How to Pursue Digital Innovation and Reduce Risk

This guide will discuss some of the digital innovation initiatives that are transforming healthcare, the new business risks these initiatives can introduce, and a few key strategies healthcare organizations can adopt to stay competitive and reduce risk. 

While healthcare has begun investing more heavily in digital transformation during recent years, not everyone has fully committed to the path of innovation. The biggest change most healthcare organizations have experienced over the last few years has been the transition to electronic health records—a time-consuming and costly initiative that has taken resources away from innovation initiatives. Meanwhile, industries like retail and banking continue to push the envelope and have reached a level of digital maturity that has transformed the way they do business.

But the tide is turning. Disrupters like Google, Apple, and Amazon are investing heavily in the healthcare industry[1], opening up new possibilities and, even more so, posing a real threat to healthcare organizations that remain stagnant and risk-adverse.

IT leaders know change is necessary and that nobody in the healthcare industry can afford to put digital innovation on the backburner. Instead, they need to approach it strategically and with a solid technology roadmap in place.

This guide will discuss some of the digital innovation initiatives that are transforming healthcare, the new business risks these initiatives can introduce, and a few key strategies healthcare organizations can adopt to stay competitive and reduce risk.

Transformative technologies

One of the biggest misconceptions about digital innovation is that it involves taking an analog process and simply making it digital. This is not the case. True digital innovation is transformative, which means one of two things should happen: it completely changes the way a business functions, or it revolutionizes the user experience. In some cases, both happen.

While some healthcare organizations have seen huge success in their transformation initiatives, this type of innovation has been hard to come by broadly in the healthcare industry, mainly for two reasons:

  • Lack of resources. For the last several years, many healthcare IT teams have been busy keeping their on-premise infrastructures up-to-date, compliant, and safe from vulnerabilities, leaving little time or money for innovation initiatives.
  • Risk aversion. Privacy, security, and compliance continue to be critical concerns among healthcare organizations—and with good reason. The number of data breaches happening within the healthcare sector are reaching record highs[2], and electronic health records can be worth up to $1000 on the dark web compared to only $0.25 for a credit card number.[3] Meanwhile, privacy regulations are getting more stringent. These facts, combined with a lack of time and resources, have made it hard for IT leaders to venture into digital innovation without fear of putting security and compliance at risk.

The so-called Amazon-effect is taking hold, and customers, patients and members are looking for the same efficiencies and service from healthcare that they are receiving from industries like retail[4,5].

Leaders both within and outside the healthcare sector are responding by adopting next-generation technologies like cloud computing, machine learning, and virtual reality to create healthcare solutions that improve efficiency, communication, and patient outcomes. Here are a few examples of the digital innovation initiatives happening within healthcare:

 Wearable devices and remote monitoring: Being able to continuously monitor a patient’s health is becoming easier and more accessible every day. The Apple Watch Series 4 and above, for example, now offers two FDA-approved heart features—an abnormal heart rhythm alert and an electrocardiogram (EKG or ECG). Other wearable devices such as sweat meters and oximeters are being used to treat conditions like diabetes and respiratory illness. Juniper Research forecasts that 5 million individuals will be remotely monitored by healthcare providers by 2023.[6]

Digital assistance: The rapid adoption of digital personal assistants like Alexa, Siri, and Google Home has opened up a slew of possibilities for patients and healthcare organizations. Mayo Clinic has introduced a free Mayo First Aid skill that provides voice-driven, self-care first aid instructions to patients through Alexa, Google Home, and voice-power web chat platforms. Nimblr, an artificial intelligence (AI) startup, has developed an AI assistant named Holly that helps both providers and patients with medical appointments. The company’s platform can even integrate with Alexa, which allows patients to book and reschedule appointments using voice commands.

Virtual Therapeutics: Augmented reality (AR) and virtual reality (VR) technologies are also already implemented across a myriad of different healthcare applications. These technologies are not only being used in care management to treat conditions such as pain management, PTSD, and bipolar depression, they are also being used for training and education purposes. This includes VR-based operating room simulations that train surgeons, and AR-based apps that assist elderly patients with medication management.

Five risks to avoid

Although each of the aforementioned digital initiatives hold promise and could transform healthcare as we know it, they also open up healthcare organizations—and their customers—to a whole new set of business risks, most of which involve security and compliance. However, when managed correctly, digital innovation initiatives can be safe and successful. IT leaders simply need to be proactive and prepared.

The following are five risks today’s healthcare organizations need to avoid when working toward digital innovation:

1. Not knowing what you have

Before a healthcare organization considers taking on any digital innovation initiative, it needs to have a thorough understanding of its end-to-end system. This includes all networks, devices, data assets, and data flows. IT teams are continually adding to and reconfiguring their networks, so it’s easy to lose sight of the most recent device addition or how a configuration change affects the flow and access of sensitive data. The IT staff need to maintain a detailed record of everything connected to their networks and systems—across locations, hosting models, and user populations (i.e., staff, contractors, patients, etc.). This also includes unrelated systems, such as heating, ventilation, and air conditioning (HVAC) and POS systems. Conducting a real-time data flow analysis and assessment of all network assets is the first step toward mitigating security risk. If you aren’t sure how, there are third-party consultants exclusive to healthcare that can assist you.

2. Security gaps

When it comes to security and compliance, too many healthcare organizations focus on point-based security controls instead of pervasive security. While IT teams may address security and compliance in individual technologies such as an MRI machine or a claims system, most don’t take the time to see what needs to be done holistically. This can leave an infrastructure open to security gaps and unexpected vulnerabilities. Because security standards are constantly changing—sometimes on a daily basis—IT leaders need to ensure their entire infrastructure is resilient by adopting a holistic compliance strategy that closes any potential gaps.

3. Data sprawl

With more and more people using more and more devices from an increasing number of locations, it is difficult for healthcare organizations to have a handle on where their data is, which means it certainly can’t be protected. This is especially true as organizations pursue data-rich initiatives like continuous monitoring. Handling the amount of data coming in and knowing what to do with it is a huge challenge for today’s healthcare organizations. IT leaders need processes in place to identify what data they have, where it lives, and how it is classified from a privacy and security standpoint.

4. Role drift

As any healthcare IT leader knows, recruiting top talent can be challenging. However, digital innovation requires digital skills. When taking on a new initiative, having a qualified staff and access to knowledgeable partners is critical for maintaining data security and compliance throughout the initiative. It is important that organizations implement policies and procedures that closely monitor IT roles and who has system access. Oftentimes, IT leaders forget to remove access after periodic changes in duties or offboarding. Reviewing roles and access privileges in quarterly formal meetings can help mitigate this risk.

5. Lack of agility

Digital technology continues to advance at an increasingly rapid pace, and healthcare organizations need to be sure they are prepared to keep up with the rate of change while still meeting regulatory requirements. This means having the proper resources, equipment, and expertise. Agility can be difficult for IT teams that are tied to antiquated legacy systems, capital expenses, and daily maintenance tasks such as hardware ordering, inventory levels, and capacity. Ordering a new internet cable or server, for example, can delay a project for several months. Because of this, many healthcare organizations are moving at least part—if not all—of their IT infrastructure to the cloud. This not only enables agility, it allows for scalability, faster time to market, and frees up more resources for core competencies and innovation initiatives.

Strategic solutions

Although there are several strategies IT leaders can adopt to avoid these common risks, there are two best practices every healthcare organization should consider:

  • Adopt a “Zero Trust” framework Maintaining security and compliance in today’s digital landscape isn’t easy, but it is possible. Although healthcare organizations have historically relied on network and user permissions to manage access to secure data,
a report from Forrester says this strategy is no longer adequate for today’s more connected ecosystems. Instead, Forrester suggests IT leaders consider adopting Zero Trust networks. This requires IT teams to implement a series of Zero Trust security measures such as “redesigning networks into secure microperimeters or enclaves, increasing data security through obfuscation techniques, limiting the risks associated with excessive user privileges, and dramatically improving security detection and response through analytics and automation,” according to Forrester. The firm also suggests organizations start taking steps to encrypt all sensitive data.[7]
  • Team up with partners Many organizations are finding that the only way to free up IT resources for digital innovation and ensure their infrastructure is secure is by augmenting their team. Service providers that have deep expertise in data security, healthcare compliance, and cloud computing can help alleviate a lot of the daily maintenance, security, and compliance responsibilities that typically burden IT teams. This enables healthcare organizations to get back to their core competencies and refocus their efforts on what they do best—finding new ways to keep their customers happy and engaged. Leveraging the expertise of trusted partners is a strategic move any non-tech company should consider when taking on any digital innovation initiative.

The time is now

As healthcare organizations look at what’s happening in the market, it is hard to ignore the call for digital innovation. Consumers are asking for it, and the industry is already feeling the pressure from external forces and industry disruptors. In order to remain competitive, today’s healthcare organizations need to ask themselves: Are they willing to develop the type of digital experience their patients want, and are they equipped with the technologies and expertise necessary to enable them?

While digital innovation often introduces a whole new set of business risks, the reality is that the biggest threat to healthcare organizations is not responding to the changes happening around them. Companies like Blockbuster and Sears learned the hard way what can happen when you fail to innovate your business model.

Instead of being afraid of digital innovation, healthcare organizations need to be informed, prepared, and strategic. Digital transformation is coming, and healthcare IT leaders have a prime opportunity to help their organizations be a part of it. With the right resources, partners, and strategies in place, IT leaders can refocus their efforts on innovation and play a key role in the long-term success of their organizations.



[1] Hall, D. “Five Disruptors Healthcare Executives Must Watch,” Managed Healthcare Executive, 1 Oct 2018.

[2] Davis, J. The 10 Biggest Healthcare Data Breaches of 2019, So Far,” Health IT Security, 23 July 2019

[3] Yao, M. “Your Electronic Medical Records Could Be Worth $1000 To Hackers,” Forbes, 14 April 2017.

[4] Primeau, D. “The Amazon Effect on Healthcare,” 24 Jan 2019.

[5] Bennett, J. “Be Afraid: Healthcare Feels The Amazon Effect,” Forbes, 30 Jan 2018.

[6] “Digital Health: Disruptor Analysis, Country Readiness & Technology Forecasts 2018-2023,” Juniper Research, 14 Jan 2019.

[7] McCarthy, K. and Little, C. Healthcare Must Embrace Digital to Win in Consumer Engagement, 10 November 2016.

Help us serve you better.

Tell us about yourself to access content curated for your role and needs.