Skip to content Skip to navigation

Partners in Risk

February 1, 1998
by root
| Reprints

At first glance, last fall’s debacle at Oxford Health Plans is the classical IT horror story of an over-budget, over-deadline systems development monstrosity that brought a highly successful organization crashing to its knees. Oxford Health will be cleaning up its claims mess for a long time, but more disturbing perhaps is that the company will likely never regain the market stature it once enjoyed. And the rumor mills are churning about other large managed care companies losing money from computer glitches.

The obvious lesson here, say learned IT folks and pundits: Buy, don’t build. But it’s not that simple anymore. True, the trend in most industries is away from in-house-developed systems to the purchase of commercial systems that are cheaper, smarter and more plentiful than ever before. Yet most third-party products still need some custom development to meet an organization’s unique cultural and business needs; and then, the system must integrate with the remaining soup kettle of systems on the network. The system must be on time, within budget, and acceptable to users. Most importantly: It must deliver results. Oxford paid a high price for not only allowing a bad project to continue for years, but also for apparently failing to anticipate the rapid growth and change that would occur in its business over that time.

It’s a problem lurking everywhere in healthcare. "You’ve got a much lower level of sophistication in many places and a lack of accountability. Folks who have made bad decisions make bad decisions repeatedly and they stay in their job. In other industries… you get fired," says one industry insider.

Just as the business of healthcare is quickly evolving from loosely-run Mom and Pop shops to multifaceted, Wall Street-accountable corporate enterprises, so must the management of information technology mature. Observes long-time healthcare IT consultant Erica Drazen: "The option of saying, ’I can’t deal with it, and I’m going to hope for the best’ is not an acceptable choice." Healthcare executives are looking for tighter control over projects and more responsibility from the vendors and consultants they increasingly rely on to get things done. No longer merely "suppliers," third parties are becoming equal stakeholders in huge implementation projects and are beginning to share in the rewards--and risks--these projects bring.

Getting accountable
The Oxford story, troubling as it is, is hardly new in the information technology world--or healthcare, at that. "It’s actually very rare to run into an executive within a healthcare delivery system or a healthcare financing system who hasn’t had some disastrous experience with IT," says Drazen, vice president, emerging practices, with First Consulting Group, Boston.

Not only are systems in healthcare by nature complex and the choices vast, but there are few models to follow when so much in the industry is still experimental. The notion of clinical integration, for example, is unclear and may not translate from one organization to another, according to Dave Selman, CIO of ProMedica Health System, Toledo, Ohio. "So the complexity layer we all have where there is a thirst and a hunger to drive toward prospective outcomes management technologies, forces us to be creative with not only the funding but the selection of products," he says.

Executives are welcoming the shift from inhouse-developed to off-the-shelf systems, not only because they are much more affordable, but because it gives them an out in the event of disaster. "Our business is patient care, not software development," affirms Ed Kopetsky, senior VP and CIO at Centura Health, Inc., a large integrated delivery system in Denver. "If there’s a bug in the software that would jeopardize your core business, who’s liable?" he asks. "You have some outside remedy if it’s an outside product. You don’t really have that if it’s internal."

The days of CIOs bearing the brunt of the responsibility when things go wrong may be waning; contracts are now including clauses to ensure that an information system will, say, deliver a set of functions by a certain date. Other arrangements wedding systems to benefits go further: agreeing on a percentage of cost reductions to be achieved over time; lowering physician utilization rates; even tying the vendor’s revenue to the market share of the client.

Such risk-sharing, or "risk/reward" contracts are bringing the information systems supplier in as an equal partner: If goals are met, the supplier gets paid the full amount of the contract; if goals are exceeded, the supplier may get a bonus or share in a benefits pool; and if goals are not met--the supplier pays the healthcare organization, in the form of a discount or reimbursement.

A mutual death grip
"There is almost a mutual death grip--much more sharing with a larger range of penalties and gains for performance than I recall seeing a couple years ago," reflects John Glaser, PhD, VP of information systems and CIO at Partners HealthCare System, Boston. Although Partners has not engaged in any such agreements yet, one of its consulting firms has broached the idea. Glaser says risk sharing may make the most sense in high stakes ventures like year 2000 planning.