What are the challenges facing hospital CIOs?

Why does the hospital CIO reflect the challenges facing all CIOs?

Not all sectors are equally exposed to digital transformation. Some are moving fast, driven by competition and innovation. Others evolve under constraint, in complex, regulated environments, where each transformation involves much more than just operational performance.

The healthcare sector falls into this second category. And that’s precisely what makes it such an illuminating case study. Because, in reality, what hospital CIOs are experiencing today is an amplified, almost caricatured version of the challenges now faced by all CIOs.

To find out more, we spoke to Paul Maitre, Founder of Easis, a firm specializing in helping healthcare establishments with their digital transformation.

He sums it up very simply: a hospital CIO ” combines everything that is more complex in a constrained sector“. Behind this formula lies a very concrete reality: a multiplicity of professions, operational criticality, regulatory pressure, budgetary constraints, and a Digital transformation that’s still catching up. It’s a concentration of tensions that few organizations can muster at this level.

What’s the current state of digital transformation in hospitals?

Taking a cold look at the situation, the healthcare sector’s digital transformation is well underway, but it’s still lagging behind other sectors. As Paul Maitre points out, “the sector is still lagging behind other economic sectors”, and even further behind many foreign countries. But this observation needs to be put into context.

In France, healthcare is an eminently public sector, with historically limited IT resources. Above all, these are profoundly human professions, where digital technology has long been perceived as an administrative necessity, rather than as a core business lever. Unlike industry, where robotization has forced rapid and massive digitalization, the care professions have maintained a more distant relationship with digital tools: you don’t “replace” a doctor or nurse with a system.

However, the dynamic has reversed and the trend is now well underway. In recent years, the sector has seen a clear acceleration, driven by public policy. As Paul Maitre points out: ” In the wake of the Covid crisis, o here have been major efforts to mature and catch up. The French government has played its cards right with the national digital health strategy and the Ségur Program. It is putting in the money, and establishments are making progress. “

Digital patient records, connected objects, telemedicine: the trajectory is real. The question that now arises is that of AI, whose transformative potential could enable the sector to take a decisive step forward… or, on the contrary, widen the gap even further if the momentum doesn’t continue.

Further information: National health strategy | e-health

At the same time, over the last ten years or so, the hospital landscape has been undergoing a phase of mutualization that is partially changing the landscape. It is being restructured around the Groupements Hospitaliers de Territoire (GHT). Out of a thousand public-sector establishments, some two hundred groups have been set up to cover the whole of France. In the private sector, the trend towards concentration around groups of clinics is following a similar logic, as is the case in the medico-social sector.

For the CIO, this mutualization is often presented as the first “easy” project in a merger. “Paul Maitre explains: ” Three establishments will come to an agreement: we’ll share a portfolio of projects, we’ll choose the same tool as soon as one of them needs to be changed, and we’ll start working together on information system issues. But he also warns that, like any merger or rapprochement project, it’s a long-term transformation that needs to be accompanied. Imposed collaboration is not enough, and must of course be built on.

Why is the hospital CIO structurally complex?

What’s striking about hospital IS is not just its relative backwardness, but its intrinsic complexity. Several structural factors combine to make the hospital IT environment particularly demanding.

Special users. The internal customers of a hospital CIO are doctors, nurses and paramedics: professionals who are constantly on the move, under pressure. They are not office users. Their relationship with digital technology is demanding, and they are often uncomfortable with ill-conceived tools. An input screen that’s too complex, and adoption collapses. A tool unsuited to mobility, and it’s bypassed in the first week.

Unparalleled business complexity. A hospital is potentially made up of dozens of medical specialties, each with its own protocols, vocabulary and data flows. As a direct consequence, a hospital information system (HIS) may embody two or three major applications… but above all several hundred small, specialized business bricks, often made up of ” 200, 300, sometimes 400 applications “. Whereas a traditional company can structure its IS around a few major processes, a hospital has to deal with extreme diversity. The result is an extremely unwieldy legacy of applications.

A heavy legacy. This accumulation of applications also reflects a long history of successive choices. Hospital CIOs have inherited a legacy that is often poorly mapped, and dependent on highly specialized software vendors who are sometimes difficult to replace. Around the Electronic Patient Record (EPR) – the hospital’s true ERP or “reactor core” – gravitate dozens of tools, whose replacement often involves lengthy, risky and cross-functional projects. Dependence on software publishers is real, and migration projects can be painful.

The need for continuity. Hospital CIOs are also faced with a constraint that few other sectors have to deal with at this level: the requirement for absolute continuity. ” Hospitals are no laughing matter: things have to run all the time. This almost trivial phrase says it all. Where other organizations can absorb even limited interruptions, hospitals have no such luxury. The information system is directly linked to continuity of care. As a direct consequence, the priority remains the run. Maintaining the system in operational condition absorbs a large proportion of resources, both financial and human. And what’s left to transform, innovate and modernize is mechanically limited.

Limited resources. Added to all this is the fact that hospital IT budgets are structurally low as a proportion of overall budgets, well below benchmarks observed in other sectors. But the trend is upward, driven by the growing awareness that digital technology is a lever for organizational optimization, and by public funding that is amplifying this trend: ” If we need to invest to improve care, if there’s a promise of optimization, of improvement through digital technology, management knows how to go about it. And there’s always a desire to keep a pocket of innovation. “Paul Maitre notes, referring in particular to university and research hospitals, which are particularly active in these areas.

And what about human resources? HR tensions in CIOs are not specific to the healthcare sector, but they are particularly acute here. The needs are the same as elsewhere: systems engineering, security, data, Project management. But the conditions are not comparable: below-market salaries, high operational intensity, and constant exposure to complex situations.

The CIO’s employees have a strong sense of vocation. As with the caregivers themselves, there’s a dimension of commitment that goes beyond the contract. Not without a sense of humor, Paul Maitre adds ” The CIO needs to be able to turn into a support “guy” in the evenings. The doctor only knows his number and calls him as if he were a helpdesk. . “

This explains why hospital CIOs work so well, despite their constraints.

Who steers the digital transformation of healthcare establishments?

Governance is also a subject in its own right. In the healthcare sector, digital transformation is not just a decision to be taken at facility level. It is part of a multi-level framework: national, regional and local. The major orientations are driven by the French government via its major national Programs, relayed by the Regional Health Agencies (ARS), and then implemented at facility level.

Nevertheless, each establishment has real room for maneuver: its director can draw up a digital strategy based on his or her own priorities, seek innovative partnerships and respond to calls for European Projects. But they are part of a regional framework that can set objectives and allocate additional funding – the ARS being themselves the direct emanation of State policy.

” When I’m in a school, I have to draw up my digital plan or strategy taking all this into account: what my school wants, what regional framework we fit into, and what major national Programs we have to respond to – either as a constraint, or as an opportunity, because there’s funding involved,” sums up Paul Maitre.

Is this stacking of layers a factor of complexity or a positive dynamic? Both. It is undeniably cumbersome, but it also produces national coherence in terms of the objectives to be achieved, and an overall dynamic that pulls the whole system upwards, which is rare in other sectors.

For the CIO, this means one thing: they never steer alone. It has to deal with multiple injunctions, regulatory obligations, funding opportunities and local priorities. Above all, it must constantly arbitrate.

Further information [Les Agences Régionales de Santé ARS](Agence régionale de santé | Agir pour la santé de tous)

How is a hospital CIO’s Projects portfolio structured?

Perhaps this is where the hospital CIO best illustrates the condition of all CIOs: caught between the weight of the past, the obligations of the present and the ambitions of the future.

In a hospital, as elsewhere, the equation is always the same, and the Projects portfolio is constantly being shaken up by two forces.

On the one hand, there’s an incompressible base: the run, regulatory obligations, national programs, all of which must be complied with, or risk losing certifications and funding. On the other, business needs, opportunities for innovation and constant demands. ” The run and the compulsory already take a big chunk. After that, I’ll allocate the leeway to my business needs“, explains Paul Maitre.

Faced with this equation, there are two ways forward: optimize within a constrained framework, by opening up the tap as much as possible within the available margins, or seek out new sources of financing through partnerships, calls for projects and regional cooperation. Public funding also plays a structuring role in budgetary terms: national programs (Ségur, CaRE, etc.) provide earmarked resources to accelerate projects that would not otherwise have been financed.

This is where rigorous governance of the Projects portfolio comes into its own. Having a consolidated view – run, build, mandatory, evolutionary Projects – enables you to arbitrate methodically, rather than having to deal with emergencies. This is precisely where management practices make the difference, by making tensions, prioritizations and optimization levers visible. However, Paul Maitre observes that ” not everyone is yet equipped: portfolio management, governance, rotating strategic diagrams: all the classic IS governance is not necessarily in place “. But things are changing, and this is a fundamental trend.

Added to this is the question of the CIO’s place in the governance of the establishment. The reality is often that of a department under the supervision of the Administrative and Financial Department (DAF), rarely represented at the highest decision-making level.

This structural position creates concrete difficulties: when the CIO tries to implement processes, streamline shadow IT or impose governance discipline, it easily comes up against resistance without having sufficient arbitration levers. “Paul Maitre sums up bluntly: ” When a CIO comes to put rigor and processes in place, if he doesn’t have a share of power or powerful sponsorship, it’s complicated.

Nevertheless, the subject of data and AI is beginning to change the game. Some establishments are setting up entities dedicated to innovation or data, which can gain strategic visibility. But, as in other sectors, these entities have sometimes been created outside the CIO, which raises the question of the coherence of the whole.

What are the failure factors in healthcare Digital transformation projects?

Paul Maitre’s experience in the field has enabled us to identify a number of recurring factors in the failure of Projects, which are not specific to the healthcare sector, but are often amplified there. And it’s not technical reasons that are the cause of the main difficulties:

The first, and most frequent, is insufficient co-construction with the Business Units, leading to tools that are ill-suited to real-life use. Delivering a tool without having worked sufficiently with its end-users means exposing yourself to a catastrophic reception. In an environment as demanding as a hospital, where healthcare staff’s time is at a premium, a poorly thought-out interface will simply be bypassed, or even abandoned.

The second factor is the nature of the Projects, which are often complex and long term, combined with the cumbersome nature of public procurement procedures. Public procurement contracts require that requirements be defined in advance of the relationship with the Contractor, with deadlines and formalities that are not conducive to Agility.

Projects don’t fail because the technical answer doesn’t exist. Rather, they fail because the way in which we work with the business units, upstream, during and at the end of the project, is not equal to the human and organizational challenges. But these factors – difficulty getting the business on board, organizational inertia, complex trade-offs – are in fact common to many CIOs.

Why are Cybersecurity and data critical?

If there’s one area in which the healthcare sector is indisputably unique, it’s data.

Establishments handle some of the most sensitive data available. Medical, personal and critical data. And they are, in fact, prime targets for cyber attacks. The reasons are clear: high-value healthcare data, critical systems whose interruption has direct consequences on care, and historically inadequate levels of protection. Several French establishments have fallen victim to ransomware attacks in recent years, with severe operational impacts.

Faced with this situation, awareness is real. National programs, such as the CaRE (Cybersecurity Acceleration and Resilience of Establishments) Program, have been launched. We apply the same logic to Cybersecurity as the Ségur of digital technology: define objectives, propose funding to achieve them, and monitor their implementation. Business resumption plans (PRA), Business continuity plans (PCA), security diagnostics, deployment of CISOs: the momentum is there. But the level of progress is still uneven, and efforts must continue.

” There’s a real movement to push this forward. There are CISOs everywhere, and the regions are investing in it. The subject is being taken seriously and an effort is being made. “We’re not there yet, but we’re making a real effort via these national plans to raise the level of safety.

To find out more: CaRE Documentation Centre | E-Santé

Beyond security, the question of data opens up another area: that of its exploitation. Hospitals have a considerable volume of data at their disposal, but it is often fragmented, poorly governed and difficult to exploit.

Interoperability, long touted as the key, is making progress, but remains a challenge. ” It’s still a Holy Grail,” admits Paul Maitre. HL7 FHIR, openEHR, SNOMED CT: the standards exist, are gradually becoming established, and certain interconnections are now enforceable by law. But the multiplicity of systems, the diversity of players and the complexity of data flows make the exercise particularly difficult.

Above all, interoperability is not an end in itself: what we’re looking for is the ability to use data from multiple systems to create something of value.

When it comes to data governance, Paul Maitre is straightforward: there’s still a long way to go. ” There’s still a lot of work to be done to take stock of all the data available to hospitals. People say that hospitals are sitting on a pile of gold with their data, but it’s in lots of different tools, it’s not cleaned, it’s not standardized. “Exploiting this potential wealth therefore requires considerable prior structuring.

This is perhaps where the data-IA revolution opens up a new perspective: no longer trying to get all systems to talk to each other, but building layers of data exploitation capable of freeing themselves from this constraint.

How do you reconcile the CIO’s rigorous approach with the Business Units’ appetite for innovation?

Contrary to popular belief, innovation is alive and well in hospitals. Medical professors, department heads and researchers have a long tradition of Projects conducted outside institutional channels – a kind of IS “Formula 1”, set up in partnership with start-ups or research laboratories.

” There’s the shadow IT of the average user who makes a small request on ChatGPT. And then there’s the real shadow IT, in quotation marks, of the stars of the hospital: doctors who set up a separate project with a startup in order to have a highly specialized innovative project. “distinguishes Paul Maitre.

These initiatives are invaluable. They enable us to explore, experiment and innovate rapidly. But they also raise a key question: how do we scale up? How can these innovations be integrated into existing information systems? How to secure them? How can they be generalized?

This is where the role of the CIO becomes central. Not to put the brakes on, but to structure, support and industrialize.

Here again is a universal challenge: all CIOs are faced with business functions that are innovating faster than they can absorb. In the case of hospitals, however, there are some positive trends: ” The further along we get, the more hospital managers become digitally literate. They arrive young, they know they have to rely on digital technology. And there are many technophiles in the medical teams too. It’s an opportunity “adds Paul Maitre.

Will AI transform the hospital CIO?

A legitimate question, and Paul Maitre is cautiously optimistic. Two scenarios coexist. In the first, AI reproduces the sector’s usual trajectory: staggered adoption, gradual learning, but still lagging behind more agile sectors. In the second, AI acts as a gas pedal, enabling healthcare to “turn a corner”, unleashing new possibilities where inherited constraints seemed insurmountable.

In concrete terms, in addition to offering an alternative to Interoperability by building operating layers capable of aggregating and interpreting heterogeneous data, AI could also help solve an equation that French healthcare must imperatively address: Do more, with less. ” We’re going to have a lot more sick people who cost a lot more, with a lot fewer doctors ,” sums up Paul Maitre. To meet this challenge, we’ll need to rethink the entire healthcare chain, and digital technology, led by AI, has a major role to play.

Telemedicine, remote post-operative monitoring, remote care, optimizing patient care pathways: there are many concrete use cases, and they are already being tested in numerous establishments. ” It’s not science fiction, it’s very credible and it’s going to be super useful: we can save three nights’ accommodation and a round trip by ambulance. It’s really feasible and beneficial. . “

Towards a more strategic CIO in the healthcare sector?

In this context, digital technology is not just a lever for efficiency. It is becoming a structuring element in the transformation of the healthcare system. This implies a change in the role of the CIO. Gradually, it is moving away from its traditional support role to become a strategic player at the heart of these transformations.

And this is perhaps the sector’s final lesson. While healthcare is an extreme case, it is above all a sign of the direction in which we are heading. That of a CIO who is no longer subject to constraints, but who structures arbitration. No longer content to simply keep the system running, it contributes directly to overall performance.

A CIO that, in the end, looks more and more like what all CIOs are destined to become.

What can hospital CIOs tell us about all CIOs?

When it comes down to it, hospital CIOs don’t face radically different issues to those in other sectors. They simply face them in a more intense, more visible, more constrained way:

A heavy legacy to bear. Hundreds of accumulated applications, vendor dependencies that are difficult to unwind, a technical debt that constrains present-day choices: the healthcare sector takes to the extreme a reality with which all CIOs are familiar.

Multiple and contradictory injunctions. Complying with regulatory obligations, maintaining quality of service, driving transformation, listening to business functions, integrating innovation: the list of priorities is as long in healthcare as it is elsewhere. What changes is the intensity of the constraints and the criticality of the challenges.

Management under constant pressure. Tight budgets, scarce resources, overloaded project portfolios: nowhere is the need for rigorous governance, clear steering tools and structured arbitration capabilities more obvious than in hospital establishments. And yet, for many of them, it’s still a work in progress.

Digital transformation that can’t wait. The momentum is there: national Programs, Ségur funding, the rise of cyber, the first uses of AI. The healthcare sector, which has long lagged behind, is accelerating. The trajectory is positive, provided that hospital CIOs have the conditions they need to play their role to the full: strategic positioning, adequate human resources, appropriate steering tools.

For CIOs in all sectors seeking to understand what it means to steer under maximum constraint, healthcare is a unique field of observation and inspiration.

Many thanks to Paul Maitre, Founder of Easis, Abraxio partner, for sharing his expertise, which contributed to the writing of this article.