Carolyn Byerly believes vendor relationships don’t have to be so complicated. During her 11-year tenure as CIO at Stanford Hospital & Clinics, she made it a point to take the high road by being as transparent and honest as possible. The strategy served her well; she helped transform a best-of-breed shop into a Stage 7 Epic enterprise environment. In this interview, the recently “semi-retired” Byerly talks about partnering with Perot to successfully implement Epic, the criteria for selecting the right vendor, and her organization’s five-year data warehouse journey. She also discusses Stanford’s sizeable investment in securing patient data, the creation of an Innovation Council, and the attributes all CIOs should have.
- Working with Healthcare Quality Catalyst
- Stanford’s five-year data warehouse project
- Investing in PHI — “we’ve been granted the capital and resources to do it right.”
- Creating an Innovation Committee
- “My job is not to manage. My job is to lead.”
LISTEN NOW USING THE PLAYER BELOW OR CLICK HERE TO SUBSCRIBE TO OUR iTUNES PODCAST FEED
They’ve been there. They’ve done it, and they can stand up the first two or three data models within your warehouse strategy in a very short period of time because they’ve built the tools to do that. But most importantly, they bring a methodology that will transform the way clinical stakeholders drive outcomes and improvements.
We have probably one of the best security programs you can find. First of all, we have all the policies, and we train, retrain, and communicate constantly. But most importantly, we’ve invested in the technology that can monitor real-time who’s doing what, when are they doing it, and is it appropriate.
From the very beginning, security and privacy has always been viewed as a necessary evil, and we’ve been granted the capital and the resources necessary to do it right.
My job is not to manage. My job is to lead. And my second job is to make sure I have the right person in the seat on the bus. My job is to set a vision and strategy, and to do that, you have to have people. I believe a CIO cannot be a domain expert in security. You need to hire that individual.
I think innovation is a process and it’s a structure. You need the process and you need the structure because innovation can come from many different stakeholders in an organization, and even outside the organization.
Guerra: Let’s talk about some of the other things that you’ve been up to. I understand you’ve started working with a company called Healthcare Quality Catalyst?
Guerra: Can you tell me a little bit about the work you’re doing with them?
Byerly: I can. I think it’s been now two years. They were referred to me by a colleague in the industry. I met with them probably three times before I felt that I understood what they could bring to the table, and felt strongly about introducing them to our CMIO and our CMO. Since we finished Epic, one of our top priorities has been business intelligence and analytics. As a matter of fact, probably in 2010 I can remember giving a presentation to our board committee on a five-year journey to be able to do clinical analytics and how long it would take to build a centralized data warehouse and the strategies around that.
When I met with them, what I liked best about the individuals — Steve Barlow has spent a lot of time here; he’s one of the principals — was the fact that they came from Intermountain Health. And not only did they come Intermountain Health, but the physician leadership at Intermountain Health at the time was also involved in the company (HQC) — well-renowned individuals in the quality and the analytics space in health care. Intermountain is probably one of the leaders. In very short terms, they took the plan that I had presented to the board and knocked about two and a half years off of it with their data model architecture approach. But the real value in working with them is they bring a methodology; a discipline of driving clinical improvement and quality outcomes in an organization.
Most organizations tackle it from a silo perspective. Most organizations think they can do it with, ‘I need a report that says this,’ and when IT delivers it, guess what? It’s never right. Their methodology, the way that they share their experiences, and the way that they conduct themselves have been a tremendous game changer at Stanford. And now, I believe, we’re certainly not one of the leaders, but I would say we’re almost at a breaking point where we will have a very robust data model for our warehouse and we will be driving most of our clinical effectiveness and our operational effectiveness through a centralized data warehouseusing the methodology we have embraced that is part of the engagement and value proposition with HQC.
When they talk, it’s interesting. There are some people who can come in — consultants or whoever — and I don’t really know what he’s saying or what she’s saying. I have to validate it. I listen to these guys. These guys know. They’ve been there. They’ve done it, and they can stand up the first two or three data models within your warehouse strategy in a very short period of time because they’ve built the tools to do that. But most importantly, they bring a methodology that will, in my opinion, transform the way clinical stakeholders drive outcomes and improvements.
It’s really amazing to watch. I’ve been blessed to have hired and worked with an individual who is our executive director of Clinical and Business Analytics, Yohan Vetteth. He’s been working with them a lot over the last two years, and I’m telling you, the changes and the adoption that we’re seeing by our physicians and our nurses and our operational staff — it’s amazing. We’re really in a breakthrough year this year. We’ve demonstrated the tool and some of the outcomes to our board IT committee as well.
Guerra: It’s interesting. You talked about the idea that when these guys come in, you listen to them, and it makes me think about how, at least with me and probably with you too, there’s sort of a barrier. Once somebody gets it, then you don’t have to validate every single thing they say, because they’ve gained your trust. Do you see it that way?
Byerly: Absolutely. I look back on my career, and meeting HQC and introducing them to Stanford and working with them was probably one of the best decisions I’ve made over the years.
Guerra: That’s certainly a high endorsement.
Byerly: Yes. And our CEO talks all the time about our analytics program and what we’re trying to do. It’s really very rewarding to have the leadership — not myself, but the leadership — talk about our program and what we’re doing.
Guerra: One of the other things I came across was that you recently signed a $30 million contract for security and privacy of PHI. Can you talk a little bit about that?
Byerly: Thirty million dollars?
Guerra: I got it from an article. It could be incorrect.
Byerly: We have invested heavily in our security program, and we will continue to do so. I would say we have probably one of the best security programs you can find. First of all, we have all the policies, and we train, retrain, and communicate constantly. But most importantly, we’ve invested in the technology that can monitor real-time who’s doing what, when are they doing it and is it appropriate. We have automatic alerts that go to our compliance department if a certain individual is doing something that falls out of the realm of where that person works and the type of person they’re looking at. We’re very proactive in our security program. That $30 million may come from the fact that over the last 10 years, we have probably spent close to $30 million for security and privacy tools and compliance software.
Guerra: This is no small issue for CIOs. You may be familiar with John Halamka at Beth Israel Deaconess in Boston. He writes a blog and he’s been writing quite a bit lately about security and these types of things. It’s certainly something that is top on his radar and I would imagine it is for a lot of other CIOs.
Byerly: Yes, and we’ve been very fortunate here that from the very beginning, security and privacy has always been viewed as a necessary evil, and we’ve been granted the capital and the resources necessary to do it right. I’m very proud of our program here. Our Chief Security Officer, Mike Mucha, is one of the best. He works very closely with our compliance officer and there are many times when I don’t even know some of the things that he has to do in order to work with the compliance officer and check on what’s going on. I don’t even know half the cases that he’s been involved in, because there’s no need for me to know but he’s very engaged in the protection of our PHI.
Guerra: That’s an interesting point — on a larger level, the idea of knowing things are being taken care of and being comfortable with the fact that you don’t need to know the details of everything. You have plenty to do. Talk about that in terms of being an effective executive.
Byerly: My job is not to manage. My job is to lead. And my second job is to make sure I have the right person in the seat on the bus. My job is to set a vision and strategy, and to do that, you have to have people. I believe a CIO cannot be a domain expert in security. You need to hire that individual. You need to hire someone. I was talking with Mike the other day. My tenure here is coming to a close, and I said to him, ‘I never doubted your judgment and I never doubted your integrity.’ When you have a security officer, those two attributes are extremely important, because he knows more about some of the cases he’s had to investigate with the compliance officer. He does his job and he is not at all out there telling people, we had this case and that case. He’s just a quiet domain expert in his field, and he’s really built a great program here. He’s a good guy.
Guerra: Very good. I also see that you created a 10-member Innovation Council consisting of a mix of clinicians and IT staff. I recently interviewed Ed Martinez at Miami Children’s. He won the CHIME CIO Innovator of the Year award. We talked a lot about what innovation means, because I don’t think there’s a clear definition. I think it could mean different things to different people. Tell me what your idea of innovation means; why you put together the council, and how they’re doing.
Byerly: We’ve had a couple of councils in the last 10 years here around that topic, and we’re putting a refreshed look to it at Stanford. Let me give you my philosophy around innovation. I think innovation is a process and it’s a structure. You need the process and you need the structure because innovation can come from many different stakeholders in an organization, and even outside the organization. The first thing that we did here at Stanford was to understand what is the vision and what is the process by which we’re going to evaluate and decide on what innovative ideas and innovative solutions we would like to entertain — whether it’s entertaining for a pilot, entertaining for the new hospital that we’re building, or entertaining to deploy.
So the concept is you have a council that is made up of physician leaders and made up of senior leaders, and in my mind, probably a few nurses because they are our largest stakeholders. They take care of our patients every day; every hour. The council’s charter is to review our evaluations and review the ideas that come forward through this process. Sometimes the ideas come from physicians, sometimes the ideas come from people who are looking and doing the research on our behalf, and sometimes the ideas come from our corporate partners. And a lot of it comes from the strategic technology partners that we do business with and that we want to continue to do business with in preparation for our new hospital.
The council’s job is to evaluate our assessments and help us understand and hear from them how it would be deployed and what is the value to the organization and to our patients. If they vote and say ‘gee, look at this a little bit more — is there any way you can stand it up in your technology lab and have people take a look at it with you?’ If it passes all those tests and we all agree that it should be considered for the new hospital, then it goes to into our lab where we can test it with all the other solutions that we’re looking at.
Innovation is ideas, and those ideas come from outside the organization, from research, from our own stakeholders, our corporate partners, our strategic technology partners, and maybe even an employee who knows we have a council and forms an idea and we look at it. There’s a process in which we decide on whether or not we continue to look at it or not look at it. That’s what our process is all about. This go-around, it’s very focused on planning for our new hospital that opens in 2018.