Coming Soon to Your Healthcare Facility: Information Governance. A Look at Healthcare Information Governance Trends through Practical Case Studies

By Lesley Kadlec, MA, RHIA

The growing momentum of information governance (IG) initiatives in healthcare provider organizations raises many questions. What are the goals of information governance? Why have some organizations decided they need formal IG programs? How do healthcare organizations expect to benefit from IG? How are they implementing IG? What role does executive leadership play in the success of IG strategies?

As a relatively new concept in healthcare, IG can be somewhat of a mystery to health information management (HIM) professionals. To better understand the issues associated with IG and how it is being implemented in healthcare, AHIMA has developed case studies based on the experiences of four healthcare organizations with active IG programs. The aim of these case studies is to begin to answer the above common questions and identify some overarching goals related to the implementation of IG in healthcare organizations. The case studies also provide a preview into IG activities that many healthcare organizations may adopt in the near future—and are meant to encourage HIM professionals to take the lead in developing similar programs at their facilities.

Defining IG and Why it is Needed

The healthcare industry is undergoing rapid transformational change, and as a result is faced with a host of new requirements that are driving the need for accurate and actionable information.1

Information is the lifeblood of the healthcare organization—essential for fulfilling its primary mission of providing healthcare services. It is a critical asset that must be managed and optimized to ensure safe, cost-effective, high quality care delivery.

Information governance can help healthcare organizations pave the way toward business intelligence because information governance provides the framework to ensure the effective management of information assets.2,3

Gartner defines information governance as “the specification of decision rights and an accountability framework to ensure appropriate behavior in the valuation, creation, storage, use, archiving and deletion of information. It includes the processes, roles and policies, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals.”4

According to the IG case studies collected by AHIMA in the summer of 2013, healthcare organizations are initiating information governance programs to support a wide range of business strategies related to managing quality, improving financial outcomes, maintaining regulatory compliance, mitigating risk and the potential for litigation, fostering patient engagement, and enabling business intelligence. The organizations are also currently in the process of shifting from fee-for-service payment to value-based care and population health management, and they have indentified an increasing need to use analytics based on solid data in order to manage financial risk.

The IG case studies, as well as a new white paper detailing the industry’s first IG benchmarking survey, are available on AHIMA’s information governance website at

Initiatives Driving IG

With the current environment of incentives and requirements for adoption and implementation of health information technology becoming more complex, the need to ensure the quality and integrity of healthcare information has become even more important.

Some of the programs and initiatives driving the need for information governance include:

  • ICD-10-CM/PCS implementation
  • Accountable care organizations
  • “Meaningful use” EHR Incentive Program
  • E-discovery
  • A desire to realize the full benefits of EHR implementation

IG Case Study Methodology

In order to identify healthcare organizations with IG initiatives, AHIMA asked members of the association’s 2013 EHR and Physician Practice Councils whether they were employed in an organization that had undertaken an IG initiative and whether they would be willing to participate in an interview about their organization’s efforts. Other healthcare organizations with known information governance programs were also invited to participate.

AHIMA agreed that the organizations would remain anonymous in the case study reports. A set of interview questions was developed in collaboration with the members of the AHIMA Information Governance Workgroup, and telephone interviews were conducted with each organization that agreed to participate. Information governance leaders from four healthcare organizations of varying types and geographic locales agreed to participate in the case study interviews. The intent of the case studies was to identify the drivers for IG; identify structures, functions, and roles; and understand the benefits associated with an IG program. AHIMA officials hope other healthcare associations will use the case studies to launch similar IG programs in their organizations.

It is important to acknowledge that there are limitations to the case studies and the results obtained from them. The scope of this review was limited to four healthcare organizations, and doesn’t attempt to summarize the IG efforts of all healthcare organizations. The organizations studied included two acute care hospital systems, one regional healthcare system and one very large integrated delivery system. Since the interviewees were HIM professionals involved in IG, the case studies are reflective of an HIM perspective.

Study Findings Illustrate IG Structure, Benefits, Challenges

The case study organizations reported a variety of reasons for developing and implementing IG. The study showed that electronic health record systems (EHRs) were a key impetus in the development of information governance programs. Ensuring that information from the EHR supports safe patient care, meets the administrative and financial needs of the organization, reduces risk, and can be used for business needs such as analytics or health information exchange were identified as drivers for establishing information governance.

Additional reasons why the organizations established an IG program include:

  • Sharing of information across facilities with different geographic locations
  • Developing a shared master patient index
  • Planning for population health management with analytics
  • Ensuring accurate data for quality measurement and reporting
  • Meeting the requirements of the meaningful use program
  • Participating in health information exchanges
  • Developing a centralized approach to managing supplies and medical equipment
  • Addressing data integrity issues
  • Improving reimbursement
  • Tracking physician productivity

The case studies revealed that rapid EHR implementations had resulted in significant health information integrity issues that needed to be addressed through governance processes. Examples of these issues included:

  • Errors that resulted from inadequate user training on how to use the system
  • Inability to capture information necessary for required reporting from the EHR
  • Inaccurate release of information for litigation and business purposes that had resulted from poor systems integration
  • Amplification of pre-existing issues associated with a high rate of patient matching errors in the enterprise master patient index
  • Need for updating access controls that ensured appropriate security levels for those caring for patients
  • Need for better security of protected health information in order to comply with stricter regulatory requirements

While these organizations focused initial efforts on patient data and EHRs, future initiatives within these organizations will also include the implementation of additional processes that support some of the other IG business drivers cited above.

IG Challenges Identified

The organizations that were studied reported many challenges that led to the development of an IG program. There were challenges associated with the management of health information in the electronic environment because of problems like duplicate patients that had gone unnoticed in the paper environment, as well as a lack of staff training on appropriate use of the documentation tools in the EHR.

Challenges noted in setting up an IG program included creating a culture of change, ensuring that communication was reaching staff at all levels of the organization, and prioritizing incoming requests—such as report requests, requests for new technology, or upgrades to existing systems—to ensure that the work that was most important was completed first.

Once the challenges had been identified, change management was addressed through organization-wide and department level meetings to explain the program to staff and solicit their feedback. To ensure that the most important work was completed quickly, the IG teams prioritized the requests they received based on such criteria as organizational need, regulatory requirements, and the alignment of the product or process with strategic goals, budgets, or staffing. Communication had been difficult because many entities within the same organization viewed themselves as independent and often desired to remain autonomous. These challenges with communication were addressed through the development of organization-wide scorecards that shared the goals and results of the IG program with all staff at every location within the organization.

Scale and Size of Organizations in IG Case Study



Outpatient Visits


Inpatient Beds

Case Study 1 – Academic Medical Center System





Case Study 2 – Interstate Integrated Delivery System





Case Study 3 – Large Regional Integrated Delivery System





Case Study 4 –Four Hospital Integrated Delivery System


100,000 (ER visits)



IG Goals Identified

The goals of the information governance programs included developing processes to ensure better coordination of care throughout the entire organization; a desire to maintain a competitive advantage in the geographical regions that were being served; and ensuring that the organizations were analytics-driven, leading to better performance and outcomes.

The act of managing information at the individual entity level was not allowing these organizations to capitalize effectively on the economy of scale that could be realized through a centralized governance process, the case study revealed. The organizations said prior to the IG program they were not nimble and could not respond quickly enough to information requests. They also had difficulty obtaining accurate information for reporting. A shared IG goal was to be able to rapidly respond to requests for information and ensure that it was reliable and complete.

These organizations recognized a need for formal information governance initiatives. They hoped to benefit by using trustworthy information to improve decision making, patient care, and safety. They needed to be able to protect sensitive data while at the same time allowing necessary access to eliminate impediments for staff that made it difficult to accomplish job duties. Clinical staff desired better and more accurate information on outcomes, and financial leadership needed more precise information to ensure the organizations could meet financial goals.

Sample IG Organizational Structure

Structure and Function of IG Programs

Each of the organizations had designed an IG structure that included an executive in a leadership position. The executive had responsibility for managing the program, which included ensuring that projects were completed on time and within budget, making certain that communication was reaching all levels of the organization, prioritizing projects appropriately, and ensuring that policies were being written and updated when needed. In some instances this was a defined role. In other organizations this executive had a dual role with responsibility for IG functions as well as other job duties. Most of the organizations surveyed assigned IG responsibilities to a leader in an existing position within the organization and updated the title and job description to include the addition of IG responsibilities.

For most organizations, a program charter or similar document was drafted and approved, and a core committee with representatives from appropriate business areas was then assembled. Activities were undertaken to finalize processes based on the unique strategic needs and capabilities of each organization.

The core committee was characterized by executive leadership with representation from HIM, clinical areas including nursing staff as well as physicians and staff from the business office, risk management, legal, finance, IT, quality, and compliance areas. The core team functioned as the approval body for any new policies, technology recommendations, and report requests. The core team was also responsible for oversight of the resolution of any identified problems or information-related issues that were identified by subgroups or department leadership.

The executive leadership ensured that all necessary resources were allocated and that team goals were aligned with organizational strategy.

Common functions of the IG core team included:

  • Oversight of the processes and policies related to information access, security, and confidentiality
  • Information integrity and quality
  • Information design and capture
  • Technology review and recommendations
  • Record content and information management
  • Information analysis, use, and exchange

In addition to core IG committees meeting regularly, subgroups from operational areas were commonly utilized to assist when needed to develop policies, review report requests, or evaluate proposed technology. The subgroup members would make recommendations to the core team regarding the purchase of additional technology, needed system modifications, design of new workflows, development of new order sets or documentation flow sheets, etc. This allowed the end users to be involved in the design or purchase decisions related to the new tools. Additional staff members were also brought in to participate on these various subgroups at the request of the core team.

As a supplement to the core team and subgroups, these organizations often designated individual department leaders as data stewards for their respective business units, with those department leaders then reporting up to the IG core committee. The data steward’s role included:

  • Creating and maintaining policies and procedures such as defining access requirements or developing new workflows for their areas of responsibility
  • Monitoring reports as published in scorecards with responsibility for implementing any necessary improvements
  • Resolving any data integrity or quality issues
  • Providing communication to staff related to IG initiatives
  • Identifying existing data or information sources
  • Recommending and testing any new technology in their respective area of responsibility

Each organization’s program design was reflective of its structure. The organizations typically utilized existing staff to fulfill IG functions, depending on the identified problems and the availability of staff to respond to the identified gaps. Executive leadership, as well as collaboration between legal, risk management, HIM, and IT departments, was consistently noted as essential to ensuring that work was being completed.

Typical responsibilities of the individual department leaders or data stewards from each organization were to review the policies, procedures, and technology within their areas of responsibility. This information was then shared with the core team members for monitoring. Each core team member was then responsible for reviewing the elements of the information that were being shared from the department leaders or data stewards and addressing any areas of risk or correcting any identified errors. These core team members met periodically as a group under the direction of executive leadership.

Beyond functions related to EHR data and information, there was variation noted among the organizations as to what other types of information were being addressed through their information governance processes. Some had begun to address other types of information such as physical assets, physician productivity, and coding quality.

All of the information governance programs studied for AHIMA’s IG project were continuing to evolve, regardless of the length of time that the IG program had been in place. Future enhancements were planned, such as master data management, predictive analytics, collaboration with payers, participation in health information exchange, and continued development or refinement of additional IG policies and procedures.

Regardless of the type of structure or the goals of the program, executive leadership played a key role in the development, ongoing support, and communication of the goals of the information governance programs in all of the organizations studied.

Terminology Reflects Focus of IG Program

Variation was noted in the use of the terms “information governance” and “data governance” among the organizations studied. It was noted that one organization labeled its program as an “information governance” initiative when the focus was specifically on IT and data. Another organization, which was taking a much broader approach and was clearly engaged in information governance, had chosen to name its program “data governance.” The terminology chosen to represent an information governance effort may be a reflection of organizational culture.7

However, the terminology chosen by each organization may have been determined by the focus or orientation of the stakeholders in the program. Different perspectives on the scope of the IG program typically determine what the program is called. For example, an IT executive’s focus on IT and activities like metadata management may lead to a program focus on data governance, whereas a privacy officer’s global view of information and a focus on privacy policies and business rules would trend more toward use of the information governance term. The name chosen for the program may ultimately drive some of the work that the team is expected to accomplish.8

Use of IG Consultants in Program Design

Some organizations had enlisted the assistance of consulting firms in designing their programs. The consulting firms assisted with developing tools and policies for information security and developing reports and scorecards that allowed for better sharing of the information throughout the organizations. The consultants provided guidance with developing archival systems and plans for appropriate retention and destruction of information. Some of the organizations planned to engage consultants again periodically in the future as they updated or expanded their IG programs, including future planning for analytics and metadata management.

Role of Health Information Management in IG

In the majority of the organizations surveyed, HIM professionals had been working closely with executive leadership prior to the establishment of the information governance programs and often played a key role in their initial development. This was likely due to the recognition that these HIM professionals possessed in-depth knowledge of information management practices that could be leveraged as the IG initiatives were rolled out. This included skill sets in information security, privacy, coding, data capture and management, and maintaining information integrity for regulatory compliance and business and legal needs. AHIMA staff observed through the case studies that the specific role HIM professionals played in initiating the information governance programs could be related to pre-established trust of the department’s skills within the organization and prior working relationships with executive leadership in these organizations.

IG Benefits Realized

Some of the benefits reported in the case studies due to the implementation of an IG program included:

  • Improved ability to track quality outcomes and quicker turnaround times on report requests
  • Ability to participate in health information exchange by addressing the accuracy of patient data for improved identity matching
  • Increased patient engagement accomplished through the ability to share data with patients
  • Greater collaboration with physicians, leading to overall better care documentation
  • Lower costs due to shared purchasing of equipment and supplies

The organizations that participated in the AHIMA study said they have made progress with improving their quality measures due to the IG program. Some have plans to start using predictive analytics to improve population health management. Physician productivity reporting is in place, as are more accurate master patient indices that allow sharing of patient information across each enterprise due to the programs. EHR functionality has been improved and physician documentation tools have been created to improve charge capture and reimbursement, the organizations reported.

Most of the benefits cited were related to improvements in the use of health data. Because the subjects interviewed worked predominantly in the field of HIM, it was not clear whether there had been any impact on other areas of the organization, such as business intelligence functions or data analytics. However, an information governance program has the ability to enhance the use of information across all business units, and this may be more evident in organizations where other functional areas in the organization play a greater role in governance.5

Program Success Factors

In all the case studies, executive leadership and support was a critical success factor in the implementation of information governance. This is consistent with surveys of executives from other industries, where executive leadership in IG is viewed as critical to navigate any budget constraints, ensure cross-functional collaboration, and lead change management.6

Another success factor that was repeatedly noted was ongoing communication with staff and clinicians to maintain the momentum of the programs. Results were regularly shared through a balanced scorecard or through reports that are distributed to the various stakeholders that allows them to monitor results at the entity level. Reporting was done through department level leadership so all staff were informed of the work being undertaken. Some organizations used formal scorecards, and others used individual departmental reports.

IG as an Enabler

The case studies reflected that organizations view IG as an enabler of business strategies. IG programs are seen as a strategic necessity that allow organizations to implement information capture enhancements that help meet initiatives like ICD-10-CM/PCS, meaningful use, health information exchange, quality measures, participation in ACOs and other new care delivery and payment models, and the use of analytics for population health management. Each organization that was studied has already incorporated information governance into enterprise-wide strategic planning, and all are keeping the entire organization informed of the success of the program.

IG’s Master Goal: Manage Growing Data Volume

Based on the findings from the case studies, the overarching goal of information governance programs in healthcare is to proactively and effectively manage the growing volume of information that is being collected and maintained on a daily basis. Some healthcare organizations studied decided that they needed formal information governance due to the implementation of EHRs and the need to manage the quality, integrity, and volumes of information that the EHR now contained. In fact, EHRs appear to be driving the adoption of IG in healthcare, at least in these case studies.

Information governance is a clear strategic enabler for ensuring that information is usable and of high quality for all of the transformational changes that healthcare is currently undergoing. As such, these healthcare organizations expect to benefit from IG through their improvement in quality measurement, ability to maintain a competitive advantage in the marketplace, and ability to promote community wellness through such initiatives as predictive analytics for population health management. Healthcare organizations are beginning to implement IG by identifying business problems and using formal information governance structure and process to address them. Executive leadership plays a critical role in the success of information governance strategies by providing the necessary tools to obtain vital information and promoting ongoing IG efforts through formal organizational strategy. Finally, information governance requires an organizational structure that promotes governance effectiveness.

The ability to implement and sustain a strong IG program is reflective of an organization’s culture, where there is open communication and an acceptance of the changes that are necessary to make and maintain the improvements that a formal IG program brings to an organization.


  1. American Medical Association. “Getting the Most for Our Health Care Dollars–Health Information Technology.”
  2. Thomas Gordon, Lynne. “Information Governance for the Health Care Industry – Now Is the Time.” iHealthBeat. February 3, 2014.
  3. Iron Mountain. “When Health Systems Merge, Smarter Healthcare Information Management Keeps the Peace.”
  4. Gartner. “IT Glossary: Information Governance.”
  5. SAP. “Governance from the Ground Up: Launching Your Information Governance Initiative.” 2011.
  6. CGOC. “Information Governance Benchmark Report in Global 1000 Companies.” October 2010.
  7. Van Beneden, Pierre. “Impact Your Organisation: How Information Governance Drives Value and Profits.” iQ. May 2013.
  8. SAP. “Governance from the Ground Up: Launching Your Information Governance Initiative.”

Read More

Information Governance Program Case Studies

The complete information governance program case studies summarized in this feature article are available on the AHIMA website’s information governance page. The case studies include additional details on how four different healthcare systems instituted information governance programs. AHIMA developed the case studies to serve as an example for other healthcare organizations interested in implementing their own information governance programs.

Lesley Kadlec ( is a director of HIM practice excellence at AHIMA.

Article citation:
Kadlec, Lesley. "Coming Soon to Your Healthcare Facility: Information Governance. A Look at Healthcare Information Governance Trends through Practical Case Studies" Journal of AHIMA 85, no.8 (August 2014): 26-32.