In conjunction with CIO magazine, Stout surveyed healthcare industry IT leaders to learn more about the numerous challenges they face in their industry. One of our key findings was that the most important digital initiative for the current year is modernizing the IT infrastructure (Figure 1). The initiative is a challenging one given the complexity of a Healthcare Information System (HIS) (Figure 2), competing priorities, and the cost associated with such a large-scale digital transformation project. Here we’ll explain these risks of not modernizing.

Figure 1: Data-driven digital initiatives for healthcare companies for the current year
In terms of background, the HIS collects, manages, and uses large amounts of data from various sources to deliver a single, integrated solution for each functional department in the healthcare domain. For example:

Figure 2: High-level architecture of a Hospital Information System (HIS)
- The administration system data is collected at the data warehouse.
- The ERP system contains information including management data, financial information, (FI) and supply chain management (SCM) data.
- The data created in the administration system and the Enterprise Resource Planning (ERP) software is analyzed by various decision-making systems.
- The Picture Archiving and Communication System (PACS) is used to store and transmit medical images, such as radiology images.
Risks with Not Modernizing a HIS
Several problems can arise when existing legacy IT components and services are not modernized:
- Problematic system integration: The integration of all systems can lead to inconsistencies because different systems use different programming languages, architectural standards, or communication protocols. Often, this highly heterogeneous integrated system arises because of M&A activity, replacement of individual IT components (e.g., the EHR system) without properly upgrading all the impacted IT systems or having outdated IT services (whether homegrown or not) without proper documentation or developer support.
- High maintenance costs: There are associated vendor maintenance, labour, and operational costs for keeping legacy systems running properly. In addition, in many instances, IT teams have to spend up to 60% of their time managing outdated legacy systems. (Logicalis Global CIO Survey 2018-2019, 2019)
- Cybersecurity risks: Old legacy hardware may not be compatible with newer versions of the operating systems (e.g., Windows 10), where important security patches and upgrades have taken place. In many cases, the operating systems used by either HIS IT components or medical devices (e.g., radiology systems, ultrasounds, etc.) are not supported by the software vendor anymore. As a result, there is a gap in security, providing hackers the opportunity to gain access to sensitive patient data or shut down essential hospital services. These are major risks with not modernizing. If you will consider the risk management of vendors, you can identify more risks.
- Regulatory compliance penalties: Regulations regarding patient data are constantly evolving and becoming more rigorous to meet compliance. Data breaches or ransomware attacks can translate into millions of dollars in penalties.
- Hardware failure financial risks: Old hardware is prone to failure. When failure takes place, it is challenging to take the outdated IT systems offline for maintenance or replacement because essential operations (such as patient care) of the healthcare organization will be affected.
- Loss of future revenue: Legacy systems are not flexible enough to support new services and customer demand. Innovation and competitiveness are not easily accomplished in an outdated IT environment, and this affects the profitability of the company.
- Lack of efficiency: Trying to automate manual, repetitive tasks, and services in outdated IT systems is extremely challenging. Consequently, IT staff is required to manually complete tasks that can take a significant time.
Not only will these risks be mitigated by updating the HIS, but additional benefits include improved analytical tools that can result in new insights that drive business decisions around quality of care and patient outmigration. It’s important to understand the risks of not modernizing.
Modernization Approaches
There is a range of modernization methods that can be applied to the IT legacy systems depending on timeline, effort, and budgetary constraints. Below are some common approaches that can be used:
- Reuse of legacy components/APIs: This is a method borrowed from object-oriented architectures, where existing data and functions are wrapped (“encapsulated”) by modern code and are available via modern application programming interfaces (APIs).
- Migrate to cloud: The cloud offers flexibility and scalability in terms of resources that are leveraged to match user demand. It also results in lower operating costs.
- Rearchitect existing IT services: After migrating to the cloud, the existing software applications can be rearchitected by applying modern principles of advanced service-oriented architectures, such as microservices, where different functionalities are isolated from each other and making software upgrades more flexible and agile.
- Rewrite software: This method is usually the most time-consuming. Old and unmaintainable legacy business logic will be rewritten, and the code will be customized for current IT needs.

Figure 3: Modernization IT approaches
Executive Buy-In
There are eight guiding principles that CIOs can follow to gain executive buy-in and support for an IT budget that will be allocated to IT modernization initiatives:
- Identify business problems caused by outdated IT systems
- Create dashboards that report all relevant metrics to quantify the identified business challenges (e.g., revenue loss, risk of non-compliance, high costs, etc.)
- Educate executives by using dashboards to translate IT issues to business impact
- Create an executive IT strategy committee that decides prioritization of open problems and budget
- Gather requirements and assess if IT issues can be handled internally or not
- If applicable, engage with third-party vendors and identify (for example, via RFP) the best fit
- Have chosen vendors to build robust prototypes to understand the impact of the new solutions
- Quantify business improvements based on the prototyping phase and prioritize which IT initiatives should be developed and deployed
Information systems in the healthcare industry still rely on legacy hardware, software, and overall architecture. These outdated systems provide various challenges for healthcare CIOs due to their high operating and maintenance costs, security and compliance risks, and the lack of organizational agility needed to provide additional revenue. According to our recent survey, healthcare IT leaders recognize the need for technology modernization and digital transformation, but budgetary constraints may impede the implementation of all necessary changes.
Final Thoughts
However, with the help of a thorough assessment of all existing IT systems, the major inefficiencies and pain points can be captured. After identifying and prioritizing the main areas where modernization needs to take place, different methodologies (whether cloud migration or rewriting software) can be tested via several prototypes. These prototypes will be able to quantify the amount of efficiency, scalability, and cost-effectiveness that are introduced in the new and transformed IT components and services. The existing IT budget can now be allocated accurately to the areas to be modernized that will generate the highest ROI. This will help with the risks of not modernizing.
Related Professionals: Fotis Konstantinidis
Related Experiences:
https://www.stout.com/en/experience/evaluated-predictive-models-forecasting-health-insurance-case-reserves
https://www.stout.com/en/experience/provided-insights-lost-revenue-due-healthcare-patient-leakage
Related Insights:
https://www.stout.com/en/insights/article/new-it-remedies-healthcare-organizations
https://www.stout.com/en/insights/article/how-advanced-analytics-helps-prevent-patient-leakage-healthcare
https://www.stout.com/en/insights/article/digital-trends-cio-amid-covid-19-pandemic
https://www.stout.com/en/insights/video/stouts-artificial-intelligence-data-transformation





