Jim Boyer – Rush Memorial Hospital
Back in 2002, the year Jim Boyer became the newly minted chief information officer for Rush Memorial Hospital (RMH), you almost had to go out of your way to contract a computer virus—i.e. visit an extreme website or open an infected floppy disk (remember those?).
Even then, the resulting damage was typically mitigatable, and seldom, if ever, devastating.
Technology has evolved, of course, but so too have the pervasiveness and sophistication of malicious malware—and to an arguably larger degree. This is especially true of the healthcare sector, which recently surpassed banking and finance as the most highly targeted industry for hackers and other black-hat actors.
“Back then, the whole internet was pretty wide open, and local area networks (LANs) weren’t nearly as secure,” says Boyer, who also holds the title of chief information security officer for the Rushville, Indiana-based hospital. “Now our systems have to be more secure than a bank’s.”
At nearly $450 billion, hacking has emerged as one of the largest illegal businesses in the world, with personal data—names, addresses, Social Security numbers—serving as pilfered puzzle pieces for identity theft.
This issue is especially pressing in healthcare, where hackers compromised 27 million patient records in 2016 alone. Though Boyer is by no means alone in confronting this cyber scourge, his approach—forged over 15 years on the battle’s front lines—is one he sees as more holistic in scope.
“I always look at security in the organization as the primary foundation of IT,” Boyer says. “It’s typically on the people side of things where mistakes happen. So the people have to become your primary firewall.”
From the motherboards up
When Boyer joined the RMH ranks, IT professionals were, in his words, “the black sheep” of the wider healthcare world. The reason, he says, is that the industry was still very much mired in outmoded wares and processes, making roles like his difficult to optimize.
As the sector grew evermore complex—first through automation and digitization in the private sector; then as a result of increased government regulations—IT started to become more involved. Today, Boyer and his CIO colleagues aren’t merely integral to healthcare’s well-being, they’re indispensable.
“It used to be hard just to have our voices heard at the table,” Boyer says. “Now we’re sitting there actually helping shape the organization’s overall strategy.”
Boyer’s input has been so valuable, in fact, that he’s since assumed the responsibility of leading Rush Memorial’s marketing strategy, with growing emphasis placed on more directly engaging both existing and prospective patients.
Still, IT remains Boyer’s primary focus—particularly as it relates to what he says is the paramount task of protecting the system’s digital perimeter. Not only are hospitals like RMH handling more data than ever before; the number of people (and vendors) with access to that information has also increased.
“The baseline concern is how do we control as safely and securely as we can, where everyone goes, what information they can access, and what they do with it?” Boyer explains. “And that’s a company culture issue as much as it is an IT one.”
At RMH, the process begins with whom it hires, and how. Specifically, Boyer and his team issue an assessment test, centering on what he sees as the hospital’s overarching mission: being caregivers. The more genuine the buy-in, the more likely the staff is to embrace measures designed to protect those patients.
Far from being a one-way street, Boyer says RMH’s emphasis on open-door communication—typified by CEO Brad Smith’s monthly “employee huddles”—encourages feedback from employees.
“They often raise issues and concerns that we haven’t even thought of, and bring ideas to the table that make things better,” Boyer says.
In an effort to further improve process implementation, Boyer recently hired an internal field service technician—a kind of roving tech expert capable of addressing problems in real time.
For Boyer, the procedural challenge is akin to that of a basketball coach: The goal is to help your team memorize the plays—in this case, the hospital’s processes and protocols—as much as possible.
“Once you’re out on the floor, you can’t just pull out the playbook,” Boyer says. “So it’s about having people on the floor you know paid attention in practice. Those are the people that care and want to do the right thing.”
Close to home
If Boyer’s love of RMH comes off as fatherly doting, there’s a pretty good reason: It’s where he was born. And while there were plenty of detours between—formative years in the Upper Peninsula of Michigan, an MBA from St. Joseph’s College in Maine—there’s a reason Boyer has remained at Rush for the better part of two decades.
“It’s easier to live out your vision and mission when you see the impacts up close,” says Boyer, who lives nearby with his wife and three children. “Even though we’re one of the smaller community hospitals, this allows us to do innovative things more quickly.”
Whether it’s been migrating to a new electronic health records system, transitioning to the cloud or investing in Lean Six Sigma methodology (collaboration, in a word), Boyer and his team have sought to improve efficiency—computer, cost and otherwise—across the IT board.
Today, Boyer says RMH’s core infrastructure has been rendered 99 percent virtual. In so doing, the hospital is meeting the twofold challenge of streamlining its processes while “sandboxing,” or protecting. its most valuable information.
But while improved bandwidth and bolstered security are nothing if not encouraging bottom lines, Boyer finds even greater satisfaction in a different, more human kind of currency.
“I don’t go looking for pats on the back, but if a nurse comes up to me and says something we implemented helps her do her job in providing better patient care, that’s all I need,” Boyer says, “because we know that silent impact is helping the patient.”
Showcase your feature on your website with a custom “As Featured in Toggle” badge that links directly to your article!
Copy and paste this script into your page coding (ideally right before the closing