It is long past time to assess the consequences of the endless laws, codes, rules, licenses and guidelines governing just about every human activity.
Six healthcare industry IT executives recently sat down with InformationWeek editors to discuss a range of issues, from remote patient monitoring to electronic health records to population health management to clinical decision support. But when we started the conversation by asking about "the things that are dominating your agendas," we got an earful on a subject we weren't quite expecting.
"Regulatory. It's just a waste of our time doing ICD-10," said Larry Garber, Reliant Medical Group's medical director for informatics, referring to the new, more detailed set of codes the feds require to report medical diagnoses and procedures. Garber noted that complying with some federal regulations, such as "meaningful use" of electronic health records, is worth the effort. But complying with ICD-10 amounts to busy work. "So unrewarding," Garber said.
Before he could say another discouraging word, Beth Israel Deaconess Medical Center CIO John Halamka chimed in: "So much of my innovation has almost ground to a halt because so much of my staff is dealing with the must-dos from state and federal regulators, much of which is nonsensical and not value-added."
Halamka cited BIDMC's $5.3 million settlement on July 29 with the Department of Health and Human Services' Office of Inspector General (OIG), addressing government allegations that the Harvard teaching hospital had overcharged Medicare by admitting patients between 2004 and 2008 who should have been treated less expensively as outpatients. The Boston Globe reported that BIDMC didn't admit wrongdoing as part of the settlement, "which both sides described as a way to avoid costly legal action."
"It's basically about how you describe an inpatient versus an outpatient observation stay," Halamka told us. He described the issue as "so deeply technical" that it took his IT staff six months to implement the logic needed to comply with the complex regulations. "It's utterly esoteric. But the OIG has decided that it's a priority. This is what we're dealing with every day."
Forrester Research estimates that companies spend about 1.75% of their IT budgets on risk and compliance management software. But spending estimates go much higher, to as much as 10% of IT budgets, when factoring in security, storage, archiving, content management, e-discovery, disaster recovery and other compliance-related investments. Halamka and Garber suggest it's eating up far more of their organizations' time and creative energy. And when InformationWeek recently asked healthcare IT pros in a survey to rank their top priorities, an astounding 61% put "meet regulatory requirements" as a "top priority" -- 5 on a 5-point scale. Just 47% of respondents ranked "improve care" that highly.
These aren't rabid capitalists just looking to make a quick buck. In the case of Halamka and Garber, they're world-class technologists and highly respected doctors -- Dr. Halamka is a practicing emergency physician and Dr. Garber is an internist. They say they can't find enough time to do what they were hired to do (innovate) and what their colleagues and patient-customers depend on them to do (elevate the level of care) because they and their people are spending much of their 12-hour days dotting i's and crossing t's.
The Best Intentions
Almost all proposed rules and regulations sound reasonable, even virtuous. They're crammed with the best intentions. A patients' bill of rights here. A privacy-protection law or two there.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.