The difference between being a management consultant and a permanent CIO is big. In fact, Jessica Cornelius compares it being a plane that goes from 50,000 feet to 10,000 feet. “There are things you see,” she says. “It’s been more work than I ever anticipated, but it’s been extremely rewarding.” In this interview, Cornelius talks about the huge lift required to upgrade a 15-year-old infrastructure, the key component in change management, and how she’s working to transition the organization out of “break-fix” mode and into value-add mode. She also discusses Hendricks Regional’s biggest priorities for 2017, the importance of having mentors that give honest feedback, and her key takeaway from CIO Boot Camp.
- About Hendricks Regional
- Choosing an EHR — “It’s not just an IT decision.”
- From a ‘mom & pop shop’ into Walmart overnight
- Upgrading a 15-year-old infrastructure
- Cloud-hosted model — “That was an easier sell for us.”
- “Education is 70% of the security program.”
- Building & maintaining trust
LISTEN NOW USING THE PLAYER BELOW OR CLICK HERE TO SUBSCRIBE TO OUR iTUNES PODCAST FEED
This can’t be just a technology project. It’s about our clinicians. It’s about getting them involved in that process. So we’ve really taken a collaborative approach. We’ve invited everyone in the organization to see demos, to go out and visit sites where different EHRs are hosted, and to really give their opinion.
The organization has grown really quickly, especially in the last five to seven years. I like to use the analogy we were a mom and pop shop and we grew into Wal-Mart overnight, so that presented us with some challenges on how we could deliver quality patient care and give our patients what that they need.
The IT team here was excited to make that move to cloud hosting. It’s letting executive management know that we’re doing this not only to save money, but also to give us 24/7 support.
We often get the question, ‘Why can’t I look on Pinterest? Why can’t I look at Facebook?’ You absolutely can, just not on our network, because those are areas where you see a high rate of malicious emails and malware.
It’s trying to fix things as you go along and build that trust. You definitely don’t want to erode that by doing things without people knowing, turning things off or on without people knowing. It’s important that everybody understands fully what IT is doing in the organization.
Gamble: Hi Jessica, thanks so much for taking some time to speak with us today.
Cornelius: Thank you, Kate, my pleasure.
Gamble: I think the best way to get started is to get a high level overview of Hendricks Regional Health, what you have in terms of hospital beds, some of the ambulatory offerings, and where you’re located.
Cornelius: Sure, I’d be happy to. Hendricks Regional Health is located in Danville, Indiana, about 20 miles west of Indianapolis. We serve mainly Hendricks County, but also the surrounding counties to the west of us. We have a 160-bed hospital, and three medical centers in each of the major towns in Hendricks County: Plainfield, Brownsburg and Avon. We’re currently building a new medical center in Brownsburg that will offer full women’s services — not just traditional services, but also cardiology, sports medicine, plastic and reconstructive surgery as well. We have about 30 skilled nursing facilities that we partner with across the state of Indiana, and we have wellness clinics. One of the major initiatives we’ve done this year is partner with the local schools in Hendricks County to provide wellness services and clinics onsite.
Gamble: And the new medical center you talked about — when is that slated to open?
Cornelius: That’s slated to open in the fall of 2017, so we’re well under way for the construction and working on technology planning for that right now. That will be a $50 million facility.
Gamble: So obviously a lot going on. In terms of the clinical application environment, what type of EHR is in the hospital at this point?
Cornelius: We actually have several EHRs right now. When we first installed an EHR 28 years ago, that was all before my time, but the decision at the time was to have a best-of-breed model with different EHRs suited for different departments, and getting the best of what you could for each of those areas. Given the changes that we’ve had in healthcare, we’re actually in the middle of an assessment to look at a single integrated EMR that can bring all that information together. So we’re in process right now, and we hope to have a decision here by the end of 2016.
Gamble: That’s something I always find pretty interesting, as far as how you go about incorporating some of the different opinions and different needs. Can you talk a little bit about that process and what the strategy is there?
Cornelius: Selecting an EHR, in the past, I think has been seen as an IT project, and we’ve really recognized that this can’t be just a technology project. It’s about our clinicians. It’s about getting them involved and really getting everybody involved in that process. So we’ve really taken a collaborative approach. We’ve involved everyone in the organization. We’ve invited everyone to see demos, to go out and visit sites where different EHRs are hosted, and to really give their opinion. We’re doing that through a survey and we’re collecting all of that data, but we want to make sure that people have a choice. Ultimately, this is the decision of the organization. It’s not just an IT decision.
Gamble: Yeah, that’s important. At this point, without getting into the names if you don’t want to, are there a few systems that you’re choosing between as far as some of the different offerings out there, or are there plans to narrow it down by a certain date?
Cornelius: We actually engaged advisory services — PricewaterhouseCoopers — to come in and assist us with this process, but we have an EHR currently for the impatient, one for ambulatory services, one for the ED, one for rehab services, and we recognize that there are issues with integration there. So we wanted to focus on the things we want to look at in EHR that will give us the quality of care, the patient safety that we’re looking for and the communication as well. Ninety percent of any of the errors we see are in communication. So, a single integrated EMR is really the way to go. We’re currently reviewing two options across the organization to get feedback on functionality and see what are clinicians or physician and others think about solution.
Gamble: From what you’ve said before, there have been multiple EHRs in place for a long time. Can you talk about some of the changes that the organization has been through in recent years as far as the EHR strategy?
Cornelius: Sure. I think the organization has grown really quickly, especially in the last five to seven years. I always like to use the analogy we were a mom and pop shop and we grew into Wal-Mart overnight, so that presented us with some challenges on how we could deliver quality patient care and how we could give our patients what that they need to bring them into their own care and make them feel like they’re part of that. So, that has been a challenge for us, and actually led us this decision.
One of the challenges we’ve had with the assessing the EMR is making sure we do have everyone involved, and making sure that communications are out in the organization. Everybody knows what we’re doing and they’re aware of those steps.
Gamble: From a technology standpoint, have there been other changes besides the EHR?
Cornelius: Absolutely. When I came to the organization about three years ago, we were looking at an infrastructure that was probably 15 to 20 years old. So that was one of the things that we decided to focus on for 2016 — not just in preparation for a new EHR coming in, but also in how we are going to take the organization into the future? You can’t do that with technology that’s 15 to 20 years old.
As far as some of the things that we focused on this year, we’ve completely redesigned the networks, we’re redoing all the wiring and wireless — taking all that out, putting in a standard design, refreshing all the equipment and putting in a capital lease structure so that equipment can be replaced two to three years. We’re also putting in a voiceover IP phone system. We had traditional PBX phones that didn’t really integrate into anything — actually, there were different phone systems across facilities. And so putting in a common system and putting in a security program was a big change for us. It didn’t really change the technology, but it changed how we administered that. So that was a big change for us.
As we looked at transformation and how we were going to transform IT, we had to make a decision between what was a commodity service and what was value add. One of those commodity services was having the data center hosted here on site, and so we did make a decision to go ahead and move to a cloud hosted model and really take that off the plate and let someone else handle that.
Gamble: Okay, so we’re talking about a lot of big changes. As far as moving to a cloud hosted model, was that a tough sell because there is still some hesitancy when it comes to the cloud?
Cornelius: Actually that was an easier sell for us. There were some solid numbers that we could put to that. With an organization our size that’s expanding, when we looked at a data center refresh that’s around $25 to 30 million, that just wasn’t in our bandwidth. And actually, the IT team here was excited to make that move to cloud hosting. It’s letting executive management know that we’re doing this not only to save money, but also to give us 24/7 support and give us the capacity monitoring and the security monitoring that we haven’t had in the past. That was actually an easy communication for us.
Gamble: What about security — what are some of the changes that you made there?
Cornelius: So the biggest thing in the security program was putting some tools in place partnering with our data center partner to put the monitoring in place, letting people know that computers were not just for personal use; that these things were being monitored. We were going to have to start blocking sites, and I’m sure it’s the same with other healthcare organizations. We often get the question, ‘Why can’t I look on Pinterest? Why can’t I look at Facebook?’ You absolutely can, just not on our network, because those are areas where you see a high rate of malicious emails and malware that comes thorough. So we did have to make those changes, and that was actually a big cultural change for people to know that. We have a high degree of trust in the organization, and letting people know that those kind of things were being monitored was a hard communication for us to make and to get that buy in.
Gamble: I imagine that’s something that has to be approached pretty carefully. Is it a matter of just kind of really presenting the downsides and really communicating what can happen if there are security incidents?
Cornelius: It really is. It’s about keeping consistent communications. It’s all about education for us/ Education is probably 70 percent of the security program — making sure people know why we’re doing it. Keeping them up-to-date on the latest security breaches that have happened has been a big thing for us in communicating that this just happened and we’re taking these steps to ensure it doesn’t happen here.
Gamble: With a lot of these changes, the issue comes up of cultural change and what it takes to introduce change. You’ve talked about communication being an important part of that. Is there anything else you could say about the approach that you’ve used with introducing change?
Cornelius: Absolutely. So when you’re introducing change, even though much of this is IT focused, it’s communication at all levels of the organization. We have a terrific marketing department here at Hendricks that has assisted us with all of those communications, and we always get their buy in.
The other thing we do is we tie all of our communications, and all of the changes that we make in the organization, to our values. We value collaboration, engagement, integrity, loyalty and respect. And we make sure that when we’re communicating a security change, for example, we’re doing it out of respect for our patient’s information. Making sure that we incorporate those has been important to the organization, and it’s been important in driving those changes for people to understand why we need to tie it back to something common that they see. They want to see our values displayed, so we make sure that we do that.
Gamble: Right. I imagine that when you’re part of an organization where there is a high degree of trust, it’s really important to you to maintain that.
Cornelius: Absolutely. It takes a long time to build. It’s taken three years since I’ve been here to build the trust with the organization that while things might have worked for 15 to 20 years, they aren’t anymore. We obviously didn’t try to break it. It’s trying to fix things as you go along and build that trust. You definitely don’t want to erode that by doing things without people knowing, turning things off or on without people knowing. It’s important that everybody understands fully what IT is doing in the organization.