Create a plan, train your staff, maintain inventory, and lastly, know what to ask for when shopping for technology.
The healthcare sector faces unique issues regarding ever-changing technology. To tackle those challenges, healthcare organizations should develop comprehensive IT strategic plans, measure themselves against those plans, and consistently review and update for regulatory and product changes.
Start with an assessment to determine your organization’s current strategy for handling IT requirements. If you are like many healthcare leaders, just finding the answer to that question may not be so easy. However, avoiding the issue can be costly and even potentially catastrophic.
Below are some considerations to help your organization raise its IT game:
1. Identify the soft costs. If you decide to buy servers and software rather than use a cloud-based solution, it’s critical to identify the related soft costs. For example, the following requirements may add operational costs:
- Licenses for operating software plus costs for upgrades and storage.
- Maintenance and break-fix issues that consume staff time and require extra payments to outside resources.
- Electricity and additional cooling costs associated with running extra equipment.
- Using existing space and building extra rooms to house equipment, which means extra construction costs and maintaining real estate that isn’t used for a revenue- generating service.
2. Beware of obsolescence. It seems on the day an organization buys a piece of equipment or software, there’s an announcement about a newer model that is coming the next day. Development cycles have been accelerating. Sometimes software requires new hardware. Sometimes hardware requires new software. Two things are consistent. Obsolescence is guaranteed, and it will cost an organization money.
3. Remain HIPAA compliant. Ensuring that your organization is HIPAA compliant is an ongoing endeavor. When staff are storing documents, they can’t, for example, put them up on Google Docs with no regard for sensitive or protected content. Where data is stored, how data is accessed, who can access the data, encryption in transit and at rest, and what happens when data is deleted are all factors that need to be considered carefully. Treating all data content the same, however, will most likely lead to an over-engineered solution, which would be costly and wasteful.
4. Protect your data. Data protection comes in a variety of forms. The goal is to block hacking attempts before they get to your organization’s virtual doorstep. Firewalls, virus protection, and encryption are a few of the tools that are commonplace in today’s world. They should be regularly monitored, reviewed, and updated. “Set it and forget it” is not an advisable approach.
5. Know what you own. To keep tabs on equipment, ask these questions:
- How many desktops and laptops does your organization own and what’s on each one? Consider the same questions for cellphones and tablets.
- What’s the process for collecting used equipment when someone leaves the organization?
- Do you have a way to remotely wipe clean a device that’s lost or stolen? Do you then update the number of software licenses you need?
- Are necessary equipment and device licenses updated when someone switches roles?
6. Avoid duplication. A detailed review of software licenses will highlight redundant products. For example, a healthcare organization may be paying for security services with vendor A and a comprehensive suite of services that includes the same security options with vendor B. In that case, the organization would be best served to eliminate vendor A. It would require increasing services with vendor B, but the change will reduce costs significantly.
7. Train your staff. Educate staff to recognize suspicious links. Just as important, teach them to spot spoofing attempts so that they don’t inadvertently provide classified information to an entity with negative intent. Healthcare organizations often get into trouble because someone shared personal employee or patient information. Implement proper safeguards proactively to reduce the risk of that happening to your organization.
8. Negotiate like a pro. Anyone who has ever looked at an IT agreement will say the same thing: They are not like any other. Detailed service level agreements, disclaimers, maintenance schedules and more disclaimers can make anyone’s head spin. Understanding what you really need can be complicated because you often have to rely on the people with a vested interest in selling you as much as possible, not necessarily what you need. But you certainly don’t want to take the risk of having less than you need. A few additional considerations can help healthcare leaders sort out the details:
- Recognize that many solutions come in a variety of levels, and they often range in price from inexpensive to very costly.
- Ask the sales rep to explain the different options.
- Pre-negotiate a cap on increases for time of renewal.
- Consider the length of the agreement.
- Benchmark the pricing by exploring other vendor offerings.
- Seek outside assistance. Consulting firms have insight into many agreements, not just yours.
- Determine what motivates your sales representative. Some are measured on cash generated in a given period, not just sales. Knowing that information and timing the purchase appropriately may give you a negotiating advantage.
9. Get a discount if you’re entitled to it. This one is particularly important if your organization is a not-for-profit entity. Some services offer deep discounts to not-for-profits, but you have to know where to look.
Technology can be wonderful, but as with anything, there are pitfalls that need to be avoided. Create a plan, train your staff, maintain inventory, and lastly, know what to ask for when it comes to shopping for technology.