management, and viewed as an integral part of the organization’s overall governance plan. An effective IT governance plan includes a clearly defined leadership and committee structure, with specific functions and accountabilities assigned to each committee.
The IT steering committee is still a vital component of IT governance structure. However, key changes to the committee can improve results in today’s environment.
The CEO or COO should be appointed as the committee chair, with the CIO serving as secretary. Project management office staff should be assigned to prepare meeting materials, facilitate meetings and track open action items. A standing agenda item should be included for receiving updates from the IT strategy, technology and architecture committees. Finally, the IT steering committee should receive authorization from, and report to, the executive committee or board to decide on risk management tactics, the IT application portfolio and IT resources.
The IT strategy committee should be at the board or executive management level to ensure that IT is aligned with the organization’s strategies and goals. There also should be joint representation in all decision bodies, including the technical ones.
Additional subcommittees should be created as needed to address hospital- and health system-specific needs. For example, for clinical IT initiatives, many organizations have added a new clinical IT lead position called a chief medical information officer, or CMIO. This position provides a liaison between clinical care providers and IT and often leads a subcommittee responsible for addressing clinical IT initiatives.
For integrated delivery networks with multiple provider types, an IDN team should review applications and initiatives to determine if the application or initiative is applicable to the enterprise. Implementing an enterprise team can open dialogue between committee members about planning for centralization of departments and joining forces to reduce vendor expenses. This ongoing dialogue will reduce duplicative efforts and improve financial results across the enterprise.
Under this model, the CIO’s role changes to be more of a coach and educator to demystify IT for organizational leadership. Real value and return on investment are a result of both process and technology changes led by the business sponsor. Business sponsors need to be comfortable with the system capabilities and how each project will be managed in order to support business objectives. With very few exceptions, there are no IT initiatives; there are business initiatives with IT components.
Governance begins with setting objectives for IT and providing initial direction. From then on, it is a continuous cycle of measuring, monitoring, comparing and redirecting. A well-documented business case built with a standardized financial requirements tool is crucial to this process because it clearly identifies and measures the problems to be solved, identifies the process and technology changes and determines the benefit, or return on investment, to the organization.
In leading organizations, value and metrics defined within a business case are collected by business sponsors and the project management office, not IT. Business sponsors and the office also report progress and metrics formally to the executive team and board. At project completion, the original ROI expectations are measured against the actual end result. The project’s “lessons learned” are discussed and applied as part of the organizational learning curve.
Using this approach, the reins of the project are clearly in the hands of the departments and leadership that will reap the benefits, and who have the authority and desire to ensure that a project’s outcome is aligned with the original business case.
Ideally, the project management function should be separate from IT to promote objectivity and transparency. The project managers are ultimately responsible for managing the communication process that takes place between IT, project sponsors, project implementation teams and the IT governance committees.
In large organizations, the office of project management has dedicated resources that manage all IT projects. In smaller organizations, the management function for a project is jointly assigned on a temporary basis to IT and requesting department resources, with dedicated hours and appropriate PMO training.
Susan Davis is senior revenue cycle manager with CSC. Fran Turisco is a research principal in emerging practices in the applied healthcare research business unit for CSC.