We all most likely have that one drawer in our homes that is affectionately referred to as the “junk drawer” or some similar name. This drawer is known to collect various items that are quickly thrown out of sight to clean or to hide clutter. Whether it contains receipts, coins, keys, or other important documents, this drawer is conveniently collecting a conglomeration of items that may or may not be seen or used for quite some time. If you are like me, you probably are not able to easily compile a list of everything in the drawer without the chore of shuffling through the items. Do you waste time looking for items only to find they were stashed in “the drawer”? Do you often plan to organize and put those items where they actually belong — someday?
Now imagine this drawer equates to your healthcare organization’s information on a much bigger scale. Whether this information consists of paper documents, electronic files, EMR data, or even legacy microfiche, are you fully aware of every single document or file in your organization and can you pinpoint anything you are looking for with ease? There might be an awareness of the information’s general location but it may take a significant amount of time to research, sort, locate, and disseminate the particular information you are looking for.
Don’t let information governance in healthcare take a back seat
“Those records have been in offsite storage for many years but we will have to locate the box from several inventory lists. They probably should have been destroyed years ago but we never got around to it.”
“I know I saved that file to my computer drive but it’s not showing up in a search and I need it for my meeting in 30 minutes.”
“Those 10 filing cabinets in the basement contain all of the 2014 records – good luck finding the particular record you need for a subpoena.”
Sound familiar? You are not alone. Healthcare is an information driven industry saturated with many different elements and formats of data. Federal and state regulations provide very specific guidance for the maintenance of all of this data but retention schedules are not provided as a one-size fits all for the various data, information, or file types. Information governance (IG) is defined as an organization-wide framework for managing health information throughout its lifecycle and this applies to all types of data and information at any stage. It is a best practice for an organization to designate a records manager to govern all of the information and maintain the organization’s compliance with storage, utilization, maintenance, and destruction of this information. Getting from a “junk drawer” equivalent state to a fully implemented IG program takes time, expertise, and an understanding of each retention policy.
When healthcare leaders are juggling multiple competing priorities, IG may take a back seat to other seemingly critical tasks. However, the risk of not having a fully functioning, formal IG program may be greater than most realize. If your information is not organized and is spread across various storage methods between onsite, offsite, and electronic file storage, the information runs a tremendous risk of being misplaced, lost, maintained too long or not long enough, or there may be delays in retrieving the information. Unstructured data from various sources may be maintained securely but is of no use if an organization is unable to access, differentiate, and use the information. Patient medical records in particular carry serious monetary risks, regulatory penalties, patient rights violations, and confidentiality breach risks when not governed properly. When any of these scenarios takes place, there are not only financial implications to the organization but the patient experience and brand perception can be negatively affected as well.
The right expertise and tools are key to successful information governance in healthcare
Having the expertise and tools to properly implement and maintain an IG program is equally important. With more automation and standardization, it will be more feasible for the authorized users to quickly locate information, identify dispositions, and control risks. This requires significant upfront content classification and inventory projects to ensure valuable metadata is captured and proper standardization is applied to the various types of information. Policies must address national, state, and corporate IG practices specifically including the classification of information, storage formats, retention periods, and destruction guidelines. Knowing that competing priorities continue to be a challenge, seeking the help of expert consultants may be the most efficient and effective way to get started with an IG program.
Information governance provides the framework to ensure records are properly and securely maintained and practices, policies and confidentiality requirements are established and enforced to mitigate these risks. Healthcare leaders must understand there are implications and risks to not formalizing an information governance plan. Under-protecting, as well as over-protecting healthcare information can cause serious disruptions in an organization’s ability to conduct business compliantly and maintain a positive brand reputation. Patients place their trust in the ability of an organization to provide quality care and protect their confidentiality when they step into a healthcare organization. IG is not optional for healthcare organizations. While the urgency of organizing your junk drawer is not always a priority, putting off IG until the team can find the time or interest to address it places far too great a risk on an organization.