Information Governance for Healthcare Professionals

Book description

Like other critical organizational assets, information is a strategic asset that requires high level of oversight in order to be able to effectively use it for organizational decision-making, performance improvement, cost management, and risk mitigation.

Adopting an information governance program shows a healthcare organization’s commitment to managing its information as a valued strategic asset. Information governance serves the dual purpose of optimizing the ability to extract clinical and business value from healthcare information while meeting compliance needs and mitigating risk. Healthcare organizations that have information governance programs will have a competitive edge over others and contributes to safety and quality of care, population health, operational efficiency and effectiveness, and cost reduction initiatives.

This is a much-needed book in the healthcare market space. It will explain, in clear terms, how to develop, launch, and oversee an Information Governance program. It also provides advice and insights from leading IG, cybersecurity and information privacy professionals in healthcare.

Table of contents

  1. Cover
  2. Half-Title
  3. Title
  4. Copyright
  5. dedication
  6. Contents
  7. Preface
  8. Acknowledgements
  9. Author
  10. Contributors
    1. 1 The Healthcare Information Governance Imperative
      1. U.S. Healthcare Organizations Ramping up IG Programs
      2. Unforeseen Consequences in the Rush to Automate
      3. Major IG Failures
        1. Case Brief #1: Associates in Psychiatry and Psychology Ransomware Attack: A Model Response?
        2. Case Brief #2: An Information Governance Failure: Anthem, Inc.
        3. Case Brief #3: 21st Century Oncology
      4. Information Assurance: Trusted and Accurate Information
      5. Chapter Summary: Key Points
      6. Notes
    2. 2 Information Governance: Key Concepts and Definitions
      1. IG Programs Must Become Embedded
      2. IG Programs Are about Enforcing Policy Consistently
      3. The Key Differences between Data Governance and Information Governance
      4. The Challenge: Managing Unstructured Information
      5. IG Requires Cross-Functional Collaboration
      6. The Facets of Information Governance
      7. Chapter Summary: Key Points
      8. Notes
    3. 3 Information Governance Principles
      1. The Sedona Conference® Commentary on Information Governance
      2. Smallwood IG Principles Applied to Healthcare Organizations
      3. Recordkeeping Principles
      4. Information Security Principles
        1. Principle of Least Privilege
        2. The CIA Triad
      5. Privacy Principles
      6. Chapter Summary: Key Points
      7. Notes
    4. 4 Who Should Be Part of an Information Governance Team?
      1. IG Is an Umbrella Program
      2. Leveraging Models and Frameworks
      3. The IG Reference Model
      4. Introducing the Information Governance Adoption Model™ for Healthcare
      5. Analyzing the IGAM™ for IG Team Staffing
        1. In Summary
      6. Major Executive Sponsor Role
        1. Critical and Sometimes Fickle Executive Sponsor Role
      7. The Emerging Role of the CIGO
      8. Assigning Team Roles and Responsibilities
      9. Caveat: The Importance of a Tiered IG Steering Committee for Expediency
      10. Chapter Summary: Key Points
      11. Notes
    5. 5 Building an IG Framework
      1. Building an IG Framework
      2. IG Leaders in Healthcare
      3. Executive Sponsor Role versus IG Program Manager
      4. Evolving Role of the Executive Sponsor
      5. Communications and Training Plan Is Key
      6. IG Requires Change Management
      7. Which Technologies Help to Enable IG Programs and Enforce Controls?
      8. Chapter Summary: Key Points
      9. Notes
    6. 6 Getting Started: Where to Launch an IG Program
      1. 7 Key IG Accelerators to Launch an IG Program
      2. Chapter Summary: Key Points
      3. Notes
    7. 7 Making the Business Case to Justify an IG Program
      1. Why Healthcare Organizations Are at the Greatest Risk
      2. Saving Lives: Improving Patient Care and Outcomes
      3. Population Health Milestones and Metrics
      4. Breach and Ransomware Preparedness and Patient Trust
      5. Other Types of Breaches: Medical Devices
      6. Cyber-security Milestones and Metrics
      7. Safeguarding Privacy
      8. Information Privacy Milestones and Metrics
      9. Improving Operational Efficiency
      10. Operational Efficiency Milestones and Metrics
      11. Reducing Legal Costs
      12. Legal Operations Milestones and Metrics
      13. One Big Negative Event Can Change the Ballgame
      14. Business Drivers for IG Programs
      15. Hard Cost Savings
      16. Soft Costs: Intangible Cost Offsets
      17. Chapter Summary: Key Points
      18. Notes
    8. 8 Information Risk Planning and Management
      1. The Risk Planning Process
        1. Step 1: Conduct a Formal Process of Identifying Potential Vulnerabilities and Threats
      2. HIPAA and Business Associate Agreements
      3. Compliance and Legal Risks
        1. Step 2: Determine the Potential Financial and Operational Impact of the Identified Adverse Events
        2. Step 3: Weigh the Likelihood that the Identified Risk Events will Materialize
        3. Step 4: Create High-Level Strategic Plans to Mitigate the Greatest Risks
        4. Step 5: Develop Strategic Plans into Specific Policies
        5. Step 6: Determine Metrics to Measure Risk Reductions from Mitigation Efforts
        6. Step 7: Identify Those Who Are Accountable for Executing the New Risk Mitigating Processes and Maintaining the Processes in Place
        7. Step 8: Execute the Risk Mitigation Plan
        8. Step 9: Audit the Information Risk Mitigation Plan
      4. Chapter Summary: Key Points
      5. Notes
    9. 9 Strategic Planning and Best Practices for IG
      1. Start with Business Objectives
      2. Align the IG Plan with Strategic Plans
      3. Survey and Evaluate External Factors
        1. Analyze Information Technology Trends
        2. Survey Business Conditions and Economic Environment
        3. Analyze Relevant Legal, Regulatory, and Political Factors
      4. Survey and Determine Industry Best Practices
      5. Formulating the IG Strategic Plan
      6. Synthesize Gathered Information and Fuse into IG Strategy
      7. Develop Actionable Plans to Support Organizational Goals and Objectives
      8. Create New IG Driving Programs to Support Business Goals and Objectives
      9. Draft the IG Strategic Plan and Gain Input from a Broader Group of Stakeholders
      10. Get Buy-In and Sign-Off and Execute the Plan
      11. Chapter Summary: Key Points
      12. Notes
    10. 10 Overseeing the IG Program
      1. Program Communications and Training
      2. Program Controls, Monitoring, Auditing, and Enforcement
        1. Monitoring and Accountability
        2. Staffing Continuity Plan
      3. Continuous Process Improvement
        1. Why Continuous Improvement Is Needed
      4. Chapter Summary: Key Points
      5. Notes
  13. Essays and Case Studies in Information Governance
  14. Glossary
  15. Index

Product information

  • Title: Information Governance for Healthcare Professionals
  • Author(s): Robert F. Smallwood
  • Release date: September 2018
  • Publisher(s): Productivity Press
  • ISBN: 9781351339728