When Rhonda Jorden was asked to step into the interim CIO role at University of Arkansas for Medical Sciences about 6 years ago, something happened that took her by surprise. “I liked it more than I thought I would,” said Jorden, who was able to see “the positive impact IT can play in patient care.” It was a lesson she took to heart when she took on the full-time role five years later. In this interview, Jorden talks about the major projects on her plate, including UAMS’ organization-wide Epic implementation, the building of a customized data warehouse, and the fine line leaders must walk when it comes to security. Jorden also discusses how UAMS is collaborating with local hospitals to improve care coordination and outcomes, how she’s leveraging her past experience in her current role, and what it was like to fill Dave Miller’s shoes.
- About UAMS
- Epic everywhere with UConnect
- Building a customized data warehouse
- Analytics — “I think everyone is struggling with that.”
- Data governance work groups — “We’re looking at who are the data stewards.”
- Cybersecurity and the balance between security & usability
- Reporting to the chancellor — “We are a totally centralized IT division.”
It’s really a more customized data warehouse, which actually has served us well with our legacy systems being decommissioned. As an academic medical center, we have a lot of research that goes on, and we need to be able to report up to 10 years back.
We’re looking at how the groups will be represented, who are the data stewards — that whole framework. We have a very active group working group that meets weekly specific to the data warehouse.
We’re definitely pursuing multiple avenues for what I term cybersecurity mitigation — enhanced identity access management requirements, mobile device management, and enhanced security of remote tools to access clinical data remotely.
You don’t want to impede on somebody’s personal space, on their personal own device, and so I think that’s a delicate balancing act, and UAMS, probably like other institutions, are really trying to figure out what’s that right balance.
Gamble: Hi Rhonda, thank you for taking the time to speak with healthsystemCIO.com. Can you give us some information about University of Arkansas Medical Sciences in terms of what you have with hospital beds, just some basic information about the organization?
Jorden: The University of Arkansas for Medical Sciences is the state’s only comprehensive academic health center. We have roughly 450 beds, and approximately 90 clinics and diagnostic centers located primarily in the Little Rock metro area. In addition to the hospital and clinics, UAMS also includes five colleges and a graduate school, eight regional centers and seven institutes of excellence.
Gamble: In terms of the clinical application environment, you have Epic in the hospital?
Jorden: We have Epic everywhere. We branded it UConnect. As of now, we have Epic in all of our ambulatory locations, our acute care, lab, radiology, pharmacy, both inpatient and ambulatory pharmacy, anesthesia, and OR. We’ve installed most of what Epic has to offer. We have not installed the cardiology suite or transplant suite. So there are some things we don’t have from a clinical operations perspective that we didn’t have a need to install.
Gamble: For cardiology and transplant, do you plan to stay with the products you currently have?
Jorden: We are exploring both those products. Right now, we do not have a decision whether we’re staying with what we have or moving to Epic. We’ll continue to look at that.
Gamble: It’s not uncommon to hear that about cardiology. I think that that’s one of the areas where a lot of organizations tend to stick with the module they have.
Jorden: Yes, and it’s a fairly intensive long implementation process as well.
Gamble: How long have you had Epic in place in the hospital?
Jorden: We went live May 3, 2014 in the hospital setting. We had a two-wave implementation. Our first wave included primary care clinics and professional building and scheduling for all clinics and ambulatory pharmacy, and that was in August of 2013. Then we went big bang in our hospital and all of our remaining clinics, plus hospital billing. We installed the Beacon oncology suite, the inpatient pharmacy, radiology, and lab, and all of that went big bang on May 3, 2014.
Gamble: And since then, have you been primarily focused on optimizing the system?
Jorden: Yes, that and ICD-10. And right as we finished the ICD-10 project, we went immediately into the 2014 upgrade project.
Gamble: As far as you can tell, there aren’t any specific areas or sticking points with that upgrade at this point?
Jorden: No, we’re on target.
Gamble: Okay. So being in academic, I can imagine that data management is a big priority. I’m sure it can get complicated with the sheer amount of data you deal with — what is your strategy as far as data warehousing?
Jorden: We actually started a data warehousing project five years ago, pre-Epic, where we built our own data warehouse. It’s really a more customized data warehouse, which actually has served us well with our legacy systems being decommissioned. As an academic medical center, we have a lot of research that goes on, and we need to be able to report up to 10 years back for research purposes. So we started that data warehouse initiative over five years ago and we continue to focus on being able to provide our clinical data to researchers in an identified manner. We’re actively looking at strategies and considering the Epic Cogito platform — we haven’t made a decision on that, but it is a consideration.
Gamble: What kind of work are you doing with analytics or what do you hope to be able to do soon?
Jorden: I think everyone is struggling with that one a little bit. Currently we have SAP Business Objects, which is a recommended tool for Epic, and that sits on top of our clarity Epic platform. We’re doing analytics work with that tool set. We are definitely looking and planning for enhanced data governance around analytics, not just from a clinical analytics standpoint, but as a broader research analytics and administrative analytics standpoint. That’s on the more distance horizon.
We went to service lines in July and we call that an Integrated Clinical Enterprise. Our CMIO sets up and reports to the CEO of that Integrated Clinical Enterprise. He has a definite initiative around analytics for enhancing patient care, enhancing performance, and all of that work is through the CMIO office and the Clinical Informatics team, which IT supports.
Gamble: Okay. And you said that enhancing data governance is something that you’re looking at.
Jorden: Yes, across all of our missions as an academic health center. We’re looking at how the groups will be represented, who are the data stewards — that whole framework. We have a very active group working group that meets weekly specific to the data warehouse, and that’s inclusive of our CMIO and Chief Research Informatics Officer, as well as other very interested parties and our Biomedical Informatics group.
Gamble: Okay. Let’s talk about security — how are you addressing all the concerns out there?
Jorden: I think everybody is battling that one right now. We’re definitely pursuing multiple avenues for what I term cybersecurity mitigation — enhanced identity access management requirements, mobile device management, and enhanced security of remote tools to access clinical data remotely. We have an initiative underway currently with a targeted goal of having some additional tools in place prior to June 1. So we’re on a very aggressive timeline there.
Gamble: Is that one of the biggest challenges — dealing with all the devices and the different wireless networks they could go on, all the while protecting the data?
Jorden: It’s really about ensuring that our policy for mobile devices is being followed and about auditability to say if there was a suspected breach or security incident of any sort, can we audit and confirm whether something did or did not happen to the mobile device itself. That’s what our target is from a mobile device management perspective. When you get into the bring-your-own-device strategy, you want to ensure there’s a container that the UAMS-owned and licensed devices are running through. You don’t want to impede on somebody’s personal space, on their personal own device, and so I think that’s a delicate balancing act, and UAMS, probably like other institutions, are really trying to figure out what’s that right balance.
You don’t want to just have people using corporate-owned devices because that increases cost, plus nobody wants to carry two devices. It’s something we’re working through, and I’m sure other healthcare institutions are working through the same thing.
Gamble: Definitely. In terms of the governance structure, who do you report to?
Jorden: I report to the chancellor. I have responsibility for not just clinical IT, but also research IT, administrative IT, and academic IT. We are a totally centralized IT division.
Gamble: Approximately what size is the IT staff?
Jorden: It’s roughly about 325 budgeted positions, plus a few interns.
Gamble: And you said the CMIO reports to the CEO of the Integrated Clinical Enterprise? I’m sure there are a few dotted lines and whatnot in the org chart.
Jorden: Yes. Actually, my assistant vice chancellor for IT Clinical Enterprise Systems does have a dotted line back to the CEO of the Integrated Clinical Enterprise.
Gamble: And the one who you have the most contact with and work with the most is the chancellor?
Jorden: I report directly to the chancellor, but I probably work more often with my peers at a vice chancellor level — the CEO of the Integrated Clinical Enterprise is a vice chancellor.