If inertia can be a challenging force in healthcare, one can only imagine the impact associated with “historical inertia.”
For many leaders, however, it’s a reality faced every day, particularly when it comes to tools and procedures that have been part of the vernacular for so long. Case in point? Flow sheets, according to Anika Gardenhire, Chief Digital and Transformation Officer at Ardent Health.
As with so many concepts, “there was a lot of really good intent” behind flow sheets, which were created to improve communication during shift changes and facilitate documentation. And for a while, they achieved that feat.
But with nurses increasingly experiencing burnout – and shortages looming, perhaps it’s time for a shift.
Anika Gardenhire
“We have an opportunity to think about how we can create a more holistic and supportive experience,” she noted. During a recent Town Hall interview, Gardenhire – a nurse by training – spoke with Reid Stephan (VP and CIO, St. Luke’s Health System) about the key challenges with nursing documentation, and the pivotal role that clinicians and EHR vendors can play in improving usability.
When it comes to patient care, the ultimate goal is to have “all of the specialties come together in concert,” she said. “And I genuinely believe in nursing as the coordinator of care.”
Nurses, she continued, are meant to “provide support and clarity of message across the specialties,” which makes sense, as they spend the most time with the patient, and can therefore “see them actively improve or decline over a period of time in a way that’s not inherent to the workflow of other disciplines and how they might interact with the patient.”
That narrative nurses provide plays a critical role in ensuring continued care for the patient – not just by presenting information, but doing so in a snapshot format, Gardenhire said. Initially, the transition to flow sheets made sense. However, as more boxes and dropdowns have been added, the process has become increasingly cumbersome, which has led to some hand-raising.
“It’s important to question which of these things are actual requirements, and how much of it is grounded in historical inertia,” she stated. “We need to come to the table and say, what is it we’re trying to do? If we want to make sure we can capture trends over time or make sure discrete data elements are there, is this the best way to do it?”
Determining that will be a multifaceted process, noted Gardenhire – one that should start by acknowledging that nursing is both an art and a science. “We spend a lot of time focused on figuring out how to capture the science that we might have forgotten to make sure we provide a documentation capture that also allows for the art,” she said. “I would hate to see us lose that.”
Because while it’s important for nurses to be able to titrate drips and make quick calculations in the ICU setting, for example, it’s equally vital to factor in the conversations that happen with patients and family members that can fill in key pieces.
“It’s not just about what’s happening on the outside with the science,” she said. “It’s the conversation you had with a patient while you were holding their hand, looking at the monitor and thinking to yourself, what would actually give this patient the encouragement that they need in order to fight the battle? Those things are really important for us to capture and understand.”
The big question, of course, is how. Step one, according to Gardenhire, involves seeking input and involvement from those who are currently practicing at the bedside. One grievance she has heard is the inability of dropdown menus to let users state what’s happening with the patient.
Another is the burden that comes from recording results. In an ideal setting, if a number comes off of something in my vicinity, I shouldn’t be expected to write it down,” she said. “I should be expected to look at the number and then document the things that are happening and what I'm doing about it.”
Nurses, she added, don’t need another data element. “We need suggestions based on analysis of background data. We can then take that suggestion and combine it with contextually aware information we’re getting from our five senses,” as well as the instincts nurses have developed after countless hours spent with patients.
The other party that should be involved? EHR providers, who she believes should work hand-in-hand with nursing organizations and other stakeholders to rethink documentation processes. “There’s an opportunity to have them come together with clinicians” and help drive important conversations,” Gardenhire notes. “There are things we can do now that we literally could not do in the past, and that creates a certain type of permissive rethinking.” And while it won’t necessarily be quick or easy to bring these experts together, “it’s an investment we need to make in order to support the future of clinical care.”
In conclusion, she urged leaders to continue to “be curious and think big,” particularly when it comes to developing processes that free up precious time for care providers. “Don’t let historical inertia block your thinking.”
One of Chase Franzen’s favorite quotes goes back to his days as a Taekwondo student: “Good is never good enough.”
At first glance it may seem defeatist; but in fact, the phrase refers to the constant pursuit of self-improvement – which he believes is quite apt for CISOs in the current healthcare landscape.
“It’s the idea of perpetually moving forward, getting better, and never being complacent,” said Franzen. At Sharp HealthCare, that means not just keeping the staff educated on the latest security threats, but doing so in innovative and “fun” ways.
During a recent Unhack the Podcast, he spoke with Drex DeFord about the “different approach” his team has adopted when it comes to boosting cyber-hygiene, the need to tailor education to fit users’ needs, and the key components of their AI governance strategy.
Chase Franzen
For cybersecurity and IT leaders, one of the most significant hurdles is getting the message out in a way that resonates. “We can teach anyone about safe cybersecurity practices,” he noted. “The difficult part is, how do we appeal to people? How do we meet them where they are and make it applicable to them in their daily lives?”
Doing so requires a solid understanding of human behavior, which is why Sharp brought on Peter Lopez-Perez, a licensed therapist. In his role as Cybersecurity Engagement Specialist, Lopez-Perez collaborates with other departments to help deliver awareness training, manage incident response plans, and stay informed about emerging threats.
“We’re taking a unique approach,” said Franzen. Instead of trying to “shove technology words and concepts down peoples’ throats, we’re meeting folks where they are through targeted training.”
How? One way is to go right to the source, which entails sending out queries to leaders, asking questions like: “what are you seeing about AI and cybersecurity that are confusing, interesting, or scary? What can cybersecurity do to help?” he noted. “Do you want us to come to your groups, to your huddles, to your staff meetings and tailor education around these topics?”
The response has been “phenomenal,” Franzen noted, because his team isn’t just asking critical questions: “We actually do it. We’re not coming with the same stuff we’ve regurgitated a million times.”
To help lessen the load on cybersecurity, Sharp has established an ambassador program which includes monthly educational sessions focused on specific areas. The most successful to date was a session on the importance of cyberhygiene at home, where attendees learned how to avoid common scams. The idea, according to Franzen, is that those behaviors would be applied at work as well as at home.
Other popular programs have centered around topics like spotting deep fakes, or demonstrating how scams are constructed. “We showed how a cyberattacker does open-source intelligence and crafts a phishing email, including how they spoof email addresses,” he said. “From a non-technical perspective, we pull back the curtain and show how it’s done.”
What makes the programs so valuable, however, are the takeaways. “It starts a conversation, and we end it by saying, ‘these are the salient points we want you to take to your team.”
An aspect that’s becoming a big concern, both for staff and leaders, is the use of GenAI in cybersecurity. Although tools like ChatGPT can offer “a world of benefit” by increasing visibility into nefarious activities, there are still serious concerns around the lack of guardrails.
“I go back and forth,” Franzen stated. “I’m super excited about the potential, but at the same time, I’m fearful of the ethical implications. I’m worried that healthcare in general doesn’t have effective oversight and discipline.”
Additionally, there are concerns around power consumption and finances, to name a few. “It’s really expensive. Are we recognizing the full cost of creation and ownership?”
And it’s not just the cost aspect, although that is significant. The technology itself is evolving rapidly. “Every day there are new capabilities, new LLMs, new agentic features. Trying to wrap your arms around it is challenging,” he said.
To that end, Sharp has created a multidisciplinary committee that examines AI solutions from a “true, complete cost perspective,” while also carefully examining the vendors. “Is this someone we want to do business with in these critical areas?” he said. “Are they doing AI correctly? Are they ethical?”
At an organization like Sharp, which is tracking more than 100 AI applications, these "philosophical conversations” have become critical, and will continue to grow in importance. For cybersecurity professionals, it means being willing to keep widening the scope and staying abreast of the ongoing changes in the industry.
And, of course, continuing to chase the “good.”
When William Morgan, MD, arrived at Copiah County Medical Center four years ago, it was supposed to be for a short-term assignment. What he saw, however, wasn’t a quick fix that needed to be made, but rather, something much bigger.
“It was an opportunity to make a difference,” he said. Specifically, to transform a critical access hospital into “the model for what rural hospitals in the state of Mississippi, and beyond, can be.”
Fast forward to today, his team has made incredible strides. All it took was an investment in cutting-edge technology, strong vendor partnerships, buy-in from the organization, and a solid focus on the unique needs of the community.
During a recent TownHall episode, Morgan, who serves as CEO, spoke with Sarah Richardson about his team’s strategy and shared best practices for other organizations.
William Morgan, MD
Not surprisingly, one of the keys to success they found is to start with the problem, not the solution. For Copiah County, it was the high number of critical care patients being transferred to outside facilities.
The solution involved partnering with Nateera and Artisight – in conjunction with University of Mississippi Medical Center for Telehealth – to launch a series of initiatives leveraging AI tools and telehealth technologies to prevent falls and identify patients who are deteriorating.
“We’re working with Naterra to trend vital signs so that we can intervene prior to patients having an adverse event,” Morgan said. “We’ve developed an algorithm in partnership with our critical care doctors to determine which patients can stay in our hospital and receive a TeleCritical care visit.
Before this tool was in place, ER physicians were “automatically transferring” patients with conditions like diabetic ketoacidosis so that they could receive appropriate care. Now, “a thoughtful evaluation is being done and assessments are being made” based on the data available, which not only enables Copiah County to provide a “higher level of care,” he noted, but has also yielded another critical benefit.
Nurses are gaining valuable learnings that otherwise wouldn’t have been possible. “They’re now comfortable treating critical care patients,” Morgan said. “They learned how to access graphs and shunts to do tele-dialysis,” as well as how to utilize the complex machines. “None of this existed prior to these projects. They really served as a platform for us to not only educate our nurses, but also build a sense of pride in them about what they're doing and what they're accomplishing.”
Although the technology clearly played a critical role in Copiah County’s success, it’s just one factor. What’s just as critical, he noted, is finding a “willing partner.” Companies like Nateera are “looking for partners to develop their products.” In turn, “we offer the setting in which products can be deployed, studied, and refined.”
When it comes to AI, the ability to validate data and constantly seek improvement is critical. “None of us know what we don’t know. AI is still new,” he said. “When you see that it tells you, you have to validate it.” Having a partner that will come onsite after a product has been deployed and continue to work through issues can make a significant difference.
His other piece of advice?
“Don’t be afraid of taking risks and trying out technology,” he noted. “You will have challenges with adoption in the beginning. You need to grit it out and continue to encourage your staff, your board, your physicians, and all providers that this is a worthwhile endeavor.”
For Copiah County, it has been. By leveraging technology to improve care and expand access to specialist care, they’ve shown that they’re prepared to invest in the organization – and consequently, provide better care. “As people recognize the resources that we’ve put into these projects, they’re no longer seeing us as a sleepy rural hospital,” Morgan said. “You don’t have to go to Jackson to get care. We’ll bring Jackson to you, because you’re gonna see the same specialist here that you see there. Our community understands that it’s an added layer, and they’ve embraced it.
No one wants to think about ransomware events and the absolute havoc they can wreak on an organization. But for healthcare leaders, ignorance is not an option. In fact, one expert advises doing the opposite.
“We want to talk about it as much as possible before we have an event,” said Brian Zegers, Information Security Officer at Lee Health. “We don’t want to try to figure it out in the midst of a storm.”
And the storms have come. Last year, two major ransomware incidents occurred within months of each other, resulting in widespread disruption and financial devastation. “The more we can figure out now, the better,” noted Lee.
While there’s no way to predict when and how a cyber event will happen, there are critical steps that can be taken to ensure teams and organizations are prepared to handle the fallout. During a recent Unhack the Podcast, Lee and Aaron Heath, CISO and Cybersecurity Counsel at the Medical University of South Carolina, shared some of the strategies they’ve employed, from infrastructure realignment to “internal poaching,” and discussed their biggest concerns.
Aaron Heath
One concern at MUSC was the number of freestanding EDs that don’t have sufficient network connectivity, which has led to some “pretty acute problems” for those areas. To remedy that, Heath’s team is looking at different options, including using satellites to maintain connectivity.
As it stands now, an outage can cause serious issues, “because there generally isn’t much infrastructure out there that can run out to them,” he said. “We’ve had cases where we have backup cell coverage to be able to maintain connectivity – they're still running on the same lines.”
It has become clear, he added, how interdependent connectivity is, particularly in rural areas, and how strongly facilities rely on technology. And so, “we’re looking at what type of benefits satellite services can provide for us,” while exploring other ways to increase resilience.
Of course, it isn’t just technical challenges that can get in the way; sometimes, the problems stem from the organizational structure. That was the case at MUSC, where leadership recently pulled infrastructure, network, and endpoint engineering teams into the security office in an effort to align strategically. “We ended up bumping into each other every time there was an issue on the network,” he said, explaining the decision to “get everyone on the same team” and establish “strict alignment.”
The more closely teams are able to work together, the more easily they can identify opportunities – and uncover mistakes. “I can’t tell you how often we’re finding things that a CISO should be concerned about,” Heath said. “It’s all interconnected. That’s where everything is going.”
Because of that connectivity, it’s more vital than ever that organizations have a firm plan in place to manage a cybersecurity event. At Lee Health, Zegers’ team has implemented a ‘recovery from ransomware’ initiative. Through tabletop exercises and sub-work streams, they’re “looking at all the different aspects of what we would be dealing with in a ransomware scenario,” whether its storage capacity or timing to get back online. “Infrastructure might say, ‘we have snapshots’ or ‘we have backups,’ but let’s dig into that,” he said. “Do we have that across the board? What does that mean? And so, it’s letting us have a lot of great in-depth conversations, and get teams outside of cyber to think about what would be involved in this process and try to brainstorm as much as possible pre-event.”
Brian Zegers
To date, his team has developed several sub-work streams focused on updating the response playbook to offline locations for documents to ensure staff have the resources they need. These conversations, he added, are extremely important, and should include teams outside of IT and cybersecurity. “This helps us in preparation of [ransomware] events, but also with our overall disaster recovery planning, because a lot of this stretches into other areas,” Zegers noted. “I always hope it’s not a cyber event that causes us to exercise these things, but it’s hard to get those conversations going and keep people involved. And so, this has really helped.”
Another critical step in laying a solid foundation? Building a strong cybersecurity team – something that has proven challenging across the industry. At Lee Health, where Florida residency is required for all staff, Zegers has found that the best candidates may already be in house.
And so, one of the “different avenues” his team has pursued is to identify candidates from other departments and try to recruit them. “In cybersecurity, you need a specific skillset and mentality and an appetite to learn,” he said. “They don’t need prescriptive steps as to what to do next.” Instead, the right candidates are able to pinpoint and figure out problems – and perhaps even more importantly, realize when a problem needs a whole new approach.
“It’s knowing when to call it and say, ‘let me not spend more cycles on something and go down a rabbit hole,” Zegers noted, adding that it’s no easy task. “You also need a good understanding of the infrastructure to be able to do that. Internal poaching has helped us identify really good candidates and bring them in.”
If that’s not an option, he also encouraged peers to cultivate relationships with local universities and other healthcare organizations, and leverage them to connect with candidates. “You have to keep those stokes in the fire” and continue to feed the pipeline, Zegers noted.
Heath concurred, adding that he’s excited for the future and has become “passionate about identifying people who have the right mindset,” and following the steps needed to develop a strong cybersecurity posture.
Because when you are able to change a process or see an improvement, “it is the greatest hands in the air feeling to be able to see that quantitative impact.”
As nurses and physicians continue to exit the workforce, healthcare organizations are pulling out all the stops to try to turn the tide, whether it’s automated staffing or continuing education opportunities. But as leaders are learning, the most powerful for retaining top talent – nursing, in particular – doesn’t involve any technology.
“It’s that culture of empowerment that drives retention,” said Theresa McDonnell, SVP and Chief Nursing Executive, Duke University Health System. “When people feel like they’re just a cog in a wheel, they don’t feel any sense of belonging.”
At DUHS, her team has made a concerted effort to involve frontline workers in the discussion, and has seen impressive results.
In a recent Keynote episode, McDonnell spoke with Sarah Richardson about the strategy they’ve mapped out, what she believes are the keys to fostering innovation in the clinical environment, and the enormous potential AI holds – if leveraged the right way and guided by the right people.
Over the past few years, DUHS has reduced nursing turnover by a significant percentage (going from 21 to 11 percent), thanks to a series of initiatives. Among them, virtual reality-based workplace safety training and AI-powered staffing tools, both of which have been widely accepted.
Theresa McDonnell
But the biggest difference maker, according to McDonnell, has been an emphasis on “engagement, listening, and understanding the pain points,” she said. Her team seeks to do that by not only asking about “the pebbles in their shoes,” but seeking input on the best path forward. “That helps create a culture of empowerment.”
Another key step they’ve taken? Sending out surveys to measure the pulse of the culture and ensure all staff feel a sense of belonging within the organization. They do, according to the most recent iteration of the survey. “Our scores were some of the highest we’ve ever seen, and we benchmarked far higher than some of our sister organizations,” she said. “That brings me joy to know that people feel like they belong here.”
As a nurse practitioner, McDonnell is uniquely attuned to the needs of frontline workers, and has made a point to prioritize them. “I know the challenges of seeing patients in a clinic, and the challenges when things don’t go right,” she said. “That experience helps me bridge the gap between what happens on the front line and the decisions we need to make at the highest levels of the organization.”
For leaders who don’t have clinical experience, it’s critical to carve out time for rounding – and make themselves available for conversations. Doing so, she noted, can help build empathy and strengthen relationships. “You have to be able to walk in the other person’s shoes and understand their pain points, their anxiety – the thing that’s driving them,” she added. “You need to talk to people and be present. When people are willing to talk to you and share all the things that they see are wrong, that to me is success.”
Another core function of healthcare leadership, particularly in recent years, is the ability to foster innovation. At DUHS, “a number of different levers” are pulled to create a culture of innovation.
In addition to hackathons, which solicit ideas from thousands of staff, the organization recently launched an initiative geared specifically toward nurses. The goal was to make it user-friendly and easily accessible, which her team accomplished by creating a QR code that walked participants through a series of questions. Ideas were then organized into buckets based on scope and budget requirements.
While some of the days can be incorporated right away – for example, a pitch to make walkers available in interventional radiology – others are heavier lifts that need to be baked into the budget. What’s important is that a blueprint has been established for sharing ideas, which can significantly boost satisfaction.
“When you have a group of nurses that are frustrated about the thing that they can’t fix for the patient and you bring them a solution, that unlocks something,” she noted. “They can start thinking bigger.”
Perhaps the biggest (and most talked about) concept out there right now is AI – specifically, how it’s being used to boost efficiency and alleviate some of the burden on care providers. It’s an area that holds a massive amount of potential, but must be harnessed in a thoughtful way, according to McDonnell. “Technology is coming fast and furious, and I personally believe that nursing and frontline clinicians need to own what that integration looks like. We need to embrace it.”
Doing so is becoming increasingly vital as the silver tsunami approaches. “We have an aging population and we have dwindling resources, meaning our precious human resources,” she said. “We simply don’t have the size and magnitude of workforce that we need.” The question then becomes “how do we integrate AI and technology in a way that really allows nursing, advanced practice providers, and physicians to utilize that technology and provide the best comprehensive care experience we can to patients?”
It’s a complex question, but one that leaders can’t avoid. What they can do is have critical conversations about how to leverage both AI tools and clinical experience to augment the care paradigm. “What does a truly integrated, team-based care model look like? That’s the key,” she said.
For McDonnell, it’s a willingness to think – and even step – out of the box. “We need to be agile and not be so fixed to the past,” she noted. “We need to be open to what the future is going to bring. That’s going to help us succeed in any care setting.”
“My role as CIO isn’t to present the best technology. It is, in collaboration with my peers, to really understand the problem.”
Years ago, that statement from Chris Harper likely would have raised many eyebrows. But in today’s healthcare environment – where it’s becoming increasingly clear that people and processes are more critical than the technology component – it makes perfect sense.
“At the end of the day, we’re all trying to accomplish the same mission,” he said. And although it can be tempting to play the part of hero, that’s not what organizations need from their CIO. What they need is a “pro” who will partner with the team and work to “solve problems together.”
Chris Harper
During a recent Keynote interview, Harper – who holds the dual roles of CIO and Senior Associate Vice Chancellor of AI at The University of Kansas Health System and University of Kansas Medical Center – discussed the philosophies that have served as the backbone for IT advancement, and the deliberate approach they’re taking to drive transformation across the organization.
When it comes to AI – or any tool, for that matter – his team’s approach has been simple, yet effective: identify the problem, then start to look for a solution. One of the problems they identified was physician and nurse burnout, which was first addressed through “conventional methodologies like process improvement,” Harper stated.
However, “once we hit a critical mass and aren’t able to move the needle anymore,” it’s time to start looking for a different solution. In this case, ambient listening and documentation can help fill that gap.
But what’s even more important than finding the right tools is having a solid foundation in place, which started years ago when the organization implemented Epic, then built an integrated data and analytics platform. As a result, “we’re now able to truly automate and leverage all of those assets to be able to do, in my mind, what healthcare technology is meant to do, which is to alleviate the waste and manual work for patients and providers,” said Harper. Making those “big bets” early on, he added, has positioned the organization well for incorporating AI and automation into the strategy.
Implementing AI tools, however, comes with a unique set of considerations, and therefore requires a different game plan than an EHR rollout. To that end, the University of Kansas Health System has adopted a “clinical trial-type approach,” he said. The key elements? A small sample size, a feedback loop that includes clinical and physician champions as well as engaged vendor partners, and a willingness to be agile.
And the feedback loop needs to be tight, according to Harper. “You can’t wait a month or six months to solve an issue. You have to commit to an iterative but rapid approach,” he noted. “If you break it, you have to fix it right away. There’s no room for error.”
Not just because human lives are at stake – which is clearly the most important point, but also because of the high level of interest in AI capabilities, especially among physicians. And in fact, he recommends tapping into the knowledge of super users and leveraging it to develop better products and strategies.
“There’s going to be tremendous value created through this. As CIO, you need to think about how to position your organization, and more importantly, your team and your people, so they can succeed,” he said – and do it quickly. “We don’t have a lot of years to get there. You have to start teeing up your team to take advantage” of the AI gold rush, and use those capabilities to achieve tangible outcomes.
“Whether it’s the retail space or financial sector, you have to be able to show value,” he added. “You have to think every day about the value your team is adding and the value the technology is adding.”
And if there’s no value, consider pulling the plug – even in the middle of a project,” noted Harper, who recalled a time earlier in his career in which his team “stopped a multimillion dollar project halfway through and decided to recalibrate. “It wasn’t the right thing to deploy that technology, because we knew that it wasn’t going to solve the problem.”
In the end, the decision proved to be the right one, and offered further validation of the importance of seeking – and acting on – feedback. Doing so, he added, requires something that he believes has become a critical component of leadership: listening.
“I think a lot of high performing IT individuals are quick to come up with solutions,” Harper said, noting that he’s been guilty of it as well. “Earlier in my career, I remember that someone would be talking and I would already be architecting how it comes together and coming up with answers and questions.”
The more advantageous move, for all parties involved, is to turn all focus to the person speaking. “That’s the biggest piece of advice I would offer: take time to listen and sit in silence.”
As mergers and acquisitions continue to rock the healthcare industry, organizations are faced with critical decisions, particularly when it comes to leadership. Consequently, more are turning to interim leaders to hold down the fort.
“There’s a lot going on right now,” said Judy Kirby, Executive Recruiter at Kirby Partners. “We’re seeing a lot of individuals back on the marketplace looking for opportunities,” and a lot of hospitals that need a stopgap.
It has the potential to be a win-win situation. However, while the qualities teams look for in interim and permanent CIOs are relatively similar, there are nuances to each that require a different approach.
Judy Kirby
During a recent Keynote interview, Kirby and Christopher Scanzera, who recently served as Interim CIO at Lurie Children’s Hospital, shared insights on why organizations opt for temporary leaders and the skills they value most in these individuals. They also offered advice that can be leveraged by all healthcare leaders as the landscape continues to evolve.
Kirby, who has more than three decades of experience in the field, believes that while M&A has undoubtedly played a role in the surge of interim roles, there are also other key factors. “I think organizations are asking, ‘do we have the right person in the chair?’” she noted.
Another key element is the circumstances under which the predecessor left, and the time that has lapsed since. In some cases, an internal person might be available to fill the role, at least on a temporary basis, but the reality is that most organizations lack a solid succession plan.
In some cases, however, the absence of CIO presents an opportunity to assess the current strategy and make adjustments, according to Kirby. “A lot of organizations, especially now, aren’t sure what they need in their next technology leader. Where are they going with digital? Where are they going with AI and cloud? I think sometimes having that interim come in and give an independent assessment can help level-set for where they need to be going.”
One of the questions Kirby’s team often gets is what to look for in an interim leader. And while there isn’t a universal answer, she places high value on individuals with a consulting background, as well as those who have previously helped interim roles. “They’re going to be a little more successful because they’re got a playbook coming in,” she said.
Chris Scanzera
Scanzera, who spent time with Deloitte and PriceWaterhouseCooper before becoming CIO at AtlantiCare, believes that his consulting experience benefited him significantly. But what’s really important is the ability to “deal with uncertain situations and size things up very quickly,” he stated. “You need political acumen, especially if you’re walking into an organization where someone who was loved as a CIO departed. You have to understand the political temperatures of not just the C-Suite, but also the IT executive team.”
And while technical knowledge will certainly come in handy, the ability to communicate effectively across multiple levels is even more vital. “You’re going to get hit with a lot of different questions. One afternoon you may have to wear the CTO hat, another you might have to put on the hat of a cybersecurity leader or VP of applications,” he noted. “You need to be able to go across different domains and occasionally go deep.”
Once an individual lands an interim role, the next question (another one Kirby hears often) is, what’s the best approach? Her answer is simple: “You need to take this job and own it. Treat it like it’s your own,” she said. “Trust that you’re ready for the job and can do the job.”
Doing so, however, requires knowledge, much of which is gained during the interview process. Smart candidates, said Scanzera, are always “taking notes and learning to get a sense of what the real scoop is going to be.”
That scope might entail keeping the trains running, or it could be “a situation in which they want you to come in and make aggressive changes,” or help prepare the organization for transformation, he noted. “It’s all part of the walking tour to find out where everybody is, because you’re going to get multiple opinions and multiple wishes, desires, and interests in terms of direction.”
At the same time, it’s important to come in with a roadmap of what you’d like to accomplish, said Scanzera, who advised breaking it into two-week chunks. “You have to come in with a structured framework and mindset of listening, learning, and assimilating very rapidly.”
Unlike with a permanent role, interim roles don’t tend to have a “honeymoon period,” which can ratchet up the pressure to deliver results. “You have to hit the ground running and come in with a preconceived notion of what you’re going to do – and do that very quickly.”
The key to that, according to Scanzera, is creating a healthy culture. “For one reason or another, you have a somewhat fragmented situation, and there’s an element of trust that has to be rebuilt,” he said. “You have to go down the path of learning and respecting the institutional knowledge.”
The more transparency and authenticity a leader can bring to the table, the easier it will be to make decisions that lead to early wins, he noted. “You want to be open and be accessible, and when you get wins, you want to share the credit. As an interim CIO, you absolutely need to do that.”
Just as critical, of course, is establishing rapport with the C-suite and Board, which requires communication – ideally in the form of “structured and relevant updates,” Scanzera added. “I believe results move at the speed of relationships. The more durable you can build them, the better off you’re going to be. That, to me, is the difference between success and failure.”
Above all, CIOs – whether temporary or permanent – must continue to build their skills, and not just technical, according to Kirby, who believes emotional and social intelligence is what separates good from great leaders. “The ability to listen, talk beyond the bits and bytes, and understand the business – to me, those are the most important things.”
Scanzera concurred, noting that the focus should remain the same, regardless of how long an individual has been (or will be) in the seat. “When you’re the interim CIO, you are the de facto CIO; the role, the responsibility, the fiduciary duties are the same,” he said. “You get up every morning and give it 110 percent. The job is still the job.”
Is it possible that something positive came out of the cyberattack that knocked Change Healthcare offline a year and a half ago?
Alan Smith thinks so.
Though it had extremely detrimental consequences – at last count, 190 million individuals were affected – the event “forced everyone to say, ‘what are we going to do?’ and rethink their vendor management philosophies.
“It’s interesting; we pride ourselves on running pretty efficiently. One way to do that is to get to one contract, one vendor,” said Smith, CIO at LifePoint Health. After the headline-grabbing cyberattack, “we’ve changed our dialogue to, maybe we should have two. Maybe we should spread out the risk a little bit.”
Alan Smith
The Change Healthcare incident also sparked another discussion that he believes has been muted for too long. “As an industry, I don’t think we talk enough about business continuity,” said Smith. “As the chief operator, you need to own how we continue to operate in a degraded environment because it’s going to happen.”
During a recent Keynote interview, the veteran leader talked about the mindset shift he’d like to see in healthcare, the constantly evolving CIO role, and the qualities he finds most valuable in future leaders.
One of the biggest challenges with business continuity, according to Smith, is the ownership piece. “Some people say it falls under cybersecurity, and some say it’s the CIO’s job,” he noted. “It’s not. It’s a shared game,” particularly when an incident hits and EHRs are down for days – or even weeks, and everyone feels the impact.
Fortunately, the conversation has changed “to some degree” in recent years, but there’s still room for improvement, and it starts with clarity. “What does business continuity mean? It doesn't mean the same thing to different people,” he said. “You’ve got to come up with a common lexicon and get everyone to agree on it.”
The ability to lead that conversation is a reflection of the transformation the CIO role has undergone in recent years from tech expert to ‘chief translator,’ according to Smith.
“When you’re with your internal teams, you probably talk a little bit more tech,” he said. “But when you’re with the business, you need to talk about use cases. You need to talk about innovation. What does that mean? How are we going to grow the top line? How are we going to decrease costs and increase efficiencies? It’s more about business enablement and less about hardcore tech.”
What that entails, he noted, is the ability to help prioritize tasks and help lead others down the right path – which sometimes means steering away from AI. “I start with, ‘what are we trying to do?’ Because no tool is the answer to everything,” Smith said. “Let’s talk use cases, and back into the technology that supports whatever we’re trying to do.”
And it’s not just AI tools that can crowd the environment. In fact, most healthcare organizations have more solutions than they need–and it’s affecting them in terms of costs and security. To that end, Smith and his team embarked on an initiative two years ago to review spending across all departments. “We literally went team by team. We sat together for two hours and asked, ‘what does this team do?’ It might be, ‘we’ve got Meditech and we have six people to support that. Here are the metrics.’ We went through all of that, and I think it was really enlightening.”
As a result, they were identify solutions that weren’t essential, and take steps to remove them. If teams wanted to keep them, they had to defend the spend.
What it did, according to Smith, is provide a level of accountability that hadn’t necessarily been in place.
“The IT spend is ultimately the result of a lot of peoples’ decisions; it’s not IT making those decisions,” he noted. “I didn’t decide to put a new payroll system or install PACS or Hemodynamic. Somebody else made that decision and the costs came to us. We’re trying to turn that around and say it’s business ownership that drives these costs.”
As part of that same philosophy, LifePoint is moving toward a consolidated EPR, which has helped improve visibility and boost cost savings. “That’s been huge,” Smith noted. Because “if you don’t know how many contracts you have, you don’t know the spend.”
Another critical decision his team made was to pull all of the TCOs together, which has helped bring awareness to the amount of money being spent. “All of our leaders, AVPs, and directors are looking for opportunities. It’s part of our DNA,” he said. “When they run into some contract that a facility sign that we didn't know about, they always ask, ‘do you need this? Why can’t you go to the standard vendor that we have?’
In doing so, LifePoint is able to “make it more of a team sport and ingrain it into our DNA, which has been huge. Because one person alone can’t do this; you need to have a whole bunch of people finding it, negotiating it and thinking about it.”
Although the orgnaization has undoubtedly made progress, they still have a ways to go when it comes to transprency. “People don’t completely understand how many projects we get hit with,” he said. “We’ve got work to do there.”
Fortunately, he believes the industry is headed in the right direction. The key to steering that ship, Smith added, is to ensure the right people are in the right seats.
One of the attributes that he believes will tip the scales? An inquisitive nature. “I think attitude wins over aptitude. The people who are willing to figure it out and challenge why we can’t do things a different way are going to get a lot farther,” he said.
On the flip side, one of the most important qualities leaders can have is to admit when they’re wrong. “I think that goes a huge way,” said Smith, who also believes leaders should embrace a healthy debate. “I wouldn’t want a team where everybody thinks the same and comes from the same background. I think that’s a recipe for disaster.”
Finally, Smith urged both current and aspiring leaders to stay focused on what’s most important. “Do this job because you want to make a difference. Don’t do it because it’s part of a career path,” he said. “It's a tough job. Do it because you want to impact patients and caregivers.”
When asked about the biggest challenges facing cybersecurity teams, most would probably cite budget – or more accurately, lack thereof. And while that’s certainly valid, there’s another obstacle that’s proving to be just as formidable: isolation.
“The biggest adaptation that I had to make coming to work for healthcare was understanding how isolating it is,” said Chris Plummer, Senior Cybersecurity Architect at Dartmouth Health. “Why are 6,000-plus hospitals still fighting as independents?”
On the other hand, when organizations combine resources, it provides “a suit of armor” that can create a stronger defense. It also helps foster a spirit of collaboration that hasn’t always been present in the security world. “When you’re able to put your arm around another hospital that comes into the network, you can provide that layer of protection really quickly.”
Chris Plummer
However, it isn’t just organizations that find themselves working in silos, but also individuals, Plummer noted. During a recent Unhack the Podcast, he shared insights on the isolation that security professionals often face, and discussed the steps that health systems can take to improve outcomes, from forming partnerships to exploring AI tools.
For many organizations, especially rural and small hospitals, small budgets can limit the cybersecurity staff to a single position, meaning that one person has shoulder all of the operational responsibility. “It’s exhausting,” said Plummer, who admitted he has felt “truly burnt out” in previous roles. “You bear the responsibility of securing everything, and bailing out the organization if something goes wrong.”
This phenomenon of being the “only cyber FTE” isn’t rare, he said. In fact, “I’ve been to a lot of places where you sit down with presidents of those hospitals and they ask each other, how did you talk your board into giving you money for a second IT person?” Plummer noted. “Those conversations show the lack of resources that we’re all facing right now as a country.”
And although that isn’t the case at Dartmouth, which he said has been “an amazing change of pace,” it continues to be a sticking point for many organizations.
One of the areas that suffers most in these situations is the ability to notify parties of possible breaches. If organizations don’t receive that information in a timely matter, it can severely limit the response. “How do we know something has gone wrong?” he said. And if it does, “should I be concerned? Do we need to do one of the rinse-repeat things we do every time someone is breached? Turn off VPNs? Cut off remote access or email?”
And while they don’t need all of the specifics upfront, leaders do need to know whether it’s okay to keep sending and receiving emails and lab results, for instance. “Everyone needs to understand the state of affairs,” he said. “We’re all searching for those same answers, and it can consume so much oxygen in the room trying to understand it all.”
This is where the collaboration piece comes into play – particularly when separate organizations are all exerting efforts to try to get the same answers. “We’re all doing the same thing. We patrol news sources. We look at social media. We’re trolling Reddit. It’s wild that this is what we’re doing to try to get the intel that we need to make decisions,” he said. And yet somehow, “we’re still on an island fighting our own battles.”
The way to buck that trend? By getting involved in professional organizations, noted Plummer, who participates with the Health Sector Coordinating Council Cybersecurity Working Group, H-ISAC Membership Committee, New Hampshire Cyber Threat Working Group, and New Hampshire Cyber Healthcare Sector Working Group, among others.
“You’re not going to get ahead in the information war without people. If you don’t have the personnel, you’re losing on all fronts,” he said. “A big part of that is building networks between people across health systems so that you’re comfortable sending an email or standing up a conference call and getting five or 10 people who you trust to troubleshoot this together. That has to be a big part of this.”
Another benefit of those relationships? Knowledge sharing around important topics like how AI is being leveraged in the security environment. Although it’s “clearly not at a point where it can practically augment cybersecurity operations,” Plummer believes it has the potential to be “incredibly powerful” – not necessarily in making decisions, but rather, guiding them.
“We all have that dream of being on full-blown autopilot and turning it over to AI,” he noted, but that’s not the reality – yet. Troubleshooting, on the other hand, is an area that’s ripe for innovation. “If it can provide a series of five steps to check if you’re trying to solve a given problem, that would be big.”
For now, Plummer is happy to remain “pinky toes deep” in AI. But at the same time, he doesn’t want to wait too long to get a bit more immersed. “I don’t feel like it has to be perfect,” he said. “On one hand, the institutional knowledge required is so deep, but the rate of innovation is so fast,” and no one wants to get left behind.
What Plummer and others have learned is that in healthcare – and particularly, cybersecurity – “things happen quickly,” and leaders need to stay aware and be prepared to adapt. And of course, collaborate.
One of Michael Han’s least favorite tasks during his surgical days was dictating operative notes. And so, the idea of being able to automate that process and remove some of the documentation burden from surgeons is extremely appealing. In fact, he believes the ability to generate notes from a video recording “isn’t that far off.”
However, he also believes clinical documentation shouldn’t be the primary objective with AI technologies – at least, not yet. For now, it should be all about the “administrative, non-sexy stuff; that's where the technology is right now,” said Han during a recent Keynote Interview.
Michael Han, MD
At MultiCare Health System, where he serves as CMIO, that’s precisely the plan: to leverage AI capabilities to address the pain points associated with call centers, scheduling, and managing referrals and prior authorizations.
In doing so, “we can reduce our overall costs, which should result in improved productivity,” he said. “We’ll get to the clinical space eventually, but we’re not there yet. Let’s focus first on all of the administrative things that have to occur around the delivery of care.”
And of course, on reaping benefits of using AI to automate scheduling and prescription refills and address frequently answered questions, which in turn can free up individuals to focus on more complex issues. “It’s about controlling costs as much as possible,” he said, while also improving the experience for patients and staff.
One area where he sees a great deal of potential is the ambulatory space, where large language models can be used to assist in preparing and summarizing charts and identifying care gaps. Having data in the right place, he noted, can help providers determine which labs or tests are needed, and quickly access referral and authorization information.
Post-acute appointments also stand to benefit, as physicians can leverage ambient listening to draft summaries that include all the pertinent information, and in a language that patients and caregivers understand. “We’re talking about referrals to other physicians, advanced imaging, prior authorization that needs to occur, and scheduling that needs to occur,” Han said. “It’s making sure you’re the medical home and patients take those next steps,” such as consulting with a cardiologist prior to surgery. This way, if the cardiologist requires an EKG or echo, for instance, it can be done and reviewed ahead of time.
As a result, “the patient’s encounter is as high-value as possible. This is how we’re going to be able to extract more productivity out of the system,” he added. “Because right now, there's too many times where patients show up at a specialist visit or a primary care visit without having had the tests and gone through necessary steps. I’m excited about improving the value of those visits.”
He’s perhaps even more excited about the clinical documentation piece – and the opportunity it presents for frontline workers. Through AI-powered automation, “we’re no longer requiring some of our most highly educated and highly paid resources to enter data,” Han said. With that burden removed – or at the very least, lessened, “it gives physicians and nurses more bandwidth to understand and analyze the data,” which can lead to better outcomes.
In preliminary trials at MultiCare, ambient technology has already scored high marks in these areas. “We haven’t seen a decrease in time in chart, but we have seen a decrease in time in documentation, with an increase in chart review and in orders,” he noted. “That means physicians are using their increased time to analyze and understand the chart and act on it. Which we think is an excellent narrative, and so, we’re extremely bullish on what Ambient can do in this space.”
However, no matter how much potential a solution might have, technology is only one piece of the puzzle. In order for ambient tools to succeed,
With ambient tools – along with any other technology, for that matter – the path to success is in conquering the other two parts: people and process. This, according to Han, is where CMIOs or other informatics leaders play a critical role by helping users understand WIIFM (what’s in it for me).
“If I enter this data, how is it going to help me with my patients? Helping them understand the ‘WIIFM’ is critically important in establishing trust and credibility with the medical staff,” he said, which can go a long way toward driving adoption.
Just as critical, Han noted, are the processes that are in place. And there’s no better time to test those processes than when a new technology is being introduced. “It’s an opportunity for you to examine the existing workflow and optimize the workflow with technology in mind,” he said. “Because you don’t want to automate chaos. You don’t want to automate a bad process. You want to make the process as clean as possible so that it can be automated, and so that you can actually improve outcomes.”
Also critical, of course, is the people aspect, which can be a significant hurdle in gaining adoption. What often happens, according to Han, is that one department head might advocate for a solution while another is resistant to it. One way to avoid that, according to Han, is to encourage stakeholders to get involved from the beginning and help identify the problem before choosing a solution.
The key, he noted, is in “guiding end users to the problem that you’re trying to solve, and working in collaboration to come up with a solution.”
And while that may not be the easiest aspect, it is the most important, Han noted. “If you don’t lay the foundation in terms of the people and the process, it’s not going to work; no matter how good the technology is, it's not gonna be adopted.”
On the other hand, if organizations approach the people, process and technology pieces deliberately, healthcare will move closer to realizing the benefits of AI tools.
© Copyright 2024 Health Lyrics All rights reserved
