The five minute CIO: John Hayes

24 May 2013

John Hayes, head of IT at Blackrock Clinic in Dublin

Blackrock Clinic’s head of IT John Hayes talks about getting the hospital’s infrastructure to a healthy state, and why it sometimes makes sense to invest in technology without a business case to improve the organisation’s ability to compete for clients.

Can you outline Blackrock Clinic’s IT, in broad strokes?

We have roughly 650 users on site and that’s between clinical and non-clinical staff. We have roughly 300 thin clients, approximately 20-30 workstations or laptops, and then we also have a large community of GPs and consultants that we provide IT services to – that would be in the hundreds. They use their own devices but we give them a website with patient test results and images. They are in essence our customers because they’re the ones who refer the patients to us, and we are looking at improving our links between them.

What does your role involve: is it hands-on or do you take a more strategic view of IT?

It’s a combination of both. There are seven of us in the IT department and everyone does have their own area of responsibility but you’re expected to get stuck in, say if there’s a paper jam in a printer. There’s no strict demarcation; you can’t say, ‘that’s not my job’. Then I also deal with IT strategy, projects, and project management.

How much time is given over to each and will that change?

Not enough! [Laughs]. It would be about 30/70 hands-on to strategic. Do I see that changing over time? No, I don’t actually. I’d say it will stay because the team size isn’t going to change and our work is increasing [laughs]. But I don’t see that as a bad thing.

How can IT deliver real value in a hospital context?

We can definitely add value, but you need to be careful about what investments you make.

Electronic patient record has been one of our strategic tracks – to get paperless. I don’t think we’ll ever get there but we are working a long way towards that. It’s not like going out and buying Microsoft Word. You need to know what you’re trying to achieve with it. There’s a huge amount of process and culture change if you’re going to go down that road.

We would see IT as adding a lot of value and [also] saving a lot of money for us. The hospital almost has to invest in technology for technology’s sake. For example, in radiology before now, we printed out films and patients had to bring them back for their next visits. There wasn’t a business case to put in a radiology system but to be more of a leading-edge hospital and offer better service to patients – competing for business with other hospitals.

The likes of an electronic patient record is going to be hugely expensive and I’m not sure it will save a huge amount of money but it will allow us to do a lot more, provide better service, and attract doctors. A lot of the consultants operate in more than one hospital.

Offering the consultant more of what he wants – being able to treat his patient quickly and easily, and if he can be helped with clinical decision-making – all helps us to attract more consultants to us. We are a business: we’re a private hospital, and by attracting consultants, that’s how we make money.

On that point, the clinic recently announced healthy profits, so will that have a positive effect on your IT budget?

We don’t have an IT budget per se; it is on a case-by-case basis. There is an IT strategy and we have a couple of IT strategic tracks, so any projects have to fit into those before they’re even accepted. But we would then look at the process here – it’s not a case of us getting, say, €10m every year. For example, if we have to invest a million now and save €4m over the next few years, then it’s a no-brainer.

What has been the hardest challenge since you started in your role?

I’ve been here for nine years and some of the challenges are from the business side: to get them to think of projects on their own rather than IT, and that we are part of the project team, we’re not there to lead the project. That would be a challenge.

With the consumerisation of IT – I hate the cliché – everybody has an iPad or iPhone … Let’s say the hospital might want a new system for endoscopy – but it won’t be touchscreen, it’s difficult to integrate into the lab system. And I’m thinking: how can you balance that against being able to buy an app from an app store and the user knowing how to use it?

People’s expectations of what IT can do are changing, and their expectations are getting harder and more demanding – that’s no bad thing but it does make things more difficult.

Do you think that day is coming where mobile devices will be more pervasive at the clinic?

Absolutely, I think in five years’ time the hospital will be a completely different place. I can see huge advantages to offering a lot of those services out to the consultants and clinical and admin staff.

One of our aims is to make everything context-sensitive. So, if I’m a consultant and I’m in theatre, or on the ward, the system shows me a different set of information.

You recently upgraded to Palo Alto firewalls – can you tell me about why you did that, and what were the outcomes?

It was trying to give us more visibility on what people were doing in the hospital. It’s always a balance between having everything very secure and allowing people to do their jobs. The old firewalls weren’t as granular as the new ones. We can now do URL filtering, and see specific traffic going out through the firewall.

We have two firewalls on auto failover between the two, just to give us a backup. It allows us this redundancy.

And presumably that’s tied in to your security policy?

Yes. We block access to Gmail and Hotmail but a lot of places use Gmail as their mail server. We were able to allow one consultant specific access to the UCD mail servers. So, you can have a blanket ban but you can allow specific instances where they’re appropriate. Now it’s more roles and rights-based. It give us much more control about what we allow in and out.

How important a consideration is IT security?

Security is obviously of critical importance and every project we look at has a specific security element to it. A primary example would be replacing a laboratory system – we think of security in evaluating solutions and how it’s implemented, as well, because we provide access to other hospitals, and GPs [also] need access. Security sits across a lot of what we do, and we have a person dedicated to security in our IT team.

It’s really important for the hospital that we protect the information we have – primarily to protect the patient and also for our own data protection compliance. If we’re shoddy with patient information, no matter how good we are as a hospital, people are going to think twice before coming to us.

What IT projects are you planning for the future?

We’re replacing our backend servers, two SANs, our database console: we’re putting in Microsoft System Center [IT management tool], and updating our backup and recovery. It covers everything – it’s a huge, broad sweep in IT that will allow us to change what we do, and we’ll spend less time firefighting and more time suggesting things the hospital can implement.

Once that’s finished, how close will you be to your ideal state, from an IT standpoint?  

By the end of the year we should be in a really good position to do a lot more for the hospital and we will have an ideal infrastructure in place to do that. We certainly will have laid the foundations for doing a lot more.

We’ve been working towards this for a while. We’ve been putting in a medical-grade network, wireless access everywhere in the hospital, there will be barcoding in a lot of what we do, such as patient labels and wristbands. All this has been done keeping in mind the strategic tracks we’ve been working towards.

When the time comes [for a new initiative], we’ll be able to say ‘yes’ because we’ll already have done this and this.

It is a great area to work in. We’re building a new hybrid theatre at the moment and when you see the imaging technology and what can be done for interventional surgery, the fact that in real-time you can track what’s being put into people, to be part of facilitating that is just fabulous.

It sounds a bit contrived but up until I worked here I worked in financial services, and here you feel like you’re making a difference. It helps you focus on what you’re actually trying to do. A lot of times you can sit in a server room and you can forget there are patients being treated.

Gordon Smith was a contributor to Silicon Republic