Leading Innovation in Enterprise Information Governance

By Linda L. Kloss, MA, RHIA, FAHIMA

The past two decades have seen tremendous change in health information management (HIM) practice. The underlying drivers of this transformation are the complexity of healthcare delivery, the exploding demand for actionable information, pressure for greater public accountability, and the ever-changing legal and regulatory environment. Technology is the enabler of the change, and the rapid adoption of information and communications technology in healthcare is irrevocably changing HIM.

Information governance is now a prominent strategy for AHIMA and is an emerging topic that should be considered important by HIM professionals.1 There are several underlying information management and governance concepts that all information-intensive industries are grappling with as they digitize. HIM professionals should set priorities for improving information management and governance at their facilities and look to AHIMA to help educate them in this emerging role. To help in that effort, a HIM Innovation Community has drafted guiding principles for enterprise information management and governance and has begun sharing these promising practices. As the industry evolves, there are short-term actions an HIM professional can take to jump-start or accelerate efforts to lead transformative information management and governance change.

Information Management Headlines

Every day industry stakeholders see signs and symptoms signaling the need to strengthen health information management and governance. The persistent breaches of personal health information along with the rise of medical identity theft and healthcare fraud are obvious and troubling examples. Data integrity and quality problems in the paper medical record are re-incarnated and magnified in clinical information systems, and error correction is markedly more complex. The patchy and inconsistent ways in which unstructured data are managed and used limits its usefulness. Also, the wrenching transition to ICD-10-CM/PCS is symptomatic of an industry without the infrastructure to optimize an adoption of new code set versions, vocabularies, classifications, and other tools that help transform data to information.

These and many other examples signal inadequacies in our information management and governance infrastructure. This is not due to a failure by HIM professionals. These are symptoms of the scope of disruptive change in perhaps the most complex information management environment in the world—the US healthcare system. Working through them requires an information management and governance infrastructure that is up to the task.

Figure 1: Model for Transformational Health Information Management

Figure 1 shows the EIM functions as enveloped by information governance. Information governance can be thought of as an "accountability wrapper." It's not likely that EIM is achievable without effective governance.


Musings on Contemporary Information Management

The healthcare industry can learn from other information-intensive industries that have worked to create and apply information management best practices. The challenges healthcare professionals face in this area are not unique. Aligning information management with strategic and operations demands has not been an easy journey for banking or financial services organizations, manufacturing, government, life sciences, or other industries. But there are important concepts and lessons that healthcare can learn from these groups as it catches up.

Contemporary information management practices rest on three foundational principles:

  • Information Asset Management
  • Enterprise Information Management
  • Information Governance

Like other assets such as people, finances, property and buildings, and intellectual property, information has strategic value and must be deliberately managed. The information assets of a healthcare organization includes all levels of patient care data from transactions to de-identified aggregations, structured and unstructured formats, business operations data, images, personal health records, and other content in both physical and digital form. Managing information as an asset is a mindset and culture that is engendered through consistent leadership over time.

Ensuring the value of information assets requires an organization-wide perspective of information management functions. It requires explicit structures, policies, processes, technology, and controls which taken together describes the discipline of enterprise information management (EIM). Gartner Group describes EIM as "an essential organizational discipline."2

The nexus of healthcare EIM is patient data—structured and unstructured—in enterprise and departmental transaction systems as well as analytic systems. However, billing and payment information, e-mail, personal health record data, employee and contractor information, quality improvement data, health information exchange, and other information are part of the information asset mosaic. The scope of EIM may expand as information assets are brought under management and governance.

EIM guides the organization to use effective information management practices and adhere to core policies regardless of the type of data or information. It unifies today's information silos, replacing ad hoc efforts with more standardized and transparent information management practices.

Governance, the Bedrock of Stewardship

Information governance is a framework of rights and accountabilities that ensures effective information asset management. It is an enabling function, not a regulatory one. Each healthcare professional is a steward of health information, and effective governance can help everyone perform their work in a way that benefits their internal and external customers and serves the public good. It is difficult to engender trust in the data and use it as an asset if all healthcare professionals don't understand and abide by the ground rules.

Organizations in other industries report real benefits from enterprise information management and governance in three areas:

  • Improved organizational performance
  • Reduced costs
  • Risk mitigation

Organizational performance benefits include timely and more effective decision-making because information is accessible, accurate, and trusted. Cost reduction examples include improved planning and sequencing of acquisition of technology, retiring legacy systems, and reducing redundant data. Risk mitigation examples include avoidance of compliance penalties, legal costs, and adverse public relations events.

Figure 2: Goals for Information Governance and EIM Component Functions

Figure 2 presents goal statements for each component of EIM and a goal statement for information governance, developed with consensus from the HIM Innovation Community members. Like the model, they are working statements that will be improved upon as the journey of learning continues.

Information Governance

To ensure a formalized oversight framework and leadership for the advancement of policies, processes, and standards for the adoption, implementation, maintenance, interoperability, and appropriate use of data and information.

To enhance the value of information assets and their strategic uses to improve clinical and organizational performance, compliance, and ethical stewardship.

Access, Security, and Confidentiality

To ensure that personally identifiable and other confidential health and business information are available only to authorized persons and used only for authorized purposes.

To ensure that security risks and vulnerabilities are proactively managed.

Information Integrity and Quality

To continuously improve the value and trustworthiness of the information asset by ensuring that data and content are valid, accurate, reliable, current, and comprehensive, and that they reflect the continuum of care.

Information Design and Capture

To improve the efficiency and quality of data collection, capture, downstream information use, interoperability, and reuse through effective information architecture, content definitions, and standards.

To enhance the satisfaction of those responsible for capture and reduce costly redundancy through standardization.

Content and Records Management

To maintain designated records sets, including legal health records, and other types of records in accordance with the clinical and business needs of the organization and all applicable legal and regulatory requirements.

To deploy explicit policies and best practices for management, retention, and disposition that account for all records in all media.

Information Analysis and Use

To ensure that the requisite clinical and non-clinical data and information are available, trusted, and usable by those who rely on them to make decisions to improve health and healthcare.

The HIM Innovation Community

Successful communities of innovation accelerate breakthroughs, and that is exactly what the HIM Innovation Community, sponsored by Precyse Solutions, is aiming to accomplish.

In 2011, Precyse Founder and CEO Jeff Levitt convened a group of company experts to study what the HIM department of the future might look like. Later that year HIM thought leaders were invited to participate in an open innovation community to accelerate learning about advanced HIM practice. The findings of the community's work are now publicly available through a series of white papers.3

The work of the community has progressed through three phases of thought leadership. The first focused on understanding trends impacting HIM and how they impact information management. While this started as a discussion about the HIM department of the future, this first phase illustrated why e-information management needs to be thought of in terms of core functions and services. The second phase resulted in a working model of core functions and services for enterprise information management.

Next the community reached consensus on definitions and guiding principles for each of the major functional chunks of EIM. The value of starting with guiding principles is that they capture values and standards regardless of how technologically advanced a function might currently be. The community is now turning its attention to identifying breakthroughs and new ideas for a few areas of urgent importance to advancing EIM.

There is a great deal of emphasis on innovation in healthcare today, but innovation often happens in pockets. Depending on priorities, talent, and opportunity, some organizations innovate in certain functions—but few innovate across the board. A community can serve as a collection point for what's working and be a catalyst for new ideas. A community can also empower participants with the confidence to advance new approaches and ideas in their own organizations.

e-Information Management and Governance Model

The conceptual model adopted by the HIM Innovation Community seen in Figure 1 is a working model. It includes five component EIM functions—access, security, and confidentiality and information integrity and quality—that are foundations for the other EIM functions. Resting on these foundations are three areas of focus for EIM that span from information capture to actual use. Historically, HIM was primarily concerned with records management functions. Digital information management spans the life cycle of data and information from design and capture through use and eventual disposition and destruction. Not only must healthcare EIM span the life cycle of information, it must also bridge organizations and systems, as information no longer lives within a single organization. Enterprise information management practices also must engage and support the needs of patients, families, and the communities in which they live. Thus, the community developed a scalable model, not bound by organizational boundaries.

Figure 3: Sample Principles for Enterprise Information Management and Governance

There are a total of 60 guiding principles available for download at www.precyse.com. These principles are meant to serve as a stable navigation system.

Sample guiding principles for information governance

An enterprise information governance charter lays out the governance framework.

Policies and procedures ensure accountability and auditability.

Metrics and key performance measures for all critical management functions are determined.

Sample guiding principles for content and records management

Descriptions of the designated record sets and the legal medical record should be set.

A formal hold order process ensures reasonable and good faith efforts to preserve the legal record.

A retention plan for designated record sets and legal health records, electronic and physical, and other data across the enterprise should be developed.

Guiding Principles and Practice Innovation

The HIM Innovation Community developed guiding principles for each component that reflect the values and precepts for information management. While technology and best practices may evolve, guiding principles serve as a fairly stable navigation system. Sample guiding principles are shown in Figure 3, and the entire set totaling more than 60 principles is available for download at www.precyse.com/himnovation.

The HIM Innovation Community envisions that guiding principles can be used to:

  • Conduct a current state assessment to identify areas of vulnerability
  • Communicate the scope of EIM and governance
  • Identify priorities aligned with the organization's strategic priorities
  • Organize EIM policy development and assign ownership

Jump-starting Governance Efforts

Enterprise information management and governance in the digital era requires thoughtful incremental change that expands organizational competencies and improves policies and practices, training, and vigilance. It requires leadership and new levels of collaboration and teamwork. Like any other technology or management initiative, it also requires resources. To garner the necessary support it is important to carefully assess areas of vulnerability and strategic priorities of the organization.

The collective experience of members of the HIM Innovation Community, supported by the research of Gartner, suggest the following actions to jump-start one's efforts:5

  1. Use the model and guiding principles to assess a facility's current EIM and governance strengths and weaknesses. If you don't have responsibility for the whole range of EIM functions, then examine your area of responsibility to identify areas and vulnerabilities, particularly those that align with priorities of the organization. For example, if one's organization is expanding its analytic capabilities, the capabilities contained in the model under the "Information Integrity and Quality" section will be critical to promote trust and hence use of data.
  2. Use what you learn from the current state assessment to bolster conversations about the need for change. Provide background reading that supports EIM and information governance as business practices of growing importance for all information-intensive industries. If one's efforts to improve information security to breach-proof an organization are not gaining traction, consider developing and promulgating a breach prevention plan.
  3. Begin capturing information management policies and assessing their consistency across the organization. This is a key part of HIM work but this inquiry may look at the challenge more broadly when viewed against all the functions depicted in the model. Identifying the level of variability in policy and process will be very helpful in supporting a HIM professional's case for EIM and governance.
  4. Leverage improvements aligned with changes already underway. For example, the transition to ICD-10-CM/PCS and the "meaningful use" EHR Incentive Program offer opportunities to introduce governance.
  5. Engage an executive sponsor for information governance. This should be a senior level sponsor who can help move the initiative along more quickly by reiterating the link to organizational priorities and providing needed resources.
  6. Recommend a multidisciplinary steering committee to oversee improvements even if they are focused on one component of EIM such as information integrity and quality or information governance of data analytics.
  7. Develop measures and metrics to guide each improvement effort. HIM can't manage what it can't measure, and information management has operated with too few tested metrics for too long. HIM professionals need to know where their efforts are and where they need to be.

It's never easy to be a change leader, but enterprise information management and governance requires HIM professionals to fully engage and lead their organization. The concepts depicted in the Model for EIM and Governance, and the guiding principles, are already second nature to HIM. HIM is dealing day in and day out with the consequences of chaotic information management practices throughout the organization and across the healthcare system. This is a chance to bring order to the chaos. Those interested are encouraged to join the HIM Innovation Community and assist the group as it starts work on its next phase.


  1. AHIMA. "Strategic Plan Drive the Power of Knowledge—Health Information Where and When It's Needed, 2014-2017." http://www.ahima.org/about/Strategy.aspx.
  2. Logan, Debra. "Organizing for Information Governance." Gartner. November 6, 2009. http://www.gartner.com/id=1223113.
  3. Precyse. "Precyse HIM Innovation Community: A Meeting of HIM Innovators to Accelerate Positive Change for the Future." 2013. http://www.precyse.com/himnovation.
  4. Kloss, Linda. "Information Governance: The Essential Accountability Wrapper." Health Data Management. February 1, 2012. http://www.healthdatamanagement.com/issues/20_2/information-governance-the-essential-accountability-wrapper-43923-1.html.
  5. Logan, Debra. "Hype Cycle for Enterprise Information Management, 2012." Gartner. July 26, 2012. http://www.gartner.com/id=2094617.

Linda L. Kloss (linda@kloss-strategicadvisors.com) is president of Kloss Strategic Advisors, based in Chicago, IL, and facilitates the HIM Innovation Community.

Article citation:
Kloss, Linda L. "Leading Innovation in Enterprise Information Governance" Journal of AHIMA 84, no.9 (September 2013): 34-38.