healthsystemCIO.com Anthony Guerra

Recent industry-shaking events have made it clear that serious points of risk lurk throughout healthcare. They’ve also revealed that operational risk and IT security risk are deeply intertwined, making it incumbent for CISOs and CIOs to work with others in their health systems – from the chief risk officers, to clinical leaders, to emergency management – to help develop a joint picture of third-party risk that analyzes the implications of losing services not only from a cyber outage, but for any reason. In this timely webinar,  we’ll speak to leaders who are committed to going back and reviewing key third-party service providers through the lens of recent learnings so appropriate levels of total risk can be assigned, and plan Bs can be developed.

Speakers:



* Chris Akeroyd, SVP/CIO, Children’s Health

* Vince Fitzpatrick, Director of Information Security, Christiana Care Health System

* Chris Bowen, CISO/Founder, ClearDATA

Enterprise imaging is similar in scope to the EHR, and it allows clinical users to properly identify, acquire, store, manage and visualize imaging studies from across their enterprise, regardless of device, modality, department, service line or location. Historically, each imaging department made its own decisions and purchases regarding these services, often resulting in siloes with significant storage and software duplication, inefficient routing, perilous database synchronization and user frustration (or worse, apathy). With major potential upside when done right, health systems can adopt a true enterprise imaging strategy, led by executive IT members with proportional governance oversight and clinical buy-in from leaders in key domains, such as Radiology, Cardiology, Endoscopy, PoCUS and more. Join us as we speak to leaders and have them share their experiences and opinions on how a true enterprise imaging strategy can be executed.

Speakers:



* Alex Towbin, MD, Associate CMIO, Cincinnati Children’s

* Joseph Marion, Principal, Healthcare Integration Strategies

* Lenny Reznik, IT Business Unit VP, Commercial Product Leader, North America, AGFA HealthCare

The IT stack of the past cannot service the health system of the future. That’s one of the main sentiments that runs through the following thoughts offered by Franciscan Missionaries of Our Lady Health System (FMOLHS) SVP/CIO Will Landry. For example, legacy and on-prem technology cannot provide the business continuity and disaster recovery capabilities that a Louisiana-based health system like FMOLHS needs. Also, not being in the cloud prevents IT shops from being nimble enough to handle user-side requests for innovation. Is the cheaper? Certainly not, but today it’s just the cost of doing business for health systems. In this interview with healthsystemCIO Founder & Editor-in-Chief Anthony Guerra, Landry covers these issues, along with his takeaways from the Change Healthcare event, his top two priorities, and why it’s key for infrastructure and security teams to be on the same page.



LISTEN HERE USING THE PLAYER BELOW OR SUBSCRIBE THROUGH YOUR FAVORITE PODCASTING SERVICE. 



Bold Statements

There is a balance. To be totally secure, you would just turn everything off, but you obviously can’t run the business that way. If you were wide open, totally innovative, totally focused on growth and innovating, you would not be very secure, or you’re going to have some limitations in your security posture. That’s not the best position to be in either. It is a balance, and that’s why we work really well as a team together.

Now have we made some concessions when the risk is really low? Sure. Most businesses do. We have to evaluate all those individually. And we do typically have those conversations with the business to talk about what is the priority, what needs to happen first, and how fast do we really need to do it.

We know that the emails, the attacks, are going to get better and better, and smarter and smarter. Watching those trends and trying to stay ahead of those trends is extremely important to us and seeing what type of social engineering or social phishing is going to happen from these new generative AI tools, whether it’s video fakes, imaging fakes or audio fakes.

Anthony: Welcome to healthsystemCIO’s interview with Will Landry, SVP and CIO with Franciscan Missionaries of Our Lady Health System. I’m Anthony Guerra, Founder and Editor-in-Chief. Will, thanks for joining me.

Will: Hey, Anthony, thank you for having me, looking forward to it.

Anthony: Very good, Will, can you start off by telling me a little bit about your organization and your role?

Will: Franciscan Missionaries of Our Lady Health System is a Catholic health system based on Baton Rouge, Louisiana with 10 hospitals in the Louisiana and Mississippi markets. We also have a little over 200 ambulatory locations in the two states, 18,000 employees and we cover five specific geographic regions within the state, the Greater Baton Rouge area, Acadiana, Northeast Louisiana, the North Shore, the North of New Orleans and then Central Mississippi.

Anthony: Excellent. Very good. We’re going to have a security-specific chat here. I don’t need names, but just tell me a little about the structure or the positions you have in security. I don’t think you have a CISO. Is that correct?

Will: We don’t. We have a Senior Director of Information Security and myself who operate under the CISO role. The way I like to say it is I have all the accountability and she has the responsibility (laughing).

Anthony: Very good. It’s a big health system. I would imagine most health systems of that size are going to have a CISO.

It’s the dirty little secret among healthcare cyber professionals — they don’t know where all their ePHI is; not even close. And while those professionals are not to blame (healthcare workflows and, thus, data flows are messy business); they do have to get their arms around the problem. The first step? Understand it. In this unique webinar, we’ll explore the results of a Ponemon study on the state of ePHI in healthcare to learn just how bad the problem is and where the data might be. Then, we’ll explore ways to secure it and, in the process, hopefully give cyber professionals one less reason to be up at night.

Speakers:



* Larry Ponemon, PhD, Chairman & Founder, Ponemon Institute

* David Ting, CTO/Co-Founder, Tausight

The current healthcare system is fraught with challenges. Between workforce shortages, regulatory changes, and evolving consumer needs, the ecosystem is “just not sustainable the way it is today,” said Heather O’Sullivan.

The answer, she believes, is close to home. At least, that’s the case for Mass General Brigham, which developed a Healthcare at Home Division in 2022 to offer “a hybrid alternative to traditional care settings.” One of its four verticals, the Home Hospital, has made quite an impact, having served more than 3,500 episodes of care, which equates to some 19,000 bed days saved.

The ability to provide care in the patient home has resulted in “significant cost savings, reduced utilization, and improved patient experiences compared to traditional hospital settings,” said O’Sullivan during a recent interview with Kate Gamble, Managing Editor at healthsystemCIO. It has also meant fewer lab orders and imaging studies, along with lower readmission rates. The movement has been “resoundingly favorable,” both among patients and families and staff, she noted.

And there are no plans to stop. In fact, Mass General Brigham is looking to increase the eligible patient pool to 10 percent of all current inpatient medical volume. Not an easy feat, but the organization is committed to changing the landscape, according to O’Sullivan. During the interview, she talked about the success her team has achieved, as well as the hurdles they’ve overcome, and what it takes to build and sustain this type of model – from executive buy-in to vendor partnerships to the infrastructure piece.

LISTEN HERE USING THE PLAYER BELOW OR SUBSCRIBE THROUGH YOUR FAVORITE PODCASTING SERVICE. 





Q&A with Heather O’Sullivan, President, Healthcare at Home, Mass General Brigham

Gamble:  Hi Heather, thank you so much for taking the time to speak with us. We look forward to hearing about what your team is doing. Can you start by giving an overview of the organization?

O’Sullivan:  Sure. Mass General Brigham overall is a $18 billion non-profit academic medical center comprising three specialty hospitals, seven community hospitals, and two founding academic medical centers: Mass General Hospital and the Brigham and Women’s Hospital. And the system prioritizes patient-centered care; we’re actually the largest NIH recipient in the country for research. We employ over 80,000 colleagues.

The Healthcare at Home Division was established in 2022 to offer a hybrid alternative to traditional care settings. The Healthcare at Home Division has four service verticals. The first is our largest full acute episode home hospital in the country. We have five distinct CMS licenses for acute level care. The second vertical, which is also the chassis for all of Healthcare at Home, is our Legacy Home Care business. It was established in 2007 and is actually the largest home health entity in Massachusetts.

From a technology perspective, we offer personal emergency response systems [for] infusion care, phlebotomy, in addition to the traditional skilled nursing and therapy and home health aide support. And there are two more emerging verticals in the healthcare home portfolio that are interesting. One is the emergency care for urgent patient needs in the home setting, and the other is home-based palliative care.

And so, collectively, the array of home-based offerings really addresses our system’s key challenges around capacity constraints while emphasizing patient comfort and privacy.

Gamble:  So, the HAH Division was established in 2022, but obviously, the groundwork had been in place for quite a bit before then.

O’Sullivan:  Yes.

Savvy healthcare IT security professionals are as focused on an efficient recovery if something goes down as they are on keeping the enterprise up. And to be positioned for success around recovery, it’s imperative business continuity plans are right sized to address the large amounts of data that health systems are amassing every day. In this timely webinar, we’ll speak to leaders who know that — with such growth — the data-protection approach of yesterday may not work for today, let alone tomorrow. We’ll explore the policies, procedures, governance and technologies they are putting in place so that if things go down, they can be back up and running as soon as possible.

Speakers:



* Adam Zoller, CISO, Providence

* Sanjeev Sah, System VP, IT Strategy & Cyber, CommonSpirit Health

* Jon Kimerle, Director, Global Healthcare Strategic Alliances, Pure Storage