Question

Examining the Importance of Data Governance in Healthcare

By Shannon Fuller, MBA

HEALTHCARE HAS ALWAYS focused on managing information from application to application, instead of looking at information holistically and defining it holistically. The industry's shift of focus onto analytics—whether it's for predictive analytics or modeling for improved readmission rates—puts the focus back on foundational data. Ihat's what is needed for things like population health, which is increasingly important in healthcare.

Patient data isn't held or uséd solely in electronic health re cords (EHRs); it's also present in billing systems, analytics pro grams, population health data sets, and several other sources. To get a holistic view of each patient, it is important to integrate these sources to ensure all information is available for treatment.

Many healthcare organizations are looking to partner with cloud services and analytics services to make better use of their data. To maximize the outcomes of these partnerships, organizations must adopt strong data governance practices. By engaging a partner with a sustainable infrastructure for data, governance teams can focus on business process analytics.

Working Smart a professional practice forum

42/Journal of AHIMA November—December 18

An organization that has its data in order will be able to make the most effective use of analytics. After all, if the ana lytics inputs are using bad information, the outcomes can't be trusted to provide accurate responses that can be used for decision-making.

Getting Started with Data Governance

A common data governance question in healthcare is where to start—and how to make inroads with decision-makers. A good start is to tie governance to corporate objectives. It's also important to identify problems or pain points that solid data can resolve. It's crucial that organizations start defining their information to standardize how it is used and understand where opportunities exist. This will lay the foundation for governance going forward.

Data governance is essential to any analytics initiative— and leaders need actionable information. Too many organizations are collecting data for analytics but are performing analysis on an ad hoc basis that doesn't always enable strategic decision-making. One of the driving factors for this is a lack of trust in the data. A full understanding of one's data mitigates the "where did these numbers come from" questions. Data governance ensures that the data is fit for analytics and increases trust in the results that leaders can use to make fact-based decisions.

Making decisions based on trusted healthcare data can directly affect people's lives. Integrating the disparate sources of data and looking at the patient holistically is extremely powerful. Using analytics to identify trends during the course of patient care will give clinicians the information necessary to make more informed and timely decisions in treating patients that may not have been selected without the aid of analytic outcomes.

Information Governance in Action

When Atrium Health started its information governance journey, it began with an honest assessment of its current capabilities, organization structure, and culture. It had no data governance structures in place and data quality concerns were addressed ad hoc and with a reactive approach. Data management was done in silos, application

Figure 1: Data Governance Roadmap

Data Governance

Infrastructure 1/29/2015

Hite a Data

Quality Analyst

Year 1

Years

4/1/2016

1/1/2016

1/27/2016

Meta Data & Data uneagePIan 4/15/2015

EVP Approval ram

DGO Pian

4/1/2015

3/10/2015

Data Stewardship

Compete:ty Model

7/6/2016

Select an tool

7/1/20

Imp!ernentation Establish

Strategic

of

5/15/2015

SAS DG Modef

10/1/2016

9/3/2016

Plan fct M DM 6/15/2015 the

GovernancecotzW15

3/1/2015

NarneOc•naIfi Owners

?/1! GIS

7/2/2015

Define Oornan O.vrees Rote

4/6/2017

Data Atchitecture

lil/2 17 4/1/7017

1/6/2017

Devebp a DQ program for

Transaa ional Systems ent 7/1/2017 11/6/201.5

Devebp a Business

Case for M CM

Line;

10/1/2017 12/3 t 15

12/31/20 i 7

to application. A major culture shift was needed within the organization to break down those silos and foster an enter• prise-wide data governance initiative. That need led to the division of a strategic governance plan into four phases: (l) foundation laying, (2) institutionalization, (3) realization, and (4) governance. The initial plan included the following categories:

1. Governance Organizational Model

a. Develop a business case to staff the data governance office (DGO)

b. Establish an operating rhythm for the information governance council(s) c. Develop operational training for data governance

2. Governance Strategic Plan

a. Design and implement a domain model

b. Current/future state data architecture analysis

c. Develop a data governance operating model to support major initiatives

d. Develop a data quality program

e. Implement a data security control plan

3. Governance Tactical Plan

a. Implement a business glossary

b. Select a master data management or reference data management tool and/or methodology

c. Define a metadata strategy including data lineage

d. Develop standard operating procedures for project prioritization

4. Promote a governance culture

a. Create a governance roadshow to increase awareness and the implications of implementing a governance program

b. Participate in industry forums, conferences, and groups

c. Build a process to evaluate and align governance initiatives

d. Form an education committee to drive governance training and communications

The next step was to develop a high-level three-year roadmap for developing the program. See Figure 1, above, for a graphic of the roadmap.

Executing the governance strategic plan hinged on being able to change long-standing, culturally embedded practices. To do that, it was necessary to build partnerships across the organization and leverage existing structures to reinforce the need for change.

One of healthcare's key tenets is to protect patient privacy. Tackling corporate privacy was an important part of broadening the scope from data governance to information governance. Respecting patient privacy isn't just important from a legal and compliance perspective—it's an ethical obligation as well, especially as technology changes how patient information is acquired.

As the program matured, a more holistic approach was taken in the management and utilization of information by:

• Establishing overall risk positions related to handling information (i.e., sharing data with third parties)

• Evaluating risk of specific initiatives

Establishing formal accountability (data ownership) and oversight

Actively promoting compliance with laws, regulations, and policies

Establishing policy on how and where data can be stored

Journal of AHIMA November—December 18/43

Working Smart a professional practice forum

Navigating Privacy & Security / Illuminating Informatics / Advancing Analytics / Road to Governance

WHEN ADVISING ORGANIZATIONS through information governance initiatives, it's important that organizational leaders understand that it's not just data and information that's being managed—it's risk, as well. This graphic suggests some of the questions the Governance Council should be evaluating when developing risk positions or policy statements.

Be thoughtful about the use, disclosure, and control information

Consider all sensitive data, not just patient information and ePHI

Proactively assess risks of emerging regulations and technologies

(i.e., offshore data storage and access)

A senior-level cross-functional group is required to properly identify and understand the impact of these types of decisions over the entire enterprise. Representation includes:

Audit services

Medical group

Corporate privacy

Corporate compliance

Data governance

Enterprise risk management

Health information management

Information security

Corporate operations

Office of general counsel Physician leadership

44/Journal of AHIMA November—December 18

Population health management

Quality/patient safety

Research

Risk management

Strategic services group Information services

Information and data governance are not just about improving data quality. Healthcare practitioners need to be proactivc in addressing issues of risk and privacy. Information governance is a key component in identifying and mitigating legal, operational, and compliance risks and, above all, ensuring the right people have the right data at the right time.

Write a paragraph (6-7 sentences) summarizing the article. Be sure you have
factual information included in your summary.

Answer 1

This article enlightens about importance of data governance integration in healthcare. Patient data is a unique source of information which can be turned into useful holistic information by analytics using data governance and can be applied to identify and resolve many practical problems. Additionally, it can give healthcare professional essential information to make timely decision to treat patients. However, due to lack of trust in data, many organizations are using it on ad hoc basis. Atrium Health initiated it through four phases: (1) foundation laying, (2) institutionalization, (3) realization, and (4) governance.

In any health care organization, patient confidentiality is must, thus it was an ethical obligation while broadening the scope from data governance to information governance. Many safety measures such as Establishing overall risk positions related to handling information, evaluating risk of specific initiatives, establishing formal accountability and Actively promoting compliance with laws, regulations, and policies were performed which made this program more matured.