Healthcare Incident Management in the Age of Merger Mania

There’s no denying that the pace at which today’s world moves makes security a challenge. Tracking activities, responding to incidents and analyzing risks is, at best, an exercise in playing “catch-up.” But disruptions will happen. Threats will materialize. And that means your hospital needs to be better at reporting on and analyzing incidents. Faster at restoring operations. Smarter at predicting where things could go wrong.

The best you can do is learn from the past and plan for the future.

That’s difficult enough with a single facility. But it’s harder still in a complex healthcare network. In fact, the only thing that might seem to move faster than the pace of change is the rate at which the healthcare industry has been consolidating. Levin Associates reports that healthcare M&A activity comprised 1,498 transactions, a new record for deal volume. Spending topped $563 billion—another new record. And PricewaterhouseCoopers called 2015 “the year of merger mania.”

“Record year” makes a great headline, but what it means on the ground is this—growing pains for the security infrastructure that suddenly finds itself part of a network of 10, 20, even 60 facilities or more.

One way to make sense of your place (and your data) in a “merged and acquired,” multi-hospital world? Enterprise incident management software.

Enterprise incident management (EIM) software offers automated end-to-end coverage across dispatches, activities, incidents and investigations to help you manage—and make sense of—data points numbering in the thousands or tens of thousands. Dispatch from your Security Operations Center (SOC), track activities, report and analyze incidents, and manage investigations from start to finish—then report up to your organization’s risk managers… It’s all possible with software.

Read on to learn why software can make sense… and how you can get started.

What is enterprise incident management software?

From minor server failures to major power outages, incidents happen every day. In health care, however, even small issues can cause big problems.

So… what are you doing to prevent one?

Enterprise incident management software can both provide insight into the past and offer a degree of predictability about the future— whether you’re looking to harden your hospital against intruders or simply identify the pattern behind a particular patient’s violent outbursts.

Software can inform your organization’s response to incident trends, steer policy decisions, and help satisfy compliance requirements. The right software can help you visualize past incident information, predict threat patterns, and manage your response to on-going crises in real-time.

Capture incidents, classify them by impact and urgency, assign them to staff or authorities for quick response, then manage and report on compliance. With software, you’ll have more insight into what happened in the past and be better able to cope with what’s to come.

Most importantly, software enables a proactive approach to security—one that touches on four strategies:

  • Avoiding security incidents altogether;
  • Comprehensively assessing and managing risks;
  • Rapidly detecting incidents and threats; and
  • Recovering from incidents as quickly as possible.

These strategies are especially important in the context of a newly merged hospital—there’s simply too much happening to handle it all on your own, but the added pressure of trying to effectively integrate post-merger makes software a must.

How to make the move to software

1. Bring stakeholders on board

Before you implement software for your organization, you need to make sure you’re ready for it—and stakeholders are too.

Don’t assume different areas of the business don’t care about what software you use. “Get them in the room” to find out. Risk, Finance, Legal, IT… Each will have different wants and needs, and they’ll be looking to you to meet them.

For your part, you’ll need to set expectations around project goals, what the organization can stand to gain from your new approach to incident management, and what success will look like.

2. Make sure your policies, processes and procedures are up-to-date

Software is only as good as the foundation on which you build it. Before you flip the switch on EIM, get as much in order as you can around dispatching, activity tracking, incident management and investigations.

If you’re lucky, you’ll only need to review—but be sure to plan for some work in this phase if you haven’t revisited the way you do things in a long time.

3. Determine what you want to do with the information

Do you plan to make the case for more cameras? Use software to track the use of CCTV information in incident investigations. Tired of escorting

VIPs instead of doing patrols? Use the data your software will provide to make the case that your efforts would be better spent.

4. Build the business case

Odds are you already know you want EIM software. But simply knowing, obviously, is not enough. In order to convince your organization that they need it too, you’ll have to make a compelling argument.

One word of caution: you might think demonstrating ROI will make your case open- and-shut, but don’t forget you work in a hospital. You’ll have a much better chance of winning approval for your software project if you can demonstrate how what you do will also improve patient care and staff safety.

5. When you get the green light, assemble a project team

If you’ve never brought enterprise software into an organization before, you’ll be surprised at how quickly the process can become overwhelming without proper planning—especially if you’re trying to implement across some or all of a large healthcare network.

It helps to have a project team in place to work with your vendor: executive sponsor, steering committee, dedicated project managers, business leads, technical leads and more.

6. Communicate with stakeholders throughout

Communicating is the stuff of Project Management 101, but even so it’s often neglected. After all, when you’re immersed in an implementation project, it’s easy to forget that others “on the outside” may not know what’s going on.

Don’t wait until your next quarterly update to fill them in—consider regular status reports to your major stakeholders to keep support for your project strong.

7. Train and test

Don’t forget to plan for showing your team how to use the new software, especially if they’re not generally comfortable with computers and technology. You’ll also need to take time to test to make sure everything’s working as it should.

In other words, acquiring and implementing software is not a one-time exercise—getting it installed is only the beginning.

8. Above all, don’t be shy about demonstrating your value

Don’t forget that you’ll be under intense pressure to prove your effectiveness and efficiency in the new post-merger world. To help assuage fears that your new software will simply drive costs, emphasize how improving security actually streamlines healthcare delivery. It sounds obvious, but you’d do well to demonstrate how quickly getting on top of and recovering from incidents—or avoiding them in the first place—makes it easier to achieve better patient outcomes.

Where to go from here

This resource only scratches the surface, of course—the ins and outs of enterprise incident management software are much too deep to explore in just a few pages.

But if you’ve been leaning toward making the shift from your current solution, there’s no time like the present. The benefits—more insight into your security challenges, more confidence in your ability to handle them, and more visibility both in the organization and at the boardroom table—far outweigh any temporary challenges you might be fearing.

Rate this article