IT has gone from a back-office function to an indispensable element of healthcare, but as an industry health IT is still maturing; and every industry goes through growing pains.
Here, 10 CIOs share their health IT highs and lows for 2015.
Please note responses have been lightly edited for clarity.
Aurelia Boyer, Senior Vice President and CIO of NewYork-Presbyterian Hospital
Highs
I do think that one would have to look at the achievements of the Office of the National Coordinator of Health IT to incentivize hospitals to become more automated as a success. A lot of people want to say, "What did we get for that [meaningful use] money?" because they think of it as an endpoint as opposed to a first step. I think it was an important step on the road to where technology needs to take the industry. It's not the endpoint. But it's a success that IT is more available and is a base that can really change.
Lows
If you look at the industry, the greatest angst right now is around this question of interoperability. I don't know that it's a failure because we're ready for it now, and we weren't even ready for it before. I think how we tackle that going forward, and how we tackle opening these systems and make them more useful, is the thing we haven't done yet. It's not a failure, but it's where we have to really move.
Kumar Chatani, Executive Vice President and CIO, Mount Sinai Health System (New York)
Highs
Mount Sinai Health System and the healthcare industry have experienced several high points this year. The CMS announcement earlier this year to extend the reporting period and reduce the number of measures required for qualifying for meaningful use Stage 2 incentive funding certainly gave us some breathing room to prepare accordingly. In addition, after a three-year process of over 100 clinicians and staff working collaboratively and tirelessly, Mount Sinai Health System transitioned successfully to ICD-10. Finally, we are now seeing digital medicine move beyond the disruption phase, led by innovation, consumer interest and efforts to democratize access through applications and services such as Pager and Teladoc.
Lows
Our industry certainly has had its challenges this year. In particular, healthcare has become a major cybersecurity target and consequently, the ability to safeguard electronic information and systems has become a major priority to ensure patient confidentiality and to protect company assets. Given the complexity of technology services and devices that require protection, it has become a costly and time-consuming process to stay head of hackers. In addition, shrinking healthcare revenue and reimbursements for providers has put tremendous pressure on IT budgets.
Praveen Chopra, Executive Vice President and Chief Information and Transformative Innovative Environment Officer, Thomas Jefferson University and Jefferson Health (Philadelphia)
Highs
It has been a very exciting year. Dr. Klasko, [Thomas Jefferson University and Jefferson Health's president and CEO], has said innovation is our future. Innovation is now a new pillar of our business and we are creating momentum as we speak. We have created the Jefferson Accelerator Zone, which is the "command central" for the incubation of new ideas by innovators within and outside of Jefferson. We are launching our first hackathon in a few weeks, where students and professionals will come together to dream up solutions to real world healthcare problems related to reducing readmissions, drone-based healthcare delivery and wearables.
One of the ideas we have focused on this year is telehealth. It started with addressing a problem. Patients want care to start where they are, but they can't always physically get to us. So, we started experimenting. We launched an on-demand platform and app, now available in the Apple and Google Play stores, whereby any patient can go and request a physician appointment. That physician will be quickly available through video conferencing capability. We made this available to all employees, and trained our physicians to take telehealth calls. In the first month alone, we had 1,500 app downloads.
We also created a program for family members of our patients who are not able to be at the hospital to participate in physician rounds. The program, known as Virtual Rounds, allows a patient's loved ones to join a video conference and listen to the care team so the experience is personal and convenient.
When it comes to innovation in data, we are creating a Center for Health Insights Management. This center is looking at a number of questions: How do we collect all of this data? How do we make big data meaningful data? How do we take this data to outside partners? I see this center as a hub for creative collaboration to turn massive amounts of health data into meaningful and actionable insights to make the business of health smarter.
Lows
The demand is too high. For the last few years, everyone was thinking about how important IT is, but the C-suite now really understands if they don't figure it out, they will lose the race. IT used to focus on incident management and "break fix" thinking. We have underinvested in how technology ought to be used to drive the future of healthcare. With reimbursement pressure, you have to be creative to get what you want as a CIO. When you are in a situation of scarcity, you become creative. How do you turn a low point into a high point? Innovation and transformation are keys to evolving the healthcare model.
Randy Davis, CIO of CGH Medical Center (Sterling, Ill.)
Highs
There has been a concerted effort to achieve interoperability, such as efforts made in document retrieval using the CommonWell Alliance between vendors. While it's not proper to call it interoperability, it's still a start. We've also made strides in creating tools to better evaluate clinical and financial data points. HIMSS was overflowing with vendors in this market this year.
Additionally, EHR vendors are finally embracing the accommodation of mobile devices in the hospital. And, we're seeing a big upswing in the utilization of teleservices as they were once envisioned. For example, e-ICU, e-mental health and e-stroke services to rural locations are being improved. In a rare display of forethought, federal and state funding of last-mile fiber to outlying medical facilities, schools and governmental entities are paying dividends in our ability to extend services to those locations.
On the leadership side, the need for investment in data and network security has finally hit the executive suite and boardroom, and it is translating to real action. Another high would be the continued effort and commitment to excellence I see and hear every day from fellow CIOs, from the people who toil, largely unrecognized, in the healthcare IT field to make it all work. I never cease to be amazed by what they accomplish.
Lows
We've now come to the realization that meaningful use dollars didn't stay with hospitals. It should have been named "The Payment Transfer; Vendor Entrenchment and Barrier to EHR Marketplace Act." Should we have been surprised Congress got it wrong again? They should have legislated true interoperability first, meaningful use second. Congress has effectively constrained the free market by their actions, not encouraged it. And now vendors are trying to hijack the definition of the word "interoperability" as they figure out how to minimally share documents while convincing Congress they're getting interoperability.
Cybersecurity remains a huge issue. Medical device manufacturers still as a group are making inadequate investments to assure their devices are not susceptible to malicious intent. Many in the health IT industry will admit there's only a small chance of preventing data breaches to a determined and competent adversary, despite our generous investments to prevent just that.
Here's a high, or maybe a low: Have you just stood back and absorbed how many vendors are at the annual HIMSS conference and how much money it must take in our business to support all these folks?
John Halamka, MD, CIO of Beth Israel Deaconess Medical Center (Boston)
Highs
Some of the greatest achievements in health IT this year were initiatives coming from the private sector. The Argonaut Project is a private sector-led movement to enhance interoperability using FHIR standards, and [healthcare research firm] KLAS is facilitating a movement to measure interoperability and publicly report vendor performance. Additionally, the emergence of Amazon Web Services as a secure hosting location for healthcare applications has been significant, as the shift of healthcare applications from a locally hosted client or server to the cloud gains traction. And finally, I see great promise in remote patient monitoring, and enabling technologies like Apple HealthKit to transfer patient-generated healthcare data from the home back to care teams.
Lows
Congress has really been obsessed with "information blocking," which I've never experienced as a cause of interoperability limitations. In addition to that, there are an overwhelming number of new regulations coming out that add burden to vendors and providers. This slows down overall innovation in healthcare. Providers are burning out on ICD-10 and meaningful use. These are activities that providers believe add little value to healthcare but distract IT from safety, quality and efficiency improvements.
Cybersecurity threats, too, are increasing, which requires hospitals and health systems to invest in more resources to defend themselves.
And finally, the tools for care management are rather immature. There is more social networking and collaboration capability in World of Warcraft than there is in EHRs.
Rose Ann Laureto, CIO of ProMedica (Toledo, Ohio)
Highs
The industry's awareness regarding cybersecurity has grown. Sometimes there's a sense of denial about what we would have to do for security, and it seems like that's turning this year. People are interested in proactively addressing cybersecurity and are identifying some of the things we can do not only from a technical point of view but from an educational point of view as well with our employees and physicians. This discussion has occurred at our board level and at our senior staff level. We've elevated that conversation from being a defensive type of conversation in the event of a security breach to a proactive kind of conversation.
Another high this year has been ICD-10. We can't discount ICD-10. It came and went, but anybody who has a large health system like ours with a substantial number of moving parts and things that had to be changed with attention to detail knows it was a significant conversion. ICD-10 for ProMedica was a nonevent because we were so well-prepared. Not from a technological point of view but from a process point of view and the preparation regarding coding and education. The industry did very well with that one.
I think another high in healthcare IT is we have elevated the conversation again as it's related to patient engagement. It seems like we have more innovation going on in that area than I can remember, with wearables and portables and creative ways to invoke patient engagement and involvement through technology, health providers and maybe even the healthcare system.
Lows
[While the industry's awareness of cybersecurity is a high,] it also has a corollary because it is a low. There have been some very noteworthy security breaches this year. Breaches were larger and broader than I can remember. The hackers are getting very clever.
The biggest low, and this is more of a health management kind of issue, is that our discipline has not done a good job in getting recognition for driving value. Health IT, in my opinion, is still seen as an expense. It's still a cost center, and I think there is almost an unhappiness sometimes that IT or the expense of IT has to be involved. We're pushing a lot of value, but I still think that we're seen as an expense. That's our responsibility as healthcare IT executives. We need to change the conversation and work with some of our business counterparts to ensure that what we're doing is driving value and that it’s measurable and that it's visible.
Another one has to do with the bigger picture with IT. I don't know how other CIOs feel, but I think our workforce readiness and IT talent pool is at a low. I don't think the up and coming workforce is prepared for the rigor or discipline of healthcare IT. That talent acquisition, the workforce readiness, is an issue.
Robert Napoli, Senior Vice President, CIO, Planned Parenthood of the Great Northwest and the Hawaiian Islands (Seattle)
Highs
The Oct. 1 transition to ICD-10 actually happened! After years of delays and false starts, we had plenty of time to prepare and test for these changes. For us, the transition was pretty seamless, and about a month in, we've seen no major issues. Still, we're not yet declaring victory because it could take months for problems to emerge.
Small healthcare practices were most apprehensive about this transition, but according to a recent article in Politico, even in this space there have not yet been any big problems.
Like most organizations, our biggest concerns pertain to the billing side and whether we'll get timely and correct reimbursements from our payers. After all, we could test our own systems in advance and train our own people, but we have no control over whether our claims get paid (or not) on a timely basis.
It's still possible that healthcare organizations will experience significant issues getting claims out the door and that we will see an increase in denials and rejections. We'll need to monitor this closely over the next several months.
Editor's note: The Politico story was published Oct. 23 and discussed the first three weeks of ICD-10.
Lows
Large-scale data breaches involving patient information kept me up at night. They are happening with terrifying frequency, and I see little evidence that our industry as a whole is getting ahead of this issue. Although HIPAA includes privacy and security provisions to protect personal health information, human error and criminal activity continue to present huge challenges for healthcare institutions.
Our industry seems custom-made to create vulnerabilities. We have many different systems that need to interact, and these systems can be extremely complex. They also have many different access points with the potential to be easily compromised — think a lost or misplaced laptop. To make matters worse, many vendors continue to offer products that don't even meet minimal security standards. It all adds up to big trouble.
There are good reasons to digitize patient health records, but in doing so we are exposing vast amounts of personal data to misuse, unless we find better ways to safeguard this data.
Governments alone can't legislate a fix, although setting minimum standards may help a bit. Patients, whenever possible, need to take their business to organizations that have committed sufficient resources — both in terms of expertise and funding — to ensuring that confidential data remains secure.
Craig Richardville, Senior Vice President, CIO, Carolinas HealthCare System (Charlotte, N.C.)
Highs
First of all, the increased focus on healthcare becoming a digital industry and the increasing ability to be interoperable. The increasing ability to interact with patients — our consumers — like they have done in the retail and financial industries has been huge this year. For example, the increased use of apps to engage with patients has heightened our focus and ability to connect with people.
Second, I think getting ICD-10 out of the way has been a big positive. ICD-10 has been available for 25 years and delayed twice. ICD-11 is expected to be ready in 2017 or 2018. Everyone has been ready, now we have actually executed the move and joined the rest of the world. Now, we can focus on other things that will allow us to improve delivery of care.
Another upside is meaningful use Stage 2 and the relaxing of some requirements. The government listened to us, making regulations more accommodating and realistic for us. Even though it was late in its release, it was favorable and consistent with what people expected.
Lows
One of the lows is our inability to uniquely identify our patients. We all feel the need to balance this need with privacy, but we need a method to uniquely identify our patients. We use a palm-based scanner. It is cost-effective, and we are above the industry standard for duplicate records.
Another downside is the MU Stage 3 timeline. It has not been delayed. We should have been able to enhance Stage 2 and prepare more for Stage 3. Some in the industry will not be able to achieve these goals and expectations. The timeline will be tight, and it may force healthcare organizations to do what will not be cost-effective.
Cybertheft in healthcare is lucrative, and this threat continues to rise. We need a better way to protect our data. We need more open communication with patients and providers with more protection from external threats. The industry is focusing more on cybersecurity, which is a positive.
Rick Schooler, CIO, Orlando (Fla.) Health
Highs
ICD-10 has been the elephant in the room. From the systems side, we have experienced limited problems. Like many organizations, we put a lot of work into preparing for ICD-10 over the past few years. We are glad Oct. 1 has come as we are now well into documenting and coding in ICD-10.
We, like others, have also had success with meaningful use stage 2. Achieving stage 2 is certainly a high point, but compliance with stage 3 will be a challenge even for the best of organizations.
At any given time, we have in excess of 100 projects in flight. But when considering our top-of-mind priorities, EMR and revenue cycle integration, health information exchange, clinical integration, "all things mobile" and advanced business intelligence and analytics have been key areas of focus. As recent highlights for us, we achieved valuable deployment of our dbMotion HIE platform along with continued progress across our various analytics and BI endeavors. In particular, our use of VisiQuate's revenue analytics, Healthcare Dataworks' enterprise data warehouse and Phytel's population health platforms has excelled. Overall, it seems the industry is in a positive momentum across al of these important areas.
We are also encouraged with what is happening in the cloud. There continues to be more viable, cost-effective options for moving legacy systems and infrastructure out of our data centers to Internet-based services in the cloud. There is always a certain amount of risk with any cloud offering, but vendors are now effectively addressing the related challenges. Overall, adoption of cloud services and technologies continues to accelerate.
Lows
As providers, we are facing the reality of continued reimbursement pressure, which as in years past is driving organizations to curtail IT spend. This not only chokes off investment in new or expanded technologies, but also reduces an organization's ability to support, maintain and refresh its installed base of systems. Consequently, tough choices are being made between buying new technology and maintaining the old. As pressure mounts to grow IT while maintaining up-to-date and reliable systems, we face a fundamental quandary that can jeopardize the stability and effectiveness of our IT platforms and organizations. As such, it boils down to doing more with the same (or less) with increased emphasis on IT governance and close monitoring of the IT spend. The demand for IT is not slowing down, and as such CIOs and their executive colleagues are challenged as never before.
Recruiting and retention of good people also remains a significant challenge in many markets. We must come to accept and understand the fact that we are competing for IT professionals across our industry and others. Unfortunately, many healthcare provider organizations do not take the philosophy of paying top dollar to hire and retain the best IT teams and leadership.
Ryan Smith, Senior Vice President, Information Technology, CIO, Banner Health (Mesa, Ariz.)
Highs
In my opinion, the highlight in health IT this year was a relatively smooth transition to ICD-10 showing that our industry can rise to significant, broad scale initiatives. I'd also include vendor agreement on supporting a set of national data interoperability standards — a feat that many industry experts expected would take many years to reach consensus. Finally, I've been pleased to see the positive impact IT is making toward enabling population health management and engaging consumers in their personal health and wellness.
Lows
The single greatest challenge related to health IT this year has been the exponential rise in reported data breaches involving personal health information. Also, despite the groundswell around standardizing data exchange, the challenges around efficient (and useful) data exchange are still significant, posing many challenges to care coordination. Finally, I would call out the added burden and time pressures that physicians are experiencing with the increased regulatory requirements around EMR usage.
More articles on health IT:
11 latest healthcare data breaches
28 recent health IT tips and strategies from CIOs, vendors and industry experts
Are Epic and Cerner healthcare's Apple and Android? 7 Core Thoughts