Information Governance – The Next Round’s on Me.

switching EHRsBy Susan Clark, HIT Solutions Executive, eHealthcare Consulting Inc.
Twitter: @ehealthcareorg

Master data management, data governance, compliance, health information management, and risk management walk into a bar…..Bartender says, “It’s about time you all came to the same watering hole. Now, how about a round of shots of information governance?” In fact, we are late to the party. If you went to a similar watering hole in the UK, or in the US legal industry, you would find that there, not only have they had the IG shots, but have bar stools with their names on it.

It is time to reconsider the functional areas of your organization. IT cannot do this alone. Ask a DBA about uses and disclosures of information, or litigation risk. Or a SQL expert about legal retention requirements of business or health records. Compliance, quality, HIM, risk management, and the like should be a critical team member of software lifecycle management. Yet, they are often uninvolved with software purchases, implementations, inventory, or decommissions. Maybe you have been lucky so far, but you are at risk if you are not addressing an enterprise view of not just data, but information.

Like the hottest new club on the strip, everybody is talking about Information Governance yet there is not a universal understanding of what it actually is. Here are definitions to get you started.

  1. AHIMA (American Health Information Management Association defines IG as an organization-wide framework for managing information throughout its lifecycle and for supporting the organization’s strategy, operations, regulatory, legal, risk, and environmental requirements. AHIMA’s IG Glossary.
  2. Gartner definition – Information governance, or IG, is the set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage information at an enterprise level, supporting an organization’s immediate and future regulatory, legal, risk, environmental and operational requirements.
  3. ARMA (Association of Records Managers and Administrators) International –  Created the Information Governance maturity model based on the Generally Accepted Recordkeeping Principles of Accountability, Integrity, Protection, Compliance, Availability, Retention, Disposition, and Transparency.

There is a risk for disclosure, mishandling, maintaining past retention, data being stored without leadership’s knowledge, and data that is incorrect. It has been reported that benign data errors cost 10 times as much to correct as to prevent. We are not just discussing clinical, but all business records. This includes unstructured information and discrete data which may be paper-based records and forms, e-mail (we all know those people with 6000+ emails saved in Outlook), social media , voice recordings , images, or electronic databases saved onsite or cloud-hosted. Maintaining a central ‘source of truth’ for all information is likely to prevent duplication and inconsistencies that could result in patient harm or undue financial loss. One source says that as much as 69% of information in most organizations has no business, legal, or regulatory value.

Information is an asset. Is that on your CFO’s budget worksheet?

Welcome to the Information Governance party. The night is still young, there is much more to come on this topic.

About the Author: HIT Solutions Executive at eHealthcare Consulting Inc. With a 20-year career that includes health information management, project management, ambulatory operations, quality improvement, managed care, and regulatory/accreditation compliance, Susan Clark, BS, RHIT, CHTS-IM, CHTS-PW seeks to create health information technology solutions to improve compliance, efficiency, data integrity, revenue, along with patient and staff satisfaction. She serves at a national level with the AHIMA House of Delegates and advocates for providers, practices, hospitals, and HIM/HIT professionals while keeping abreast of developing regulations and industry trends.