Considerations in your IAAM journey – Final (Part IV): Why take the risk of integration?

Wes Wright
Feb 25, 2020

Before you read, catch up on Part 0: An IAAM system overview, Part I: Who does what, Part II: Role Based Access Control the Unicorn of IAAM…or is it?, and Part III: What should I manage in my IDG system?.

We discussed some of the decisions you have to make on your IAAM journey and I’ve given you a couple of thoughts on what I’d do, if I were you. Now, let me take a step back and give some thoughts on your IAAM solutions set, overall, to close this series out.

It wasn’t so long ago -- maybe 10-15 years – when the standard approach of the healthcare IT industry was to buy and install pieces of clinical systems. These included emergency department systems, ICU systems, OB systems, patient registration systems, revenue cycle systems, etc. We took these clinical systems and then used our interface engines – things like clinical context object workgroup, better known as CCOW – to stitch them all together. Well, we tried at least. To new(er) HIT professionals who have never experienced this, this approach might seem crazy, but that’s just the way things were done back then.

Nowadays, we’d never think of doing things this way. Instead, our great EHR vendors like Epic, Cerner, MEDITECH, and Allscripts do the integration for us. Of course, letting EHR vendors manage this “stitching” gives them a ton of influence over your IT strategy, but more and more we’re seeing these “vendors” start to move out from under the umbrella of that word and under the umbrella of “partner.”  And, if that is the case, letting your partner influence your HIT direction to the degree we do, isn’t a bad thing at all. Partners, after all, have a common interest in each other’s success.

That’s where we are with the major systems we use to provide service to our patients and families. And the industry consensus seems to be that we should be pretty satisfied with how things are operating now. Knowing that, why don’t we take that the same “partnership” approach with other service lines?  After all, partnering seems to be working out pretty well in the patient-centric areas.

Look at our current systems for HIT security, access, and workflow. Most folks are familiar with the “tap ‘n go” – or single sign-on – process for accessing information within a healthcare facility. More and more, what was once your father’s old “tap ‘n go” system is now evolving into a digital identity strategy.  The idea is that the entire healthcare ecosystem benefits from managing digital identities from creation to extinction.

Essentially, we’re seeing the realization of the long-quoted saying, “Identity is the New Perimeter.”  When applications, data, and devices have proliferated outside your old network perimeter the way they have, something needs to be used to “control” access. The HIT industry is increasingly recognizing that it’s the digital identity, and this requires a suite of HIT products to help hospitals manage those identities.

As I travel around the country and talk with CIOs, I’ve come to realize that, from a digital identity perspective, we’re going “Back to the Future.” That is, much like we did with the patient servicing systems I mentioned above, folks are purchasing and installing pieces of an IAAM service and using their own resources to stich those pieces together. I call that “Do-It-Yourself” (DIY) service. You know, like you do when you have a project at home. Buy a bunch of pieces and parts, make an average of 2.7 trips to the hardware store, and end up creating something that works but is fragile and not very efficient. At least, that’s how my home projects have gone! And, when one of those pieces changes (via an upgrade, for example), then things break. And, just like you had to do during the ‘DIY’ days with the EHRs, you have to fix it (get out the duct tape!).

I don’t know why we’re learning this lesson all over again but I have a couple of ideas. First, I think we’re getting a lot of folks into HIT that weren’t here those 10-15 years ago and didn’t get a chance to learn the integration lessons we did. Then, I just don’t think there are very many vendors out there that can offer that end-to-end integrated digital identity service. The real shame is, not many folks even realize that this capability is in the marketplace. Well, it is and I hope you make that choice to avoid the risk of integration so you can work on those other IAAM aspects we discussed previously.