IT vendor management is a huge (and consistent) risk for the healthcare industry. After working for several healthcare vendors, I come with a nuanced view of what’s currently not quite right between healthcare organizations and their software vendors. My roles as a junior developer, a development and support-team leader, and a lead consultant and solutions analyst to Health IT Business/Pharma leaders did much to enhance my perspective of these relationships.
IT vendor management lessons learned:
- Compliance issues The federal government monitors the industry rigorously with stringent regulations, including HIPAA, CMS, and ISO/IEC. Ideally, these regulations compel organizations to more tightly manage third-party vendors—but that’s a work in progress.
- A lack of of centralized systems. Numerous health plans, doctors, hospitals, and other providers may handle a patient’s data via multiple channels, increasing data vulnerability. The fact that these records traverse from upstream to downstream via multiple channel partners or vendors makes them much more susceptible to leak.
- The fixed-price trap. Most of the healthcare industry still relies on fixed-price contracts. This practice can reduce the number of developers/FTE’s working on the engagement, since the outsourcer will want to preserve its margin. This in turn puts pressure on the client, who must still resolve issues and tickets. If resolutions are sub-par, the organization’s end-user relationships can suffer.
- Cybercrime. Healthcare records are ten times more valuable than credit card records in criminal markets. It’s no surprise then that between 2009 and 2017, there were 2,181 data breaches in the healthcare industry, resulting in the exposure of 176,709,305 records (or 54.25% of the US population). Organizations are now reporting breaches at a rate of at least one daily,” according to the HIPAA Journal.
IT vendor and healthcare organization potential cost of disconnects
The healthcare industry has been operating behind the times in many ways, with stagnant processes in desperate need of technological advancement. Aging systems are running hundreds (maybe even thousands) of legacy applications, which vendors typically control.
When it comes to modernizing these system architectures, a holistic visibility into the architecture is the first place to start. But neither vendors nor their healthcare-industry clients know the black box areas of their systems. Furthermore, few on either side are taking the time to document applications or to update existing software documentation. Instead, there’s a great deal of person-to-person knowledge transfer. Given the proliferation of outsourcing, these knowledge gaps pose a greater threat than ever.
Software Intelligence bridges IT vendor evaluation gaps
Making matter worse, most organizations don’t know how to evaluate software vendors and partners. They’re still using traditional measurement processes, which provide very little visibility into vendor performance. Specifically, much of the industry still employs a ticket-based system to measure support-team productivity, in which the number of priority tickets resolved/timeframe of the resolution/number of escalated tickets. This provides little, if any, objective assessment of the contract deliverables, not to mention very little visibility into IT vendor deliverables.
One potential solution is for an organizations’ IT team to use Software Intelligence as the cornerstone of a sustainable vendor performance-measurement program—a means of gaining objective visibility into their vendors’ systems and teams. Software Intelligence charts credible software development and maintenance outcome metrics while making them readily available to IT executives.
For example, transitioning code to a vendor team is one of the most difficult parts of an outsourcing engagement. Not only does Software Intelligence help with the transferability of the software, but it helps in-house teams manage software risk by ensuring the overall structural quality of systems while fostering objective dialogue between business units and vendors for smarter and more effective decision making.
Software Intelligence can be a boon to healthcare organizations and their vendors, as they grapple with increasing regulations, sprawling (and often aging) system architectures, and cybersecurity threats. Learn how other digital leaders are improving IT vendor relationships here.