This book includes a plain text version that is designed for high accessibility. To use this version please follow this link.
● Dashboard: Data Storage/Data Management Data Warehousing

Three things healthcare CIOs should know about data warehouses By Larry Grandia

For the past decade or so, healthcare technology has taken off on a breathtaking sprint to integrate electronic health records and automate essential operational infor- mation systems. Today, the goal for most health system CIOs is to produce an ana- lytics capability that will ensure survival in the new healthcare reform environment, including value-based purchasing. In the race of IT initiatives, it’s easy

to lose sight of priorities. Building an enterprise-wide analytics platform should be one of these priorities. It will be a challenge for healthcare CIOs, but it’s a challenge organizations can meet with the aid of a data warehouse. Here are three things CIOs should know about data warehouses and the imperative that technology brings: 1. BI/data analytics will be one of, if not the most, compelling IT initiatives in healthcare during the coming decade. Get- ting started now on a foundational platform will be critical to getting out and staying out in front of this emerging, critical business imperative.

2. T ere are critically important reasons why your organization needs an enterprise-wide solution to its analytics needs (as opposed to numerous, single-point solutions). Simplicity in architecture, coupled with lessened resource consumption amid constantly expanding analytics demands, dictates that

CIOs implement an enterprise data warehouse (EDW). An EDW minimizes redundancy and isolates reporting to a single source of truth.

3. Achieving early ROI necessitates a late-binding (highly fl exible) data warehousing environment, coupled with a “cleanse your data as you go” operating philosophy. Early ROI will ensure on-going organizational support for the EDW and will facilitate organizational compliance to an enterprise-centric solution. While CIO at Intermountain Healthcare for more than two decades, I witnessed the automation of a remarkable number of systems and processes. I also realized the need for a fl exible EDW fed by operational systems and coupled with advanced analytical tools. T is analytics approach yielded insights and allowed us to harvest improvement knowledge. Sharing this knowledge system-wide with clinicians and management, and imbedding this knowledge back into operational systems, took us down a path of real and documented cost, quality and access improvement. While healthcare technology and the analytics imperatives of

healthcare reform advance into the future, CIOs with the foresight to start their data warehouse initiatives sooner, rather than later, will position their healthcare organizations for a successful, effi cient transition to value-based care. Larry Grandia led IT functions for Intermountain Healthcare, Inc.

for more than two decades and was Chief Technology Offi cer of Premier, Inc. before his retirement in 2011. He currently serves on the Board of Directors of Health Catalyst.

Security Nine key cyber threats identifi ed in Verizon data breach report

Ninety-two percent of the 100,000 security incidents analyzed by Verizon security researchers over the past 10 years can be traced to nine basic attack patterns that vary from industry to industry. T at’s the big takeaway from Verizon’s “2014 Data Breach Investigations Report” (DBIR) published this May. T e DBIR identifi es the nine threat patterns as: miscellaneous

errors such as sending an email to the wrong person; crimeware (various malware aimed at gaining control of systems); insider/ privilege misuse; physical theft/loss; Web app attacks; denial of service attacks; cyber espionage; point-of-sale intrusions; and pay- ment card skimmers. In the healthcare sector, 46 percent of security incidents were the

result of lost or stolen assets, with physical theft and loss of assets occurring most often in the offi ce – not from personal vehicles or homes. Insider misuse was the second-biggest threat. Other key fi ndings in the report include:

• Cyber espionage is up again in the 2014 report, representing a more than three-fold increase compared with the 2013 report, with 511 incidents. (T is is partially due to a bigger dataset.) In addition, these attacks were found to be the most complex and diverse, with a long list of threat patterns. As it did last year, China still leads as the site of the most cyber espionage activity; but the other regions of the world are represented, including Eastern Europe with more than 20 percent.

• For the fi rst time, the report examines distributed denial of service (DDoS) attacks, which are attacks intended to com- promise the availability of networks and systems so that,

22 June 2014

for example, a website is rendered useless. T ey are common to the fi nancial services, retail, profes- sional, information and public sector industries. T e report points out that DDoS attacks have grown stronger year over year for the past three years.

• The use of stolen and/ or misused credentials (user name/passwords) continues to be the No. 1 way to gain access to information. Two out of three breaches exploit weak or stolen passwords, making a case for strong two-factor authentication.

• While external attacks still outweigh insider attacks, insider attacks are up, especially with regard to stolen intellectual property. T e report points out that 85 percent of insider and privilege-abuse attacks used the corporate LAN, and 22 percent took advantage of physical access.

Verizon analyzed more than 63,000 security incidents and more than 1,300 confi rmed breaches in 2013 to compile this year’s report. Get the full report at


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28