Q&A: The Next Big Step in Healthcare: Turning Data into Information (Part 1 of 2)
Healthcare providers are collecting and storing volumes of data about patients, but now what? The challenging next step in healthcare BI, says Dr. Kevin Dawson, is turning that data into actionable information.
- By Linda L. Briggs
- June 18, 2013
Healthcare organizations have data, but they need to start turning it into information they can use to make decisions -- especially as new regulations push healthcare organizations toward rapid change. In this first part of a two-part interview, Dr. Kevin Dawson, who has years of experience in executive-level healthcare management from the IT side, discusses the BI challenges facing the healthcare industry. Dawson is currently the director of business intelligence at Cancer Treatment Centers of America, a fast-growing private cancer specialty organization with centers in a number of locations across the U.S.
BI This Week: You've been in healthcare and IT for many years. What are some of the biggest challenges you see in managing healthcare data today?
Kevin Dawson: Today, healthcare is a data-rich but information-poor industry. We're collecting many different data points, we're measuring practically every single element ... from a patient's temperature to how a pump is working to everything we do to the patient. It's all collected in our electronic healthcare records systems, primarily.
However, in order to use that data to help the patient, we really need to get to the next step. How can we apply this information, which is coming in from different sources, so that we can make decisions based on the data? That's the next step, and it's the biggest challenge in healthcare today.
In general, healthcare is a little behind other industries in adopting IT. That's going to change; major projects are currently on the way, many of them driven by the federal government. The HITECH Act (Health Information Technology for Economic and Clinical Health Act), for example, is a major law that will change healthcare. It demands what we call "meaningful use of health information technology." Virtually every healthcare organization across the country is working to implement meaningful use these days, which calls for some fundamental steps to meet a federal standard in healthcare.
As healthcare organizations, we are collecting data from the different sources -- how can we use it for clinical action, for clinical decision support? Healthcare data is complex. Currently half of it (or more) is unstructured. You have lots of unstructured text, and recordings, and images, and legacy records collected in unstructured format. How can we use this unstructured data for decision-making? That's a major challenge.
How does the medical industry deal with unstructured text?
There are a couple of ways. One is using structured notes, which allow doctors and technicians to enter notes in a structured way, but that has its own challenges. If a highly trained physician is now doing data entry, you aren't using that person in the most productive way. Another approach is trying to deal with the unstructured text in a way that yields more structured information. That includes natural language processing, or NLP, and medical language understanding.
What about legacy healthcare records? How do you bring structure to them?
You have to evaluate the value of the legacy records. I'm very fortunate at CTCA because we're a relatively new organization and we have an electronic patient record system that is the same across all of our hospitals. We also have a centralized IT department. That isn't the case in many organizations, which have separate IT departments at each hospital.
Pulling data together in electronic formats is much easier for us than for organizations that have a large amount of paper records to deal with.
Regardless of how records are stored, you still must deal with major organizational challenges in healthcare. With practically any medical center, there are at least two different cultures that seem to inevitably collide: the organizational management culture and the medical culture. Each culture requires different approaches to dealing with data. How you manage that requires technical skills in both areas -- both technical skills in managing healthcare data and management skills.
Are there special security challenges in managing healthcare data?
Yes. In a hospital, protecting healthcare data is protecting the patient, so we don't just consider at security alone -- assuring the quality and accuracy of the data in all of our systems is a major patient safety question. Protecting the privacy of the patient is also a very important element of practically anything we do.
Security is an important topic for discussion in any hospital today. You're protecting the patient and you're protecting your brand's reputation -- it's a complex area of IT in general.
Certainly, you have to establish good governance around security. It's not just a tactical issue. The reporting structure of the security group is also an important question in establishing a strong security model for your hospital or other organization.
There are many aspects beyond just HIPAA to deal with, including local regulations. If you're a global healthcare provider, then other laws may apply as well. Every single project that we do has security involved. You need to balance giving access to the data with protecting healthcare information.
Examples include clinical research and marketing. Internally, many organizations separate what is called payment, treatment, or operations, PTO. Protected health information can be shared only for PTO purposes. Other areas, such as clinical research or marketing, don't have access to all the data. To make that work, you must establish, at the level of the data model, access rights so that certain data elements are protected, so that you are protecting the security and privacy of the patient.
That imposes other challenges. In the past, an organization tended to have its strongest security around the perimeter. The model was, strong on the outside and soft on the inside. Today, we need to implement many more internal controls for security. I'm not an expert in that area, but I certainly know how important it is. In business intelligence, when we are dealing with data, describing access rights to each data element is an important factor.
You mentioned marketing. What special security concerns are there related to marketing and healthcare?
Regarding marketing, there are specific laws about how healthcare data can be used. In BI, you need to work very closely with your compliance officer to establish what you can and cannot do with the data. Many times, the marketing department has no access to what we call protected health information -- names, Social Security numbers, addresses, and so forth. They can access aggregate data sets only.
If you were to envision a "maturity curve" showing progress in healthcare data management, where would we be on that curve?
If you took a five-phase maturity curve, for example, most organizations would still be at Phase 1 or 2. One primary reason is that only large organizations can afford to have true business intelligence. Establishing the foundation for BI is relatively time-consuming. I described the challenge of creating the data model, for example -- which is time-consuming and yet basic.
Also, there are many mergers and acquisitions currently taking place in healthcare. One of the drivers behind these M&As is that some smaller organizations just can't comply with many of the new regulations, driven by new laws such as Meaningful Use. Larger organizations, on the other hand, have a bigger profit margin and can absorb some of these costs more easily.
Will all this M&A activity create more opportunities for business intelligence?
I believe it will. In building a BI department, you are always challenged because you must build a solid foundation, but at the same time, you want to deliver value right away -- usually direct decision support for clinical and operational areas, meaning dashboards and reports that support clinical quality, patient safety, operational efficiency, and can demonstrate the best outcome.
There are these two concurrent projects, then -- one is establishing a data foundation for your organization, including taking care of the data quality issues. Those issues will be revealed when you start building (they've been around for a while, you just didn't know it). Included in that, you need to tackle data governance, data quality and improvement, and data architecture in general. In doing this, you need to bring together participants from all the different affected departments or even different hospitals.
Along with all that, you also need to work quickly to produce usable dashboards and reports that demonstrate output from your department.
In healthcare, the easy reporting has been done for a long time. Many organizations have health record systems support -- the kind of simple reporting that comes from a single source system. Some of this activity can be sped up or even outsourced, but the very complex dashboard problems usually cannot. That requires internal talents.