Wednesday, September 1, 2010

Assessing My Own Risk

Leaders often think about succession plans for their direct reports, but what about themselves?

What if I had a serious health problem or accident that impaired my ability to lead my IT organizations? Here's my brief analysis.


My role at BIDMC is to document the strategies prioritized by our governance groups, ensure our organizational chart structure is optimized for executing the strategies, and to find/retain the best people. I also work on the processes that support our strategy including governance, budgeting, and communication.

In the 1990's, I wrote the code that powered our clinical web-based applications and intranet. At this point, we've retired all the code I've written or transitioned its development/support to full time programmers. I am no longer a single point of failure for any application or infrastructure. At BIDMC, about 30% of applications are built and 70% are purchased. Occasionally some stakeholders wonder if building a few applications is a risk. It's actually a risk mitigator. We create the "glue" that links together vendor applications via portals and web-based service-oriented architecture approaches. Since we control the front end that clinicians see for electronic health records and provider order entry we can rapidly add features needed for meaningful use, healthcare reform and Joint Commission requirements. We've implemented novel solutions for medication reconciliation, decision support, and health information exchange. Building what is not available in the marketplace and buying products that are mature is the best way to reduce risk.

Some projects depend upon my strength of will - implementing EHRs for the community, embracing interoperability/standards, and keeping us focused on the large projects that move us forward. If I were to disappear, it is true that efforts to achieve meaningful use would slow significantly. As I've discussed in my blog several times, it takes all the energy and reputation I have to ensure all our clinicians - those in academic health centers and those in small community practices - have all the tools they need and training/education they require to achieve meaningful use.

In any large complex organization, satisfaction with IT goes up and down. As resources are pulled into large projects, smaller projects suffer and stakeholders may feel underserved. As compliance requirements, new regulations, Joint Commission mandates, and senior management signature initiatives appear, existing initiatives may be slowed or cancelled. My role is to foster communication, ensure that governance includes all stakeholders, and to provide a buffer for my staff from the ups and downs of opinion and changing priorities. If I disappeared, the "tyranny of the urgent" may triumph, preventing IT from staying focused on the functionality needed to achieve meaningful use.


At Harvard Medical School, my role in governance, strategy, structure, staffing and process is similar to BIDMC. I work with research, education, and administrative stakeholders to define their priorities and allocate resources. My major projects include building one of the top 100 supercomputers in the world, providing a petabyte of storage to support translational research, and supporting all the interactive media for over 1000 courses. My role is a balance of managing day to day issues while also engaging all stakeholders in long term planning activities. If I were to disappear, the communication/education of stakeholders and the delicate balance of services among the research/education/administrative communities would suffer.

Overall in my roles as CIO of two institutions, my greatest utility is to provide a common link between the academic/education/research activities of the medical school and the clinical/financial/research activities of the hospital while also leveraging my state and federal activities to ensure BIDMC and HMS are early adopters of federal requirements and participants in pilots. My multi-organizational role provides economies of scale, knowledge sharing, and community-wide visibility for IT activities. My absence would diminish these cross-organizational collaborations, slowing down our work.

My role has evolved substantially over the past decade and I've moved from programmer to convener, from a focus on operations to a focus on innovation, and from technologist to policymaker. Senior leaders owe it to their organizations to periodically reflect on their role and how their organization would carry on without them.

1 comment:

Tuan said...

Some great comments on the changing role of the CIO. Along with the multi-faceted CIO, I believe that you have to link it to the company/industry/etc level of maturity, readiness, or appropriateness to the corresponding role that a CIO should adopt.