Healthcare Leadership Challenges in a Tumultuous Environment
Healthcare leaders are facing a landscape of unprecedented change driven by legislation, financial constraints and digital transformation. The interplay between these three forces requires a balancing act to manage resources and budgets. It also presents a unique opportunity for those prepared to innovate and rethink how they deliver care.
New and ever-evolving legislation influences reimbursement, licensure, quality, safety, privacy and security, and even patient access to care. Most recently, two areas of legislation have garnered the most time, resources and budget from healthcare leaders. Acknowledging the industry challenges brought about by legislation allows healthcare leaders to develop better strategies and more compelling outcomes.
The Health Information Technology for Economic and Clinical Health (HITECH) Act enacted as part of the American Recovery and Reinvestment Act (ARRA) to promote the adoption and meaningful use of health information technology led to a highest rate of application implementations in the history of healthcare. The adoption of electronic health records (EHRs) increased from 12% in 2009 to well over 80% by 2015 as reported by the office of the National Coordinator for Health Information Technology, a division of the U.S. Department of Health and Human Services.
The industry challenge: EHR optimization remains the top health IT priority for healthcare CIOs. More than 40% of hospital executives are either indifferent or dissatisfied with their current EHR system as reported by Practice Fusion in 2017. Despite high adoption rates for enterprise clinical applications, most healthcare organizations have sacrificed productivity and have not been able to achieve promised quality levels or expected efficiency gains.
Our Opportunity: EHRs are simply the first step to modernizing medical records. We have significant work ahead to transform data into insight, proactively manage chronic disease, close care gaps, effectively manage patient outcomes outside the hospital, improve care coordination, involve patient families and caregivers, and more. Healthcare leaders who focus on using this initial step in healthcare transformation are more prepared and better able to drive improved care in these areas.
Instead of focusing on the limitations of current EHR technology, the leaders in our industry are:
- Taking the first step toward population health by identifying and closing gaps in care
- Reporting on adherence to clinical guidelines and improving internal processes to make following those guidelines easier
- Tweaking their clinical decision support rules and alerts to avoid alert fatigue while still adding clinical value
- Investing in training and education to gain more value from the technology
- Identifying workflow inefficiencies to increase productivity and reduce clinician burnout
- Automating redundant and administrative tasks.
Health Insurance Portability and Accountability Act - Privacy and Security Rules of 2003 enhanced the HIPAA Act of 1996 to better protect patient privacy and secure health information. The legislation was primarily enacted to modernize the flow of health information, stipulate how personal health information (PHI) is protected, and address limitations in healthcare insurance coverage. The privacy and security rules of 2003 detail the three types of security safeguards required for compliance: administrative, physical and technical. They also identify security standards.
The industry challenge: HIPAA is often viewed as an administrative burden, a compliance hurdle, or a box to be checked. The complexity of the legislation paired with its penalties make it cumbersome to implement, manage and maintain for many organizations. Education and training are often lacking, which tends to lead to misinformation and misinterpretation of the rules. Beyond HIPAA, security and privacy remain one of the highest priorities for healthcare CIOs. The digital age has brought much higher risk of information being unintentionally shared, stolen, held for ransom, or used without proper authorization. According to the Ponemon Institute, healthcare data breaches are costing the U.S. healthcare industry an estimated $6.2 billion.
Our Opportunity: HIPAA Privacy and Security Rules have been successful in raising awareness about the importance of health privacy, improving the privacy and security of health data and health information systems, limiting the use of medical information for marketing, and ensuring that patients have access to and some control over their health information. The Privacy and Security Rules of 2003 offer additional guidance on managing digital health information.
Healthcare leaders are aware of the risks associated with using digital healthcare records. In the U.S., the number of healthcare data breach cases increased from 18 cases in 2009 to 365 cases in 2018 as reported by HIPAA Journal. In 2018, more than 13 million healthcare records were breached.
The leaders in our industry are working on preventative measures and recovery plans by:
- Examining cybersecurity best practices and techniques in other industries and developing their strategies based on cross-industry expertise
- Assessing gaps in their current cybersecurity approach
- Partnering with one or more cybersecurity vendors
- Investing in penetration testing to identify risk areas
- Training employees to help them understand the methods used for attacks
- Addressing security risks with their connected smart medical devices
- Restricting access by role.
The digital transformation in healthcare influences every aspect of care delivery, from the laboratory bench to hospital bedside, and into the homes of healthcare consumers. Legislation brings both challenges and opportunities on this journey. How leaders decide to respond to those challenges will be instrumental in defining healthcare.
“We are all faced with a series of great opportunities brilliantly disguised as impossible situations.”- Charles R. Swindoll