healthsystemCIO.com Podcasts feature interviews and panel discussions with health system IT leaders.
Q&A with CISO Ron Mehring, Part 2: “You Can’t Do It Without Good Data.”
“Everything I needed to know about information security, I learned in aviation.”
Not exactly what one might expect to hear from the CISO of a large organization, but for Ron Mehring, the time he spent in the Marines has played a huge role in shaping him as a leader. And although he learned from all of the different roles he held, it was his time in aviation that truly laid the foundation for IT security. “You had to do it right all the time; there are no shortcuts, otherwise someone could get hurt or killed,” he said during a recent interview.
And although the healthcare landscape is extremely different from serving in the military, he has been able to apply many of the lessons learned, particularly as his team at Texas Health Resources has strategized to safeguard data – and patients – during the Covid-19 pandemic. Mehring also talks about how they’re leveraging analytics to improve decision-making, the challenges leaders face in transitioning to an adaptive risk program, and the evolution cybersecurity has experienced in recent years.
LISTEN HERE USING THE PLAYER BELOW OR SUBSCRIBE THROUGH YOUR FAVORITE PODCASTING SERVICE.
* The goal of an adaptive risk program is to “more cleanly orchestrate processes, and to make things much more tightly integrated from a security stack perspective in how we manage end-to-end risk across all these disparate environments.”
* As identity and endpoint asset management become an increasingly critical part of the security strategy, having solid analytics is paramount. “You can’t do it without good data.”
* The right vendor doesn’t tell you what they’ll be doing in the next few years; they tell you what they’re doing now to get there.
* For CISOs, it’s no longer just about blocking and tackling; it’s about speed, agility, and the ability to adapt the enterprise to new emerging threats.
* One of the most important life lessons for Mehring came during his time in aviation, where he worked in quality assurance. “There were no shortcuts.”
Q&A with Ron Mehring, Part 2 [Click here to view Part 1]
Looking at security through the lens of adaptive risk
Mehring: We put together an adaptive risk program with the intent to transform all levels from the program, from the risk and governance level down through the technology stack. And it’s to account for all of that change. Zero Trust, something we hear a lot about, is very technical. It’s a very specific set of technical actions that are taken.
Zero trust is actually part of that adaptive risk program. What we’re doing with the adaptive risk program is looking at it through the lens of everything. In other words, you can’t change our technology to do something different without addressing how you’re going to view that through the lens of risk. Because the lens of risk should be governing what you change. You shouldn’t be creating cost in the enterprise just because you think we need to uplift our security technology stack; we should be doing that through the lens of risk. Our processes will change all of that.
The end goal of the adaptive risk program is to automate and more cleanly orchestrate processes, and to make things much more tightly integrated from a security stack perspective in how we manage end-to-end risk across all these disparate environments, all the way from consumer side. The program governs everything from the consumer side all the way through the workforce.
Optimizing Your Software Testing Process to Increase Throughput and User Satisfaction
Software customization may be the bane of every IT executive’s existence, but often it’s the key to keeping clinicians happy. The trick is in being able to not only affect the desired changes on the development side, but move them through an efficient testing process that minimizes the risk of errors and outages. In this webinar, we’ll hear from leaders who are focused on ensuring that attempts to improve applications never leave users with software that doesn’t work.
* Arthur Ream, Senior Director of IT Applications, CISO, Cambridge Health Alliance
* Josh Wherry, Director of Data Management and Analytics, Baystate Health & CTO, TechSpring (a part of Baystate Health)
* Will Berry, Director of Consulting, Tricentis
Partner Perspective: Standardization, Experimentation & Cybersecurity Must be Top-of-Mind for Healthcare CIOs
healthsystemCIO Founder & Editor in Chief Anthony Guerra talks with Sven Krause, CIO at Hillrom, about the top trends impacting health systems, how Hillrom is expanding to help hospitals address those trends, and why everyone needs to be focused on security.
HIT Policy Update
John Halamka, MD, president of the Mayo Clinic Platform, provides the latest updates on national HIT policy and prognosticates on future direction.
* John Halamka, MD, President, Mayo Clinic Platform
* Jay Sultan, VP, Healthcare Strategy, LexisNexis Risk Solutions
Q&A with CIO Chris Belmont, Part 2: “Sometimes You Have to Be the Facilitator.”
For Chris Belmont, taking on a new role during a crisis is nothing new — nor is starting a new role when large initiatives are looming. And so, when he took the helm at Memorial Hospital at Gulfport during the midst of the Covid-19 pandemic, he had an idea of what to expect. But as someone with decades of industry experience, Belmont was careful to avoid the trap of jumping to conclusions. Instead, he put extra effort into “learning and listening, and evaluating where we are.”
Recently, the healthcare IT veteran spoke with healthsystemCIO about what he hopes to achieve at Memorial — based on what the organization truly needs, where he believes key opportunities exist, and how he hopes to change the thinking from a systems approach to a System approach. He also talks about what brought him back to the hospital environment after a 4-year hiatus, how Covid-19 has changed our thinking, and the critical role CIOs play in forcing teams to “back up and think long-term.”
LISTEN HERE USING THE PLAYER BELOW OR SUBSCRIBE THROUGH YOUR FAVORITE PODCASTING SERVICE.
* A key objective for any CIO? To shift away from being a supplier of technology, and toward becoming a service provider.
* It’s not about adding more tools or solutions to the mix, but rather, focusing on “leveraging what we have,” and making sure they integrate with other technologies.
* One of the key mistakes organizations can make is to utilize a solution – like, for example, API, solely as a time and attendance vendor, “and not as a provider of good data to manage our workforce.”
* During a crisis situation, it’s natural to think in the moment; the CIO’s role is to encourage teams to “step back and think bigger.”
* When leaders are able to get people in a room and start conversations, “good things happen.” But it doesn’t happen without a facilitator.
Q&A with Chris Belmont, Part 2 [Click here for part 1]
Gamble: What were some of your initial priorities when you stepped into the role? What did you want to focus on first?
Belmont: Again, I think it’s moving away from being a supplier of technology and into being an asset to the organization and focusing on how we can provide more services. We had a physician liaison program to help with adoption, but it was more about onboarding and initial training, and not really about optimization and how we can make their practice better. It’s understanding where we can enhance some of the system functionality — for example, building a stronger telemedicine service offering, taking the portfolio we have and really leveraging it.
We have both Health Catalyst and EPSi for our analytical platforms, but we’re using it for individual point solutions; we really aren’t using it as an enterprise solution. It’s looking at growing the use of those and thinking about how to provide data services for the whole organizations, things like that.
It’s also about how we function more as a system with a capital ‘S’ — on Memorial as a health system. We have a hundred different sites with numerous physicians, quite a few nurse practitioners, and a lot of community physicians. It’ll be interesting to see how this dynamic unfolds, but we own three nursing homes as well. That’s a different type of business operation — but at the same time, it’s not. They’re basically tenants, and not patients, but there’s no reason why we can’t treat them with the same level of wellness and care as we would the rest of our community. So that’s an interesting dynamic.
Gamble: It is. You talked about not getting caught up with a particular product or vendor and its ca...
Uniting the Silos that Disrupt Operational Effectiveness Within Your Health System
The natural progression of day-to-day operations within health systems has caused some misalignments and gaps between people, processes and technologies. In one silo, we have data-centric workers like IT and information security; in another we have asset-focused workers like clinical engineers and biomed; and lastly we have operational focused personas like the C-suite. In this webinar, we’ll hear from leaders about what methods, technologies or strategies they use to unite the silos and break down walls within their organizations.
* Jes Cornelius, CIO, Sutter Health
* Craig Richardville, SVP, Chief Information & Digital Officer, SCL Health
* Jonathan Langer, Co-Founder & CEO, Medigate