There’s been a lot of chatter in recent years about healthcare being behind the eight-ball when it comes to innovation. And while that may be true in many respects, it isn’t without justification.
“Most of us grew up in an era where it was all about minimizing downtime and keeping things running,” said Tressa Springmann, Chief Information and Digital Officer at LifeBridge Health, during a recent panel discussion. “It was a very conservative posture.”
Times have changed — drastically.
“Now, we’re being asked to adapt and innovate and get things done quickly. And those things come into conflict with each other all the time.”
As the pace of change has quickened, CIOs and other leaders face mounting pressures to deliver solutions that meet consumer demands, all while ensuring data – and more importantly, patients – are protected.
“How do you actually help the organization understand that you might need some additional controls while not hampering timelines?” said Julie Bonello (CIO, Presbyterian Healthcare Services) who also participated in the webinar, along with Ryan Witt (Managing Director of Healthcare at Proofpoint). “And how do you do that in a rapid way so we can safeguard our organization while still not encumbering them? We need to move, and move fast.”
For leaders, striking that balance is as challenging as ever, which has made it increasingly vital to cultivate relationships with vendors that are mutually beneficial.
One of the most critical steps, according to Bonello, is identifying the strategic partners — which can be difficult given the “sheer number” of vendors Presbyterian is working with as they develop a hybrid cloud strategy. “They’re the ones we rely on at various points through integrated workflows, whether it’s changing our business model or changing the delivery model within IT.”
Springmann agreed, adding that both partners — and the nature of the discussions — varies depending on the organization’s immediate priorities. “If we’re knee deep in a data breach, the attention and the focus might be very different than if we’re talking about accelerating our digital strategy,” she noted. “It’s a continual reevaluation based on where we need to take the organization.”
Once key partners have been designated, the next step is to define the business relationship and operating model between the vendor and organization, said Bonello. “That feeds into our discussion about the contracts in terms of the services that will be delivered and how we’re going to measure success.” Getting this done upfront, she added, helps set the right tone for the partnership. “We have to be able to provide the right support. They’re a part of our family. They’re part of our care delivery and quality.”
Not all vendors, however, will choose to partner with health systems in the same way — particularly when it comes to shared risk, noted Springmann. While some are willing to accept risk, others adopt more of a transactional model, which can create hurdles for organizations like LifeBridge that seek to be both innovative and nimble when it comes to driving innovation. “When you go through end-to-end exercises, you’re going to have some partners who are highly engaged and willing to understand the big picture,” she said, and others who are not. “People are really clear about the risk they’re willing to take on.”
For Proofpoint, figuring out how to establish new IT and security safeguards in a rapidly-changing environment is a key area of focus — one that requires the type of “creative and strategic” conversations that CIOs have come to value. “We want to absolutely support the speed of transformation, and yet, we want to make sure we can put in controls to minimize the risk,” said Witt.
Accepting risk, however, is a two-way street — and the deeper organizations are willing to go, the greater value they can realize in terms of security, according to Witt, who described a situation in which a customer asked Proofpoint to interact with their active directory. Doing so “gave us a far greater insight into where attacks were occurring and who was being attacked,” he added. Although this wouldn’t typically be part of a contract, the strong relationship with that particular organization made it possible.
“It allowed us to go deeper into their environment and put in some controls to remediate very quickly against what was happening,” Witt noted. “It’s not always achievable and it’s not always practical, but in this case, it worked. By building a more strategic partnership, both companies found a lot of value.”
Of course, not all health systems are willing or able to develop these types of relationships. “Not everyone wants to be a beta costumer or to influence the roadmap,” he said. “We don’t strive for that with everybody. We try to find what value is appropriate for the customer based on what matters to them.”
Springmann agreed, adding that CIOs need to work with the executive leadership team to understand their risk tolerance. “You have to be very intentional about it,” she noted. “A lot of nonprofit health systems don’t have an economic cushion for failing, but at the same time, we need to fail fast if we’re going to learn.”
The more they understand the organization’s stance, the more transparent CIOs and other leaders can be with vendors, which is a critical aspect in establishing a strong engagement, according to Witt. “If there’s open, honest communication, that’s a really strong place to start.”
To view the archive of this webinar — Keys to Establishing & Maintaining Successful Vendor Relationships — please click here.