A Healthcare Data Governance Policy To-Do List

This new year promises to be another challenging year for your health IT team, along with the rest of your organization or practice. Among the list of New Year’s resolutions, make your healthcare data governance policy a top priority.

Managing data is not why most doctors enter medicine, but putting off a fully-implemented, regularly-updated healthcare data governance policy is not a viable option. You need one to help your practice or organization make the best use of your data and protect its quality and integrity.

Consider:

Security Breaches – In the recent years, the industry have faced record data breaches, and the threat from ransomware and illegal intrusions from medical devices and IoT is unlikely to abate.

Growth – The demand for and use of data will only accelerate. Some data growth estimates are as high as 48% each year.

New Demands/More Complexity – It’s not only the amount of data that poses a challenge, it’s the nature of data. Structured and unstructured, it comes in different formats, from multiple sources and located in different places. Your healthcare organization or practice needs to prepare for data that’s more predictive, accessed more often and shared more frequently with the advent of AI, machine learning and value-based care.

Adoption Rates Remain Low

If your healthcare data governance is not where it should be, you’re not alone. Even in today’s data-centric healthcare environment, a surprising number of organizations still lack a fully implemented healthcare data governance policy to make the best use of their resources.

One study reported by MedCity News found a little less than half (44%) of those surveyed have adopted an enterprise-wide data governance capability. Another 32% of organizations are currently implementing an enterprise-wide data governance capability, while 21% said their data governance capability is just based on the department.

At the individual practice level, the adoption percentages are more than likely to be lower.

The reason for low adoption rates shouldn’t come as a surprise. The common reasons why adoption rates are low for individual practices include understaffing and limited financial resources, lack of leadership buy-in and conflicts over roles, responsibilities and ownership of data analysis.

Healthcare Data Governance Policy To-Do List

With the new year upon us, here’s a to-do list for starting or strengthening your data governance policy:

Let’s begin by defining terms. According to the American Health Information Management Association, “Data governance is the set of policies and procedures that determine the who, how and why of data management within the organization. Strong data governance supports compliance and legal efforts by organizing data for retrieval and retention, especially over the long term.”

1. Secure Leadership Buy-in

At the top of any data governance checklist is the commitment from your organization’s leadership to a policy that maximizes your data’s value and safeguards its integrity — from capturing and storing to accessing, reporting, updating and sharing.

It’s important to distinguish between data management and data governance.

Data management is bottom-up, more tactical and day-to-day driven. Data governance is strategic, long term and top-down. It provides leadership with an organizational framework for defining roles, processes and resources. It helps to establish a data-centric culture where every stakeholder is committed to its successful implementation.

2. Set Goals and Benchmarks

A data governance policy embodies your organization’s unique mission and business objectives. It establishes benchmarks to gauge your progress. Of course, goals and benchmarks will vary as each organization operates according to its own culture, management style and resource allocation.

Despite organizational differences, Healthcare Information and Management Systems Society (HIMSS), in its Roadmap to Effective Data Governance, recommends that your goals:

• Operate “based on objective criteria, trusted data and expressed in terms of business impact”
• Reflect “multidimensional measures offering different perspectives”
• Include “external benchmarks from leading peer organizations and other relevant sources”

3. Define Roles and Responsibilities

Roles and responsibilities must be clearly defined. Leadership buy-in is critical, but your data governance policy must also be embraced by your entire organization, not perceived as just a problem for IT.

It’s an interdepartmental approach that involves IT, finance, administration, doctors and nursing staff. Well-defined roles help avoid battles over turf and minimize internal politics. With clarity on who does what, you’re better able to address limited resources and staffing issues. Clearly defined roles and responsibilities also ensure that each person is best qualified for the role he or she is assigned to.

Defining roles and responsibilities should start with a data governance committee that’s composed of your organization’s leadership. The committee sets the direction, ensures that activities align with priorities, allocates resources and makes budget recommendations.

Among the critical roles in any healthcare data governance policy is that of data stewards. Within an organization, there may be many data stewards. As front line experts, their understanding isn’t just technical. Understanding the business dimensions of your healthcare organization, they serve as advocates who help ensure successful implementation, enforcement and participation across the organization.

4. Conduct Ongoing Training

Data governance is an ongoing priority, not just another IT project. Managing data is only getting more sophisticated as its uses are expanding. Staff at all levels needs to be equipped with the skills and knowledge to keep pace with new demands and ensure its integrity.

Training must not only include better ways to manage data, but address its impact on your governance policy, your organization and patients. This gives your organization a broader framework to understand data and the role that a data governance policy plays.

5. Monitor Progress

Along with ongoing training, a successful policy must include ongoing monitoring to identify barriers to success and opportunities for improvement.

Organizations should conduct frequent internal audits, gap analyses and assessments to ensure that they are both maintaining a high level of data quality and ensuring patient privacy and safety. The goal is to spot problem areas that can impede or undermine the collecting, viewing, storing, exchanging, aggregating, analyzing and use of your data.

Summary

The dramatic increase in the amount of data generated and the growing number of applications for its use can seem overwhelming, whether you are a large hospital system or a small physician practice. The sense that we are being hit by a data tsunami only fuels the need for a data governance policy.

Your actual policy will reflect your mission, values and goals. Regardless of its specifics, your policy must recognize that managing data is not an IT-only problem. Rather, it’s one that impacts your entire organization with the common goal of improving operational efficiency, reducing costs and enhancing the safety and quality of patient care.