Wei-Li Shao, President of Omada Health.
Back in January, I took to LinkedIn to highlight a now-famous example of technical debt: Over the holidays, record-breaking storms posed a host of logistical challenges for the airline industry. No company was harder hit than Southwest Airlines, which ended up canceling 16,000 flights and amassing losses totaling $825 million. The holiday season losses were roughly equal to Southwest’s earnings over the first nine months of last year.
But did a storm actually cause Southwest’s mass flight cancellation? The short answer is yes—a storm of mounting technical debt.
Defining Technical Debt
Technical debt is similar to financial debt in that, sooner or later, you end up paying for the past. Put simply, companies accrue technical debt when they rely on outdated systems to manage their business operations. In the end, Southwest’s customers and investors suffered because the airline didn’t invest in incremental innovation to their operations. Instead, the company had crews fall back on manual processes when systems failed, inevitably pushing them off a costly cliff.
Engaging with a variety of business leaders on the subject helped me realize that technical debt is an issue across a variety of industries, including my area of expertise: healthcare. And I believe the topic of healthcare technical debt deserves much more attention.
How Technical Debt Impacts Healthcare
For an infinite number of reasons, the healthcare industry is riddled with outdated systems. The 2021 HIMSS survey found that a staggering 73% of healthcare providers use medical equipment that is controlled by outdated legacy operating systems, while 20% still run Windows XP, which hasn’t been supported by Microsoft since 2014.
Outdated medical equipment and unsupported operating systems exacerbate healthcare’s most pressing issues. For example, in Pennsylvania, antiquated software systems are causing long delays in approving licenses for young doctors and nurses. It’s led to many medical professionals leaving the state, contributing to a troubling health staffing shortage there.
Healthcare organizations using legacy OS are also vulnerable to cyber risks, as reported by Kaspersky Labe, with only 34% claiming the use of up-to-date hardware and software security protections for their sensitive data. In that same Kaspersky survey, half of healthcare workers agree that their organization has already experienced data leaks, DDoS or ransomware attacks. An example of this is the 2017 WannaCry ransomware attack, which affected several organizations worldwide, including the U.K.’s National Health Service (NHS). At that time, many NHS systems were still using the outdated Windows XP operating system, which made them vulnerable to the attack. The incident highlighted the importance of updating and maintaining security measures in healthcare systems.
These types of data breaches cost healthcare organizations $10.1 million on average, with half leading to crucial disruptions in care delivery. Nearly 10% result in operational disruptions of more than two weeks. There’s even evidence that more than 15% of stolen PHI from ransomware attacks is made public, often by posting it to dark web forums to be sold.
The fact is, there’s no simple answer to solving technical debt in any industry. Large-scale tech updates are especially complex, as exhibited by the Department of Veteran Affairs’ tough rollout of a new electronic health record system, which involved unforeseen issues that directly impacted veterans. However, in healthcare, there are actions we can take today to lessen tech debt’s impact on patients, providers and ultimately the employers who are paying for it.
Assessing Technical Debt In Healthcare Partnerships
I’ve spoken before about how employers and benefits leaders are shaping the future of healthcare. In the same vein, leaders can start by asking the right questions to assess potential healthcare partners’ level of technical debt. Here are some questions you may want to ask your own potential partners:
• Does your organization rely on out-of-date operating systems or other unsupported software?
• How is sensitive and valuable health data being collected and protected?
• Have your technology operations and security been independently verified by a third-party auditor?
• Has your organization suffered any significant data breaches or loss in functionality due to out-of-date technology?
• How does your organization approach interoperability?
• What companies are you partnering with for care innovation, or is it all in-house?
• For digital solutions, does your company provide telehealth or virtual care?
Asking these questions can help clarify the reliability of your end-users’ (i.e., employees) experience, from file-sharing and appointment systems to medical record access and integrated care team support. If the answers to these questions indicate your existing providers have significant issues or technical debt, you have two options: 1) Push your providers to make meaningful changes, and insert requirements at renewal; or 2) shift your business to more innovative partners that are better positioned to serve your future needs.
How Virtual Care Is Affecting Tech Debt
Healthcare is in the midst of a paradigm shift. Companies spent nearly $53 billion globally on wellness tools and programs in 2022 and are expected to increase, according to Grand View Research. Experts believe 1.4 billion people globally will be using digital health tools to manage health behavior by 2025, and investors believe in the future of virtual care to the tune of $29 billion. Does this explosive growth in health technology provide a solution, or merely work as a Band-Aid that can perpetuate tech debt? The answer is: It depends.
Done right, virtual care models should strategically combine the best aspects of in-person care with the latest digital health technologies, ultimately minimizing the risks of tech debt. You can use the same questions mentioned above for assessing virtual health partnerships, but with one vital addition: “Is your virtual health offering covered by HIPAA?” If they are a HIPAA-covered entity, you can rest assured your employees’ information will be treated exactly like the data of a patient held by a doctor or hospital, i.e., their health information is never sold to third parties. In contrast, a number of direct-to-consumer health apps were recently found to be sending sensitive health information to social media platforms.
Staying vigilant about tech debt, especially when it comes to data security, should be on everyone’s radar as we navigate the swiftly evolving healthcare landscape. While there are surely hurdles on this path forward, I believe virtual care is the future of a more secure, private, cost-efficient and reliable healthcare ecosystem.
Forbes Business Council is the foremost growth and networking organization for business owners and leaders. Do I qualify?
Read the full article here