CIO Healthcare Hurdles: Predictions for 2018

Balancing privacy concerns over the convenience to provide more effective care will continue to be a challenge throughout 2018. There will be a shift from data protection to ‘share with protections’ that will improve interoperability and empower healthcare professionals to embrace humanistic care.  


Privacy vs. Convenience

Who owns patient data? It’s clear that under the Health Insurance Portability and Accountability Act (HIPAA), business associates, including EHR vendors, must return or destroy patient health information upon termination of the agreement (HHS sample business associate contract). Therefore, even if the electronic health record (EHR) contains patient data, it must be destroyed if the patient terminates the that agreement. If the patient says, don’t use their data, it can’t be accessed and must be removed from the system. How often this happens in practice is well, questionable.

The Hurdle: ‘Meaningful use’ has limited reach for patient protection.


Conditional Patient Access

The trend that will envelop 2018 will be the divide between ‘access profiles’ and ‘raw patient medical data.’ In reality, 99% of patients can’t read their chart, or truly understand the details of their medical records, and why should they? That is the role of clinical staff. Privacy is a major concern — until it isn’t. For example, if you ask a patient if they would like to share their full personal health history including blood type, all previous procedures, and life habits with providers they likely will say no. If you ask a similar question, if your heart rate goes below 40 beats per minute (say in an ambulance), would you share it? They will be quick to affirm, of course! Access and consent to medical information is conditionally determined on the environmental. Today EHR systems have a difficult time, factoring in conditional consent. Often a patient either authorizes full access to their medical records (all in), or no access. This model doesn’t meet patient needs, and will evolve. What if we could add (authorize) doctors’ access to our EHR just like you add a friend on LinkedIn or Facebook? Likewise, you could remove them just as easily.

The Hurdle: The need for conditional access of patient data, has been missed.


Patient Security

The adoption of ingestibles, wearables, and embeddables will change how we think about security.

Broadband-enabled digital tools that we actually ‘eat’, digital tools you wear on your person such as wristwatch-like devices that have sensors to monitor your heart rate, and other vital signs and miniature devices that are actually inserted under the skin or deeper into the body are causing CIOs to review how security is viewed. “Just because you can connect to something doesn’t mean you should,” said Avi Ruben, professor at John Hopkins University at a recent CIO conference in Hartford, CT. We must consider patient security and safety before we push wearables, care mobility and remote monitoring. Each offer enormous opportunities balanced by the enormous possibility of patient harm.

Let’s explore two escalating examples. The first example is a simple wireless blood pressure monitoring device (Withings, QardioArm, iHealth, Xiaomi). It’s simple to operate, and information syncs with the patient iPhone or Android phone, and this information is also available for the clinical staff monitoring care. What happens if you push the button on our iPhone to start the blood pressure arm band, and the pressure doesn’t release? It’s true that ischaemia (i.e. lack of blood/oxygen) tolerance of tissues varies from patient-to-patient and 2-3 hours are required before major damage occurs. I’d expect the patient would get off the arm band before the limit, using some new found creativity.  Even so, it does cause pause for one to consider how security can impact your personal health.

The second example is the application of a simple wrist band monitoring heart rate. It’s working well, but a bug has increased the sampling rate. Various technologies are used to harvest energy, including thermoelectric, piezoelectric, electromagnetic, and photovoltaic, with light and heat being the most appropriate for wearable devices. In this case, the sampling rate is on a wrist device that monitors a sleeping patient’s heart rate, enabling remote monitoring of a chronic breathing condition. A software bug increasing the sampling rate may result in a product so hot it can cause a burn to the patient’s wrist. Maybe, the patient would wake up, maybe not. However what if this same software security exploit was in a pace maker? The conversation quickly moves from uncomfortable to life threatening. Compliance is one step from negligence. We have to be proactive and think carefully about patient outcomes while being mindful of newly introduced patient risks.

The Hurdle: Smart devices advantages must be weighed, alongside the risk to patient health.


Digital and Operational Humanism

The global technology skills gap has impacted access, cost, and quality of care provided.

Gary Beach, author of the, “The U.S. Technology Skills Gap by Gary Beach,” states the “U.S. technology skills gap threatens our future economic stability, workforce employability and national security.” Is the healthcare IT skills gap real? CIO Magazine believes it is and in a recent article observed that “A third of healthcare managers said they had to postpone or scale back an IT project because of inadequate staffing, according to a 2014 survey by the Health Information Management and Systems Society (HIMSS).”

How do we provide better care without physicians? How do we provide better quality of care without nurses? How we apply big data analytics for better patient outcomes, without incorporating genomic information into treatment decisions created by healthcare data scientists? The answer is we try but it’s close to impossible, as evidence from the last 10 years increasing costs of healthcare. It’s true that other drivers have pushed up healthcare costs including: increased cost of medical services, a focus on volume over value, limited transparency on price and quality, and provider consolidation.  Yet without clinical and administrative staff there, no care will be provided. 

The Hurdle: Workforce management starts with understanding the needs of people providing care.


The Great Talent Divide

Despite the fact that the U.S. Health Resources and Services Administration (HRSA) now predicts an excess supply of nurses numbering 340,000 in the US by 2025, this doesn’t account for distributional imbalances at the state level. When this is factored in 16 states are projected to have nursing shortages by 2025. We have a healthcare technology skills gap, that is impacting cost across the board for providers and payers.

Emerging technology introduced in recent years with new device and tool adoption has widened the healthcare technology skills divide. Is the technology skills gap a result of an educational system that has not adequately emphasized science and technology? Maybe. 

Here’s where we need to focus for 2016:

  1. Infuse cash and creativity for staff retention.
  2. Build internal IT teams.
  3. Grow employees through internal training programs, and
  4. Be realistic with demanded skills set expectations.

The Hurdle: Available healthcare technology skills are mismatched with the current needs of patients.

We’d be wise to remember that:

humanism is the greatest differentiator in business.

Zig Ziglar, said it well, “you don’t build a business, you build people, and then people build the business.”




Medscape. (2014). Routine Primary-Prevention ICD Replacement Questioned (online image). Retrieved November 16, 2015, from


Peter Nichol, empowers organizations to think different for different results. You can follow Peter on Twitter or on his blog. Peter can be reached at pnichol [dot]

Previous articleCIO Perspectives: Impact of Technological Singularity on Analytics
Next articleHealthcare’s Two Biggest Problems Going Into 2016: No Sugar Added
Peter is a technology executive with over 20 years of experience, dedicated to driving innovation, digital transformation, leadership, and data in business. He helps organizations connect strategy to execution to maximize company performance. He has been recognized for Digital Innovation by CIO 100, MIT Sloan, Computerworld, and the Project Management Institute. As Managing Director at OROCA Innovations, Peter leads the CXO advisory services practice, driving digital strategies. Peter was honored as an MIT Sloan CIO Leadership Award Finalist in 2015 and is a regular contributor to on innovation. Peter has led businesses through complex changes, including the adoption of data-first approaches for portfolio management, lean six sigma for operational excellence, departmental transformations, process improvements, maximizing team performance, designing new IT operating models, digitizing platforms, leading large-scale mission-critical technology deployments, product management, agile methodologies, and building high-performance teams. As Chief Information Officer, Peter was responsible for Connecticut’s Health Insurance Exchange’s (HIX) industry-leading digital platform transforming consumerism and retail-oriented services for the health insurance industry. Peter championed the Connecticut marketplace digital implementation with a transformational cloud-based SaaS platform and mobile application recognized as a 2014 PMI Project of the Year Award finalist, CIO 100, and awards for best digital services, API, and platform. He also received a lifetime achievement award for leadership and digital transformation, honored as a 2016 Computerworld Premier 100 IT Leader. Peter is the author of Learning Intelligence: Expand Thinking. Absorb Alternative. Unlock Possibilities (2017), which Marshall Goldsmith, author of the New York Times No. 1 bestseller Triggers, calls "a must-read for any leader wanting to compete in the innovation-powered landscape of today." Peter also authored The Power of Blockchain for Healthcare: How Blockchain Will Ignite The Future of Healthcare (2017), the first book to explore the vast opportunities for blockchain to transform the patient experience. Peter has a B.S. in C.I.S from Bentley University and an MBA from Quinnipiac University, where he graduated Summa Cum Laude. He earned his PMP® in 2001 and is a certified Six Sigma Master Black Belt, Masters in Business Relationship Management (MBRM) and Certified Scrum Master. As a Commercial Rated Aviation Pilot and Master Scuba Diver, Peter understands first hand, how to anticipate change and lead boldly.