In the first part of this series, we defined ‘grey IT’ and discussed why it’s ultimately dangerous for healthcare organizations. Now it’s time to break down the different types of Grey IT, and discuss how leaders can deal with them.
The four types we’re looking at are: Feral IT, Guerrilla IT, Shadow IT and traditional Grey IT.
Feral IT for me starts as a digitally led project — often a collaboration, an exciting chance for the digital team and the ‘business’ to work together to come up with a solution. It gains ground as it delivers benefit but slowly drifts away from good governance, often because the project is so successful. Over time, though, the project will grow and its delivery focus and the team will change. As that happens, digital governance can break down, and the project is then being delivered outside the parameters of good governance.
The key to making Feral IT work is to ensure governance is grounded in the foundations of the digital agenda. Organizations are often looking for agility and a start-up culture to enable innovation to happen, but innovation becomes scalable only when a rigor of governance is applied. As digital leaders, we should try to encourage the agility that this type of project culture offer; however, it is also our role to ensure that the foundations of decision making and corporate risk management are clearly understood. It is tricky in an age where digital is a consumerized product. Building an understanding of why the digital function of an organization needs to be continually part of decision making can only be achieved with the right style of engagement, one that at least can light a candle next to the consumer style digital capability now available to everyone.
Guerrilla IT is used to describe technology projects that have been actively hidden from an organization’s digital team; a project that was willfully created outside of governance. Guerrilla warfare was a phrase first coined in 1808 to describe the Spanish resistance to Napoleon; Guerrilla IT occurs when the business function goes ‘rogue’ and delivers an identified need that previously hadn’t been addressed.
Today in the NHS, Guerrilla IT exists for many reasons; the key is an inability to make the national solutions that have been delivered work locally. We need to understand why Guerrilla IT projects exist. Much of the reason often traces back to the nature of the solution being sought by the business, and the digital functions’ inability to react in a way that achieves the desired outcome.
The use of WhatsApp in the NHS is possibly the best example of a Guerrilla IT project. For more than five years, many have been saying that this platform shouldn’t be used inside a healthcare environment, and yet, every time I’m in Leeds, I see and hear of staff using it in ways we have actively cautioned against. Why? Because it achieves a need, it is easy to use, it’s a consumer product, and in reality, alternatives are very new to the digital fabric of healthcare.
The same could be said for ERS. There is a desperate need for the NHS wide booking system to offer a ‘many to many’ booking capability where hospitals refer to hospitals, yet it doesn’t. Therefore, departments are growing their own solutions to enable the digital transfer of patient information moving from hospital to hospital. We have to fix this!
Shadow IT manifests often from the digital team, when disagreement exists in strategic direction, standards to be adopted or simply in the procurement of a system. Digital professionals can be a real pain, we all know best, we all know our subject matter and sometimes this can boil over into a Shadow IT project. A project that is delivered against the wishes of the governed decision and with an intention to compete with a decision made. Shadow IT will often be kicked off with good intentions; a project just in case the agreed and governed solution misses a deadline or as a risk mitigation to functionality delivery, but sometimes the project is started because it is a ‘pet project’ of a leader of the organization, digital or otherwise. Shadow IT can be a useful mitigation to risk, but needs the same level of governance, risk management and rigor applied, it needs to be managed as a project that has goal of being there just in case and should not be tolerated as a vanity project because someone with the digital function is unhappy with a technology decision that has been taken.
Grey IT becomes the collective term for these issues, all shades of grey, successful in some ways in delivering user defined need but with risks to the business that must be quantified and mitigated against. Removing Grey IT has already become one of the wicked problems, maybe we should accept that we can’t remove Grey IT from what we do, but we should look to understand where it is, why it is and what the risks are to us.
In the final segment of this three-part series, we’ll examine the value proposition of ensuring all departments are involved in decision-making, and why perhaps it’s time to focus more on VOI than ROI.
This is the second in a three-part series by Richard Corbridge, Chief Digital and Information Officer at Leeds Teaching Hospitals NHS Trust, and a member of KLAS’ International Advisory Board Member. To follow him on Twitter, click here.
healthsystemCIO’s Interviews and Podcasts are sponsored by: