There’s been a lot of discussion about the transformation the CIO has undergone in recent years, and the skillsets that are needed to drive the industry forward. One attribute that’s often overlooked, however, is the ability to manage expectations, says Gary Light of Memorial Hospital and Health Care Center. He believes a core function of the CIO is in marrying “the reality of what we want to do versus what can be done.”
In this interview, Light discusses the essential role IT plays in translating business needs into technical solutions, the importance of engaging stakeholders like the CNO in planning a major migration, and how his team is working to stay ahead of cybersecurity threats. He also talks about the many value lessons he has learned through mentoring, and how he has benefited from a diverse career background.
- IT “in a holding pattern” after EHR decision
- Focus on cybersecurity, data analysis & telehealth
- Identifying business value – “It’s protecting the organization from risk.”
- “You have to keep an eye on what’s evolving.”
- CHIME Boot Camp – “That was a turning point for me.”
- “Great experience” with virtual mentoring program
LISTEN NOW USING THE PLAYER BELOW OR CLICK HERE TO SUBSCRIBE TO OUR iTUNES PODCAST FEED
I’ve had instances in the past where there were expectations that it was just going to happen; that on a given Monday, all of a sudden we’d come in and we’d be doing CPOE.
Everybody worries about the amount of money that organizations have to invest just to keep safe, without really driving business value. It’s protecting the organization from risk, and that’s always a challenge.
The one thing about cybersecurity is that it’s an ever-changing landscape; as soon as you think you have it figured out, you realize you don’t. And so you have to keep an eye on what’s evolving.
I’ve been in healthcare leadership for 25 years and CIO for a dozen, and although I haven’t led major healthcare organizations, I’ve seen a lot of things. I’ve experienced a lot of things and have insights might help somebody else.
Gamble: In terms of the people who have gone through EHR implementations before, I guess the hope is that they remember what it was really like — not having rose-colored glasses, or the other extreme.
Light: As we talked through this, we heard both sides of it. Some people are very nervous about doing it again, and others recognize that it needed to happen. This is the third hospital I’ve worked at, and so I’ve had the pleasure to work with a number of CNOs over those years. One thing that has made a difference for us here is the commitment our CNO has to the training and to the shoulder-to-shoulder support as we go live. It takes a huge commitment on their part of staffing up appropriately, and so that partnership has worked well given the commitment that our patient services areas have to do what it takes.
I have had other instances in the past where there were expectations that it was just going to happen; that on a given Monday, all of a sudden we’d come in and we’d be doing computerized order entry. And so the perspective that our CNO here has toward that has just been a great help to the whole organization.
Gamble: In terms of where things are now, have you reached a decision?
Light: We have. The team has made its recommendation, and we’re in the process of financial analysis and negotiation. So we haven’t signed a contract yet, but we know the direction we’re going to go.
Gamble: That must be a relief in some ways, or at least take off some of the burden.
Light: Actually, it shifts a lot of the burden from the team to me and to the CFO. Now our job starts where we’re doing the financial analysis and the negotiation aspects of it. The team is in a bit of a holding pattern as we work through those issues. They’re just waiting for the excitement of when we tell them we have a contract signed.
Gamble: Then the fun really starts.
Light: It does.
Gamble: Aside from this, what are some of the other big priorities for you right now?
Light: Organizationally, we continue to look at strategies for growth; strategies for producing revenue to fund things like the electronic health record, and how we bring services to the different aspects of the communities we serve. There’s no question that from a technology standpoint, cybersecurity remains on everybody’s mind. Each year it seems like there is a little bit of a different focus, whether it’s data analysis or cybersecurity, or as we look forward, telehealth.
Although there are different issues that are foremost in everybody’s mind, for us the other issues never really go away, and so we’re still looking at strategies around cybersecurity. We’re looking at strategies around data analysis. And we’re looking at strategies around telehealth, and in a rural community, how it helps outreach to patients in all of the different corners of the counties we serve.
Gamble: What seems to be unique about cybersecurity is that while some organizational strategies are focused on growth, cybersecurity is more about keeping the organization afloat. It’s more preventative.
Light: It is. In information technology, so much of what we do is about the infrastructure where, where when you look at it, it’s hard to identify the business value. A network port or a wireless access port, or an application doesn’t in itself produce a business value — at least not visibly. It’s the services that the infrastructure provides for. Cybersecurity is the same way. Everybody worries about the amount of money that organizations have to invest just to keep safe, without really driving business value. It’s protecting the organization from risk, and that’s always a challenge.
Fortunately, members of the executive teams review the posts from media sources and are fully aware of other organizations that are suffering from cyber attacks. So it is front and center on a lot of people’s minds. It is one of those things, however, where you lament having to invest the amount of money that we have to invest in this area.
Gamble: I imagine that a lot of that is in the education component, particularly since these threats are ever changing.
Light: It is. A few years ago, as we went through our annual audits and as we really looked in the mirror and reflected on what our strategies were, we recognized that we probably weren’t doing as good a job as we thought to educate our workforce on what role they play in protecting information and what the risks are, and so we started a pretty intense program. Certainly, we do the phishing simulations that many people do, and we share those results with our board. We share the results with our leadership and take a pretty strong approach to people who haven’t learned and need clarification on what exactly what their role is.
Gamble: So in a way, it turned out to be a positive.
Light: It did. Certainly, we’re a lot better protected today than we were. We know there continues to be an opportunity. The one thing about cybersecurity is that it’s an ever-changing landscape; as soon as you think you have it figured out, you realize you don’t. And so you have to keep an eye on what’s evolving and what technologies can help combat those. And it’s not just technology strategies, but what organizational strategies you can use in order to be effective.
Gamble: Another area I wanted to discuss is the mentoring you’re doing through CHIME. First, how did you get involved in this program?
Light: I think the mentoring program that CHIME has is just fantastic. The way that I got in it, or what got interested in it, was that when I moved into the healthcare field 13 years ago, I really benefited from having a CIO that I considered to be a great mentor. I wouldn’t have moved into the CIO role or arrived at where I am today if it I didn’t have a CIO who wanted to include me with his way of thinking and show me what it was like to be a healthcare leader. I took my example from that experience.
About 12 years ago, I went through the CHIME CIO Boot Camp and that was really a turning point for me. The faculty they had at the time was just fantastic. As I sat through the week of Boot Camp and got to hear from all of the other CIOs what they were doing in their organizations, the experiences they had, and how they approached not just information technology strategies but organizational strategies, I was really impressed with their willingness to share that experience. I was impressed with their commitment of time to my group, and I wanted to do the same type of thing. And so about two years ago when CHIME decided to do the virtual mentor program, I offered my services to mentor where I could.
I was a little nervous about it at first, to be candid, because I remembered when I went through Boot Camp and the organizations that the CIOs came from. The names are all familiar to everybody in the industry now, and I was intimidated by even pretending that I had that same type of insight of those leaders. But I also looked at it and said, I’ve been in healthcare leadership for 25 years and CIO for a dozen, and although I haven’t led major healthcare organizations, I’ve seen a lot of things. I’ve experienced a lot of things and have insights might help somebody else. I think I’m on my sixth or so mentee now, and it’s been a great experience.