Every industry is touched by ever-changing technology, but healthcare-related industries have additional challenges. Does your organization have a comprehensive strategy for handling all information technology requirements?
If you’re like most, just finding the answer to that question may not be so easy. But avoiding the issue can be costly and even potentially catastrophic. It is highly recommended that each organization develop a plan, measure itself against the plan and regularly review how changes both in regulations and in products mandate the need for plan revisions.
Here are some considerations:
- Identify the soft costs: When you’re considering buying servers and software rather than using a cloud-based solution, it’s critical to identify all of the “soft” costs associated with that particular direction. When you purchase technology equipment, you need to factor in costs for licensing operating software as well as upgrades and storage. But that’s not all. Maintenance and break-fix issues either will tie up your staff, cause you to pay extra to an outside resource, or both. Make sure you factor in the electricity or additional cooling costs associated to running extra equipment. Often, organizations build extra rooms to house their equipment, which means that real estate isn’t used for something else.
- Beware of obsolescence: It seems on the day we buy a piece of equipment or software, an announcement about a newer model comes out the next day. Development cycles have been accelerating. Sometimes, it’s the software that requires new hardware. Sometimes it’s the hardware that requires new software. Two things are consistent. Obsolescence is guaranteed, and it will cost your organization money.
- Remain HIPAA-compliant: Ensuring that your organization is HIPAA-compliant is an ongoing endeavor. When your staff members are storing documents, they can’t just put them up on Google Docs with no regard for content. Where data are stored, how data are accessed, who is able to access those data, encryption in transit and at rest, and what happens when data are deleted are a few topics that need to be considered as a result of careful planning. Treating all content the same may lead to an over-engineered, costly solution.
- Protect your data: Data protection comes in a variety of forms. You want to block hacking attempts before they ever get to your virtual doorstep. Firewalls, virus protection and encryption are a few of the tools that are commonplace in today’s world. They should be monitored, reviewed and updated regularly. “Set it and forget it” is not an advisable approach.
- Know what you own: How many desktops and laptops does your organization own, and what’s on each one? How about cell phones? What’s the process for collecting used equipment when someone leaves the organization? Do you have a way to remotely “wipe clean” a device that’s lost or stolen? Do you then update the number of software licenses you need? What about when someone switches roles? Does he or she still need the same equipment? Does he or she still have the same need to access certain software, or can you reduce the number of licenses? In mid-sized organizations, nobody is expected to have all of the answers to all of these questions at all times. But well-run companies develop a strategy and then stick to it.
- Avoid duplication: While we’re on the subject of knowing what you own, we have found that many organizations have redundant products. A detailed review of your software licenses will highlight those areas. You may be paying for security services with vendor A and a comprehensive suite of services that includes the same services with vendor B. In that case, you would be best served to eliminate vendor A. You might have to beef up the service with vendor B, but when you look at the big picture, you’ll have reduced your costs significantly.
- Train your staff: How many times have you heard “People are our most valuable asset?” Having good people is a must, but you have to train them to make them great. Make sure every person in your organization knows not to click on suspicious links. Just as important, teach them to spot “spoofing” attempts so that they don’t inadvertently provide classified information to an entity with negative intent. We see companies getting into trouble all the time because someone shared the personal information of employees, patients or residents. Put in place the proper safeguards proactively so that never happens to your organization.
- Negotiate like a pro: Anyone who ever has looked at an IT agreement will tell you the same thing: They’re not like any other. Detailed service-level agreements, disclaimers, maintenance schedules and more disclaimers can make anyone’s head spin. Understanding what you really need can be complicated because you often have to rely on the people with a vested interest to sell you more than you need. But you certainly don’t want to take the risk of having less than you need. A few additional considerations can help here:
- Many solutions come in a variety of levels, and they often range in price from inexpensive to very costly.
- IT sales professionals are incentivized to push the costliest services.
- Ask the sales rep to explain the different options in lay terms.
- Pre-negotiate a cap on increases for time of renewal.
- Consider the length of the agreement.
- Benchmark the pricing. You can find out what other vendors are offering.
- Seek outside assistance. Consulting firms have insight into many agreements, not just yours.
- Determine what truly motivates your sales rep. Some IT sales reps are measured on cash generated in a given period, not just sales. Knowing that information and timing the purchase appropriately may give you a negotiating advantage.
- Get what you’re entitled to: This point is particularly important if your organization is a nonprofit entity. Some services offer deep discounts to nonprofits, but you have to know where to look.
Technology can be a wonderful, but as with anything, pitfalls need to be avoided. Create a plan, train your staff, maintain inventory and, lastly, know what to ask for when it comes to shopping for technology. For additional information or assistance regarding any of these steps, feel free to contact Expense Consulting.