Planning Is Key to a Successful Healthcare M&A
One of the common challenges healthcare IT leaders face when approaching a merger or acquisition is a lack of planning before the deal is completed. In most cases, a budget may be set aside for IT integration prior to the deal being made, but no deep discussion is held to discuss how the integration will take place.
IT leaders should hit the ground running as soon as the merger or acquisition is known. There are regulatory processes for these deals, but planning needs to start early for a smooth and successful integration.
How to Approach Healthcare IT Integration
Healthcare IT leaders should know which IT system the other organization uses and consider whether the two organizations’ IT systems are compatible. If not, usually the larger organization wins out and its basic IT systems are the ones used across both organizations. However, electronic health records, supply chain management systems and pharmacy systems also need to be considered. It’s unlikely that both organizations will use the same systems across the board. The EHR is the most important and should be handled first.
Next, healthcare organizations should consider the infrastructure supporting these systems. IT leaders need to figure out whether the new organization works in the cloud or not, what cloud company it uses and general infrastructure requirements, as well as what service company handles offsite storage. It’s also important to consider how much downtime will be needed for the integration.
Usually, the organization that has more robust, enforceable policies and mature IT systems is the one driving the integration conversation, though there may be collaboration between the two entities. Typically, the technology, software and policies that are most established and have better adoption are the ones that will have better success at integration. This is especially true in healthcare, which is an evidence-based field. IT leaders from both organizations should discuss how and why their policies and procedures have been successful.
In some cases, not all systems will be integrated. However, it can make it difficult to get synergies of scale when software and policy integrations don’t happen across a system. Cost also comes into play. It may be expensive to implement Epic across the board when the new organization is already using Cerner, but using both programs comes with its own challenges.
How to Handle a Healthcare M&A Securely
It’s important to align all security controls to an established framework, such as ISO/IEC 27001 or those from the Center for Internet Security, the National Institute of Standards and Technology, the IASME Consortium or the Committee of Sponsoring Organizations of the Treadway Commission. The alignment should help the organization to:
- Identify and quantify risk
- Identity gaps or overlapping controls
- Establish business priority
- Include the results into the business’ overall IT security strategy
Healthcare organizations should establish a governance process where change sponsors and key personnel are involved to establish integration priorities and a disaster recovery strategy, allowing for complete visibility into all change management functions — particularly in the testing, training, conflict resolution, scheduling, communication and final approval stages.
Every change task should have a workable back-out plan to restore the system to the prior state in the event something goes wrong with the implementation. Healthcare IT leaders should let all affected parties know how the change went, whether good or bad.
While emergency changes may be allowed to occur outside of an established change management advisory board, the change must be reviewed and approved at the next opportunity. IT leaders must remember to ask if the personnel performing the integration are trained and qualified and ensure affected end users are properly trained on how to use the technology once the change becomes effective.