Information governance is the formulation of policy to optimize, secure, and leverage information as an enterprise asset by aligning the objectives of multiple functions. In our experience, information governance practitioners face critical challenges in explaining the value to the business.

This article details the five best practices imperative to selling the value of information governance within healthcare:

1. Improve the reliability of data to support a 360-degree view of providers, members and patients. Healthcare organizations need to understand where providers practice, whom they refer to, and what patients they see. As a result, identity information such as name, provider identifier, state license number, Medicare number, Medicaid number is important to link multiple profiles of the same provider. It is also not uncommon for health plans to find that more than half of the contact information in their provider network directories is out-of-date. The network directory might include dead providers, as well as providers who might not have renewed their contracts for several years.

[See also: How politics and politicians are distorting Americans' perceptions of health reform.]

Several healthcare providers have implemented enterprise master patient index (EMPI) systems to develop a single view of the patient. The sources for patient data in the enterprise include Admit Discharge Transfer, clinical, and EMR systems. EMPIs act as an index to these upstream data sources by leveraging a matching engine to link different records of the same patient. The information governance program will develop, and fine tune, the match criteria that may include attributes such as name, address, gender, and social security number. The EMPI is critical to improving the quality of data in the source systems, which may have life-or-death implications. For example, a patient’s record may indicate that she is allergic to penicillin. However, if a duplicate record is created that does not include this allergy information, then the patient might be administered a dose of penicillin with potentially serious implications.

2. Protect against unauthorized access to protected health information. The healthcare industry is required to address regulations such as HIPAA, which safeguard the security and privacy of PHI. Information governance plays a key role in defining PHI data and setting policies to ensure the security and privacy of that data. One of the first steps is to discover where PHI might be hidden. For example, U.S. Social Security Numbers at a health plan were hiding in plain sight in a field called SUBSCRIBER_NUM.

3. Support transition from ICD-9 to ICD-10. As ICD-10 significantly increases the number of codes relative to ICD-9, a number of information governance topics need to be addressed during the transition including:

• Organizations need authoritative reference data for ICD-9 and ICD-10 codes, as well as the mappings between them.
• Providers must be trained and incented to leverage the full set of ICD-10 codes.
• Business intelligence must understand how to handle analytics on claims data. It is likely part of the organization will move to ICD-10 while the remainder of the organization will stay with ICD-9 for a period. As a result, information governance needs to establish policies to translate ICD-10 to ICD-9 codes for analytics purposes.

4. Ensure a consistent set of business definitions, clinical terminology, and metadata. Information governance also needs to ensure consistent naming conventions for clinical data. Clinical data is represented differently in different clinical data domains. For example, EMRs use different clinical coding standards such as SNOMED CT and LOINC. Standardization of clinical coding standards is critical to the quality and safety of healthcare delivery. It is also important for healthcare research and development and is fundamental to the success of e-health. In addition, EMRs refer to problems, disease states, drugs, and allergies differently. Information governance needs to semantically harmonize clinical information into a common taxonomy of medical terminology that can be effectively shared across disparate clinicians, analytical processes, applications, and health systems.

5. Facilitate the seamless exchange of patient data to support Health Information Exchanges. A Health Information Exchange (HIE) provides the ability to electronically move clinical information between disparate stakeholders such as health systems, community hospitals, physician practices, clinics, diagnostic centers, payers, and public health agencies.

[Commentary: 3 reasons to let HIE customers define services offered.]

As the participants in an HIE operate in heterogeneous technology and data environments, it is challenging to physically connect their systems and disparate representations of patients, providers, organizations, and locations. HIEs are forcing a move from application-centric to patient-centric care. However, it is difficult to achieve a patient-centric view of information because the patient has data residing within disparate systems.

Information governance is at the very core of any HIE because stakeholders act as trading partners for clinical information. HIEs need to address a number of information governance challenges including:

• How do you apply governance policy such as the consistency of clinical terms to HIE participants that are separate legal entities?
• How do you build consensus?
• How do you provide mechanisms that enable individual participants to customize or deviate from the “community policy and best practice?”

These are truly exciting times for the emerging discipline of information governance which is at the forefront of significant trends in healthcare including EMPIs, EMRs, HIEs and ICD-10.