Do You Have an Information Governance Policy Framework? | David Raths | Healthcare Blogs Skip to content Skip to navigation

Do You Have an Information Governance Policy Framework?

October 1, 2013
| Reprints
Dealing with meaningful use and ICD-10, many provider organizations can't undertake something as big as an information governance project

Besides reporting for Healthcare Informatics, I also write for a publication called KM World, which involves issues in enterprise knowledge management — and it is always interesting to me when the two worlds overlap.

Knowledge management is a bit of an amorphous topic that doesn’t always have a natural home in the enterprise, and that is true in healthcare, too. Some organizations have executives with the title chief knowledge officer, but most do not. Often the knowledge management function resides in the CIO’s office. I wrote an article for the October issue of KM World on the topic of enterprise information governance.

People I interviewed noted that getting an agreement on an information governance policy across a large organization can be difficult, and deploying the tools to make it happen even more so. A survey by AIIM (the Association for Information and Image Management) found that 15 percent of organizations have an information governance policy in place and working, 16 percent have done the work but it's not being enforced or audited, 33 percent are working hard on getting it done, and 22 percent are not taking it seriously at all.

I had a chance to speak with Linda Kloss, principal of Kloss Strategic Advisors and former CEO of the American Health Information Management Association (AHIMA). She told me that in the healthcare field, information governance is getting more important because digital data is being used to drive change. "We are seeing fairly rapid adoption of business intelligence and data analytics tools on this trove of data, and you need to identify flaws in the data and who has access," she said.

Yet with meaningful use, ICD-10, and other initiatives taking place, many provider organizations just can't undertake something as big as an information governance project, Kloss told me. Instead, they have to work incrementally to fit it into the smaller issues they are working on such as privacy and security and secondary uses of data, and then knit those together into a larger framework.

"Healthcare has a lot of compliance-related activities," Kloss said. "And there are pockets of good governance, but they may be siloed and not looked at as part of a mosaic of activities. I look for ways to leverage activities already underway, such as a new rollout of analytics, to see if there are lessons learned about information governance that can be ported to other areas."

This reminded me that last March at HIMSS in New Orleans, I saw a great presentation by Gregory Veltri, CIO for the Denver Health and Hospital Authority, Colorado's largest safety-net healthcare system He talked about his experience helping the organization build a data warehouse. He said that although meaningful use may feel at times like a reporting burden, it is providing a framework to do much more. “It allows me to ask, how can I extend our data model to give physicians the best info about patients, including genomic data for predictive analytics.”

Over several years, Denver Health’s data warehouse has built up 27 interfaces from every clinical application. Veltri talked about the several steps involved in data management:

1. Create a common data dictionary of defined measures. (You have to have one definition for every data element you have. If not, you get hopelessly lost, Veltri said.)

2. Collect data (Unstructured data is the toughest).

3. Measure and analyze.

4. Make the data actionable.

5. Build a predictive analytics model.

In a separate HIMSS session, Paula Edwards, a partner with consulting firm HIMformatics, agreed with Veltri that if these efforts are led and solely pushed by IT, they fail.  “If data governance is viewed as an IT project, it is not going to be a long-term program. It has got to be driven by the business and clinical side.”

Once you clarify who is responsible for which parts of the project and provide transparency into the decision-making process, Edwards recommends focusing on data quality, integration, master data management, standards and metadata.

For my KM World article, consultant Barclay Blair told me that one of the problems with information governance is a leadership vacuum. In a recent blog posting, he noted that it is time for CIOs "to fundamentally re-examine their role in information governance, and concurrently, for organizations to seriously evaluate an expanded role for the CIO in information governance."

For instance, he noted that the CIO drives technology architecture and that information governance demands a clear and profound vision regarding the central role that technology and IT architecture play in information governance success. "Nobody is better positioned to provide this leadership than the CIO," wrote Blair, president of ViaLumina, which provides information governance consulting services.

So does your Office of the CIO have a key role in information governance? Or is it time to start?



The Health IT Summits gather 250+ healthcare leaders in cities across the U.S. to present important new insights, collaborate on ideas, and to have a little fun - Find a Summit Near You!


See more on