Data is one of your health system’s most valuable assets. Analytics can help improve patient care, reduce costs, and increase operational efficiency. However, your organization must have a clear plan for how you will manage your data, ensure its integrity, report on it, and comply with regulations. That’s where Data Governance comes into play.
A well-structured Data Governance Strategy can help you establish clear roles, responsibilities, as well as policies and procedures to properly handle data. It will also help you determine — now and in the future — how you’ll use analytics to help achieve your health system’s strategic goals.
In this blog post, we’ll give an overview of 4 key considerations for effective Data Governance:
- Data Quality and Integrity
- Protecting Privacy and Security
- Centralized vs. Decentralized Analytics
- Building a Culture of Data Governance
Data Quality and Integrity
Reliable, timely data is a critical foundation for informed decision making in clinical, financial, and administrative areas. One way to improve quality is to standardize data collection whenever possible throughout your organization. For example… In clinical areas, work with providers to create templates and drop-down responses that can streamline their workflow plus standardize data at the same time. In revenue and supply chain areas, determine the best methods for keeping charge masters and supply chain product numbers up to date.
There are many other ways to improve the quality and integrity of your data. Some hospitals and health systems use software to detect and correct inconsistencies. If that’s not an option, consider establishing data stewardship to assign accountability for data quality and facilitate ongoing maintenance.
Challenges you might face include limited resources, data silos and/or multiple data sources (e.g., from your main EHR and other stand-alone systems), as well as integrating and standardizing data from multiple sources, etc.
As hospitals and health systems continue to generate and rely on vast amounts of data, an effective Data Governance Strategy is essential to ensure data integrity, privacy, and security. Form a Data Governance committee or council composed of representatives from various departments within the organization. This committee should be responsible for setting Data Governance policies, resolving data-related issues, and ensuring alignment with organizational goals.
Protecting Privacy and Security
Your organization’s patient data contains sensitive and personal Protected Health Information (PHI) that is regulated at federal and state levels. Hospitals and health systems must comply with privacy and security laws such as the Health Insurance Portability and Accountability Act (HIPAA) and the 21st Century Cures Act to ensure patients have access to their medical records, control over who can access them, and demonstrate that PHI is not disclosed without their consent. Determine who has access to patient data and under what circumstances. Implement role-based access control (RBAC) to ensure that only authorized individuals can access sensitive patient information. Regularly audit and monitor data access to detect and prevent unauthorized access.
Establish policies for data retention and disposal in accordance with legal requirements. Ensure that patient data is securely archived and deleted when it is no longer needed. You’ll need to secure Business Associate Agreements (BAAs) with vendors, understand data breach notification protocols, manage patient consents, etc. If you use third-party vendors or cloud services for data storage or processing, ensure that they adhere to the same data security and privacy standards that your organization follows. Establish clear expectations in agreements with vendors.
In terms of security, data breaches can result in significant harm to patients, not to mention your organization’s reputation. Healthcare organizations often implement robust measures like firewalls, intrusion detection systems, encryption, access controls, and penetration testing to maintain security. You’ll also need to perform routine audits and conduct employee training to make sure they understand and adhere to your data privacy and security protocols. If limited resources are a significant challenge, outsourcing security is an option to consider. Remember to consult with your legal experts, too, who can help you navigate the complex landscape of regulatory compliance and mitigate risk.
Centralized vs. Decentralized Analytics
A centralized approach to analytics ideally means that team members all have the same understanding of an organization’s data, can be trained on the same tool(s), and won’t duplicate reporting efforts — in other words, you get economies of scale. Large health systems often opt for a centralized approach.
On the other hand, many healthcare organizations still have dedicated data reporting resources in departments outside of IT — in areas like finance, clinical service lines, leadership, quality, and research — since these areas tend to generate many data requests. Opening access to reporting in these departments can allow your IT resources to work on strategic analytics initiatives that support the organization’s enterprise objectives.
Whether analytics at your organization are centralized, decentralized, or a hybrid model, your Data Governance body should identify — based on your strategic goals — which metrics will be measured, the priority of each, assign them to the appropriate team so there’s no duplication of effort, and determine who has access to specific types of data.
Building a Culture of Data Governance
Successful Data Governance will probably require a cultural paradigm shift throughout your organization. You’ll need to convince stakeholders that changing their practices will be worth it, and don’t be surprised if they resist — even if you know their old ways are inefficient or ineffective. Why? Because change is hard!
So, it’s crucial to educate staff about how Data Governance will benefit them — perhaps they’ll have faster access to data or be able to access data that had previously been hidden in a silo somewhere; maybe they’ll be able to spend more time with patients, or less time trying to collect revenue. Communicate your Data Governance strategy and the benefits to them, then provide training on data-handling best practices, and be sure to listen to their feedback.
Recognize that implementing Data Governance may require a cultural shift within the organization. Invest in change management strategies to gain buy-in from stakeholders and ensure that Data Governance practices are adopted throughout the organization.
Embracing Data Governance is a vital step towards leveraging the full potential of data to drive improved patient outcomes, research advancements, and operational excellence in the ever-evolving landscape of healthcare. Leadership commitment and support, effective communication, and regular engagement with stakeholders are the keys to fostering a culture of Data Governance.
Additional resources you may find helpful:
We’ve provided a brief overview of key considerations above but ultimately, Data Governance requires robust planning, execution, and monitoring mechanisms. If you need a helping hand, our experts are available to assist. Simply contact us today to learn more about our Data Governance Strategy services.
Blog Post Authors:
Sandra Murray, MBA, PMP, CISM, ITIL
Senior Director
HealthNET Consulting
Sandra Murray has 20+ years of healthcare IT experience, and is a highly technical, hands-on project manager with outstanding analytical, organizational, and interpersonal skills. Before joining HealthNET in 2014, Sandy was the IT director of a Gulf Coast health system. She is adept at meeting the needs of technical and clinical end-users, which produces results that align with senior management and overall corporate goals.
Sandy has successfully led on-time, on-budget electronic health record (EHR) implementations (Epic, MEDITECH, eClinicalWorks, etc.) at multi-facility health systems and physician practice groups.
Christopher Murray, MBA
Data Analytics Consultant
HealthNET Consulting
Chris Murray understands data and uses technical tools to make it meaningful. He is a hands-on Tableau and Microsoft Power BI and SQL developer who can quickly deliver actionable, data-driven business intelligence to decision makers. He has in-depth understanding of all facets of the revenue cycle process, has helped health systems formulate predictive cost analyses, and excels at data anomaly research and resolution.