Why healthcare organizations need to invest in application rationalization

There’s no doubt that COVID-19 strained the very fabric of our society, pushing the limits of everything from economies to governments to the brink of collapse. But with its wiles, the pandemic also accelerated the digital transformation of life at breakneck speed. And one of the brightest focal points of that transformation has been healthcare. The pandemic has single-handedly forced the adoption of digital technology within health systems at a scale that makes prior endeavors seem like mere tinkering.

According to data from Allied Market Research, the value of the US healthcare IT market was estimated to be $96 billion in 2020. But thanks to pandemic-generated pressures, the firm expects the market to jump more than 350% over the remainder of the decade, reaching $344 billion by 2030. However, according to experts, this level of spending could put more strain on a system that’s already digging under couch cushions to find IT funding.

The struggle between funding and IT innovation

“While healthcare organizations struggle to control ever-increasing costs, technology is advancing more rapidly than ever before,” said Tabitha Lieberman, President, EHR and Healthcare Applications at Brightwork Health IT. “Because of this, IT leaders are under pressure to advance innovation without breaking the bank in the process. And that has created IT environments in some health systems that are full of patchwork and legacy systems held together, metaphorically speaking, with baling wire and duct tape.”

Brightwork Health IT is a specialized consultancy that helps healthcare organizations tackle large IT implementations, digital transformation initiatives, and the management of technical resources. And according to the Healthcare Information and Management Systems Society’s 2021 Most Influential Women in Health IT award recipient, application rationalization is a great way for healthcare IT leaders to clear the clutter and make the most of their IT budgets.

Application rationalization is what the doctor ordered

“There is no avoiding it; hospitals and health systems have to invest heavily in IT infrastructure, technical talent and cybersecurity to keep their organizations running smoothly,” added Lieberman. “But the pandemic upped the ante by accelerating the adoption of things like virtual care, digital transformation and patient-driven healthcare ecosystems. This has made application rationalization essential because most healthcare IT budgets just aren’t big enough to rebuild what’s already there completely.

The easiest way to define application rationalization is that it is the process of diving into an organization’s technology inventory to determine which applications should be retained, upgraded, retired, or reengineered. And this reorganization is key to increasing efficiencies and reducing the cost of IT ownership.

“After the analysis of IT inventory, the next step is to retire outdated, low-value applications and then modernize the legacy tools that are considered high-value,” added Lieberman. “You should also eliminate redundant applications. And cleaning up IT clutter by standardizing platforms and versions, and consolidating applications into a single IT repository is also extremely important.”

Too much tech leads to bloat

Although it seems easy enough, in theory, application rationalization can be a daunting task for any organization. A 2022 Mulesoft report found that, on average, organizations now use 976 individual applications, compared to 843 a year ago. But this is a drop in the bucket compared to the volume of technologies utilized by healthcare organizations. When you factor in IoT-enabled medical devices, platforms like EHRs, CRMs, instrumentation and more, a health system’s technology inventory can easily exceed tens of thousands of applications.

In addition to a high cost of ownership and inefficiency, this amount of technical bloat can also open healthcare organizations to vulnerabilities.

“Technical bloat isn't only a drain on resources; it also opens healthcare organizations up to serious security risks,” said Lieberman. “Complexity and security are conversely related. As one grows the other diminishes. Therefore, ongoing application rationalization should also be considered a cybersecurity measure.”

A growing concern for healthcare organizations

A recent survey by Sophos found that ransomware attacks on healthcare organizations increased 94% from 2021 to 2022. This is extremely concerning when you consider that two-thirds of healthcare organizations in the US experienced a ransomware attack in 2021. And the problem isn’t because of a few bored teenagers testing their hacking skills; the threat comes from government-sponsored black hats. In early July, CISA put out an alert that North Korean state-sponsored actors are targeting healthcare organizations with a strain of ransomware known as Maui.

Two big reasons why healthcare organizations are so vulnerable to attack are a lack of dedicated resources and far too many things to target. According to reporting by Healthcare Finance News, only around 7% of the average healthcare provider's IT budget is focused on cybersecurity. And as mentioned previously, the other issue is the sheer volume of technologies IT departments must contend with. Old, unchecked systems are easier to exploit.

In 2019, a ransomware attack rendered the systems of three DCH Health System hospitals in Alabama useless. A lawsuit alleges that the attack resulted in the death of an infant at one hospital. According to a 2019 American Medical Association-Accenture Medical Cybersecurity Survey, 36% of health institutions were unable to provide care for at least five hours as a result of cyberattacks. The cause of the vulnerability at DCH was unknown because the health system has thousands of computer devices in its network.

When application rationalization is needed

If you’re wondering if application rationalization is needed in your organization, Lieberman has this advice.

“A good indication of how badly your organization needs application rationalization is the percentage of IT department resources that are going into maintaining its current portfolio and environment versus how much is available for investment in new technologies,” she said. “If all your available resources are going into the technologies you currently have, it’s time to do an application rationalization. And even if things are more balanced, it’s good practice to do a periodic analysis.”