Enterprise IM and information governance are essential strengthening strategies to address a range of information stressors. This article offers a framework that can be used to take stock of which stress fields are currently under reasonable control in your organization and which will benefit from more targeted attention. It challenges organizations to approach IM and information governance from the perspective of asset management focusing on gaining real value from investments in EHRs and other information and communication technologies.
Implementing IT does not automatically ensure that information is complete, accurate, reliable, secure or used appropriately. In fact, research shows that data errors and other information- related unintended consequences may impede safe use of technology. Most health care organizations need more robust policy frameworks and formalized strategies for IM and information governance. These are important disciplines for any organization seeking to improve the safe and effective use of IT.
Revisiting Information Management and Governance
Contemporary Information management practices rest on three key principles: Information Asset Management, Enterprise Information Management, and Information Governance.
First, enterprise information should be managed as a valued asset on par with other critical assets (physical, human resource, financial, intellectual property). The information assets of the health care organization include medical records, but also e-mails, Web content, business data, images, video and other content in both physical and digital form. Health care organizations are eager to use data to improve patient care and operations, but their behaviors don’t always match this stated goal. Too often information management is a secondary concern. The quality of information and how it is handled depends on the preference of the process owner. When information is not viewed as an asset – including board of trustee mechanisms for oversight – synergies are lost, politics trump mission, and it is difficult to realize return on investments. Sound familiar?
Second, an information asset approach requires explicit structures, policies, processes, technology and controls which taken together describes the discipline of enterprise information management (EIM). The scope of EIM may be expanded as information assets come under better control, but the nexus of healthcare EIM are the primary and secondary patient data, structured and unstructured, residing in enterprise and departmental systems regardless of media. Billing and payment information, e-mail, personal health record data, employee and contractor information, quality improvement data, health information exchange and other information must begin to be viewed as elements of the information asset mosaic and managed accordingly.
The third principle is that of information governance. According to Gartner, enterprise information management (EIM) is an essential organizational discipline and information governance is a crucial building block of EIM. Information governance is becoming a key focus for businesses in other information intensive and regulated sectors, particularly those such as financial services, energy and utilities, and pharmaceuticals. Like all effective governance, Information Governance begins with the boards of trustees and senior leaders.
Taken together, IAM, EIM and IG have potential to mitigate risk, improve organizational performance and reduce costs. In research conducted by The Economist, businesses with formalized information governance report improved decision-making and business results due to better access to information and improved information-sharing. They cite service and product quality gains because information is more accurate and reliable. They also report improved business risk management and enhanced reputation due to better information security practices. They attribute improved cost control of IT and IT-related services because of tighter and more strategic planning and acquisition processes.
The Building Blocks of EIM
There are four functional building blocks for healthcare EIM: information integrity, information use, confidentiality and protection, records and information life cycle. These functions are encircled by Information Governance, which ensures that reasonable management structures, policies, processes, technologies, training, and controls are in place for each function.
Information integrity is the continuous improvement of the value of the information asset by ensuring that data and content are accurate, reliable, up to data, consistent and is “fit for use.” Information integrity begins with data architecture, definitions and relationships, including metadata, and data capture processes. It ensures that the provenance or lineage of data is captured and that processes for error correction and amendments preserve the story about the data. Auditing is an important function and one that requires a deep understanding of both the consequence of particular types of data and events such as interface or system upgrades that can compromise data.
This framework calls out information use as a distinct EIM function to underscore the range of highly complex applications and the importance of preparing, supporting and learning from authorized users who must act on data. The clinical use of electronic health records is the impetus for data quality and data governance activities in many hospitals. Quality improvement is a use that traditionally produces important insights about data quality. New focus on clinical analytics is another important source of insight about data quality. So too are clinical documentation improvement programs, patient access to personal health records, and health information exchange. While many hospitals identify issues about data quality from these and other applications, too often the dots are not being connected and linked to an enterprise IM policy and process response.
The use of clinical data for coding and billing is a data quality use case that has gotten more rigorous over the years, particularly with the RAC audit procedures. The impact of ICD-10 represents a new stress point for information integrity management and information use but it also represents a real opportunity to take EIM approach, rather than viewing it merely as a regulatory change.
