Monday, December 31, 2007

IT Governance

One of the most important steps a CIO can take to ensure alignment of IT with the business strategy of the organization is to create robust governance committees. It's also the best way for a CIO to satisfy customers, respond to the tyranny of the urgent, and keep the CIO employed!

I've mentioned governance issues in several previous posts:
Time Scope and Resources

How to Say No
Tyranny of the Urgent
It's not a Job it's a Lifestyle

In the interest of transparency, I'd like to describe my governance successes and failures plus my 2008 plans for IT governance.

At Beth Israel Deaconesss, I have committees for each of my major groups of IT customers:
  • Laboratory Information Systems co-chaired by the Senior Vice President (SVP) for Operations and the Chief of Pathology (an MD)
  • Radiology Information Systems co-chaired by the SVP for Operations and the Chief of Radiology (an MD)
  • Critical Care Information Systems chaired by the Director Trauma, Anesthesia and Critical Care (an MD)
  • Inpatient Information Systems (includes Provider Order Entry) chaired by the Senior Director of Clinical Resource Management (an MD)
  • Ambulatory Information Systems chaired by the SVP of Ambulatory & Emergency Services (an RN)
  • Health Information Management Information Systems chaired by the Director of the Hospital Medicine Program (an MD)
  • Community Information Systems chaired by the Executive Director of the Physician's Organization and the SVP for Network Development (an MD)
  • Decision Support Steering Committee chaired by the Director of Business Planning & Decision Support and the SVP forHealthcare Quality (an MD)
  • Enterprise Resource Planning (ERP) Information Systems chaired by the Director of Business Services and the Controller
  • Revenue Cycle Information Systems chaired by the Chief Financial Officer
This structure worked very well for the past 10 years, ensuring that each application had a lifecycle prioritized by the clinicians and not the IT department. However, in 2007, we needed to make a change. As BIDMC grew into a 1.2 billion dollar organization, an emphasis was placed on achieving an operating margin which would yield the capital budgets needed for expansion. This meant that IT budgets did not grow at the same pace as the clinical budgets and led to competition for IT resources among my governance committees. Existing governance committees set the right priorities within each business area, but we did not have a governance construct to set priorities among all the business areas. Thus, we created an overall IT Steering Committee comprised of the chairs of each of the existing governance committees. The terms of reference for this new committee are here.

At Harvard Medical School (HMS), I also have committees for each of my major groups of IT customers:
  • Administrative Information Technology chaired by the Executive Dean for Administration
  • Educational Applications Committee chaired by the Executive Director of Curriculum Programs
  • Research Information Technology chaired by the Director of the Research Information Technology Group
Like BIDMC, these three committees functioned very well over the past 5 years to ensure priorities were set within the domains of the three core businesses of HMS - research, teaching and administration. A new Dean of HMS took office on September 4, 2007 and launched a strategic planning process. The result of this process could be a substantially broader scope for IT, requiring new resources and scalability. Depending on the outcome of the planning processes, IT governance may need to be revised. Harvard University just completed a governance audit of IT departments and the following are the unedited conclusions about Harvard Medical School:

"A school-wide committee overseeing coordination of IT resources among HMS’ three primary business groups does not exist. HMS has functioned as three core businesses: research, education and administration. HMS IT has established governance processes for each of these three businesses which have led to a high degree of customer satisfaction.

As the new HMS strategic planning process creates new projects and stakeholders, the individual governance committees will evolve to align with the new strategic needs, including the creation of a school-wide IT Steering Committee if appropriate. There is a risk that IT resources could be allocated inequitably among the three core businesses and decisions made without the involvement of key business stakeholders.

The HMS CIO will participate in HMS strategic planning, identifying and documenting governance requirements and school-wide committee needs to ensure appropriate allocation and prioritization of IT resources by May 1, 2008. "

Thus, there may be a need for an overall IT Steering Committee at HMS. Bigger committees are not always better committees and creating a committee to objectively balance the heterogeneous needs of research, education and administration will be challenging. However, I'm very willing to do it if the demand for resources by any one group of customers significantly conflicts with the requirements of other customers.

A few lessons learned from the governance experience above:

In a hospital, it is key that clinicians (MDs and RNs) run the IT governance committees. You'll note that I do not chair any committee other than serving as co-chair of the overall steering committee. My role in that committee is a facilitator only and I do not vote on priority setting.

It's very important to have governance committees that are focused enough to really grasp the details of stakeholders needs. It may appear that I have too many governance committees, but this is the parsimonious number required to ensure that priorities are set at the application level.

Governance must evolve with the needs of the business. I am a servant of the organizations which employ me and I do not have an agenda of my own. Hence I will gladly change governance as needed to be maximally responsive to changes in the business environment around me.

I want to thank the Harvard Risk Management and Audit Services for their work this Fall which truly enabled me to evaluate the effectiveness of all my IT governance groups.

7 comments:

Kevin said...

Without an IT infrastructure steering committee, how do you resolve investment prioritization around these unseen but critical investments?

John Halamka said...

Great question. IT is given a yearly infrastructure budget plus a special disaster recovery budget which it can allocate per the discretion of the CIO. In the past we have found that there are few champions outside IT for the unseen wires in the walls! My blog tomorrow will provide details of my disaster recovery budgets, but also see my previous blog entry "The Cost of Information Technology."

Jason Burke said...

Very interesting, thanks for sharing. I would be interested in understanding what role (if any) you see for architecture as a governance structure. A number of us have been looking at how we might apply some of those concepts across the health and life sciences ecosystem (http://hlscircle.com/twiki if you want more details), but of course governance is the biggest challenge, especially as many large firms struggle with their own internal governance functions, let alone industry-wide ones.

Positive NPV said...

Great ideas there and good to see the value of governace realized.

zang said...

Nice Post
-------------
article rewrite

平平 said...
This comment has been removed by a blog administrator.
Football Matches said...

A number of us have been looking at how we might apply some of those concepts across the health and life sciences ecosystem (http://hlscircle.com/twiki if you want more details), but of course governance is the biggest challenge, especially as many large firms struggle with their own internal governance functions, let alone industry-wide ones.

Recep Deniz MD
DoktorTR.Net