Winning With IoT: It’s Time to Experiment

We live in an increasingly connected world, and organizations are just beginning to understand connectivity opportunities and the associated rules of play. One emerging technology at the heart of connectivity advancement is the Internet of Things (IoT), which enables objects—from industrial machines to wearable devices—to be smart and connected. It’s not surprising that executives are determined to understand IoT: by 2020, there will be 25 billion connected devices in the world, and more than half of all new business processes and systems will incorporate some element of the phenomenon.[foot]Jim Tully, “Mass Adoption of the Internet of Things Will Create New Opportunities and Challenges for Enterprises,” Gartner, February 27, 2015.[/foot]

The hype on IoT is at its peak; the reality is that most companies today are still in learning mode. In a recent MIT CISR survey of executives from companies with IoT efforts underway, only about a third of the projects had been deployed.[foot]Results reported in this briefing from a 2016 MIT CISR IoT survey of leaders, managers, or sponsors of projects involving IoT (N=189) and from ten executive interviews representing IoT efforts from nine unique industries.[/foot] In this briefing, we will describe what companies are learning. 

Building IoT Readiness for Execution 

Our research indicates that a company must resolve four core concerns— security, integration, data ownership, and appropriate data use—before deploying an IoT project.[foot]Concern resolution scores were significantly correlated with project maturity at the .01 level (N=183).[/foot] The sufficiency with which launched IoT efforts are addressing the concerns is best described as “acceptable for now.” 

• Security: the ability to protect networks and data from unwelcome access. Mainstream IoT security solutions are nascent at best, leaving firms vulnerable when IoT networks are opened up to the Internet. To combat this, many firms establish secure IoT networks by blocking sensor access to the open Internet or deploying heavy firewalls. 
• Integration: the ability to combine unstandardized data and devices across networks and platforms. For most firms, integration is achieved by creating middleware layers that reconcile proprietary software and hardware formats and connect IoT data with enterprise platforms. 
• Data ownership: the ability to assign accountability for data stewardship and permission for data monetization. Most IoT efforts exist within an ecosystem of partners, each of which has unique access to and interest in IoT data. These ecosystems must clarify data rights and duties and ensure that boundaries are maintained. 
• Appropriate data use: the ability to define and enforce how the company will legally and ethically capture, manage, use, and dispose of IoT data. New opportunities for learning about and interacting with customers, employees, and other stakeholders create gray areas regarding data. Companies must extend current governance practices to address emergent data issues. 

Three Types of Relationships Help Companies Resolve Concerns 

How do companies resolve these core concerns? First, they work with technology vendors— such as network providers, device manufacturers, software vendors, and data aggregators—to create secure platforms that support interoperability and standards to achieve integration. Second, they leverage innovation partners—academia, startups, and consultants—to experiment with new or leading-edge technologies and approaches. Third, they draw upon internal collaboration across a minimum of four business areas: IT, data/analytics, legal/compliance/risk, and one other organizational area. Our research indicates that the fourth area is most often engineering, product, or R&D. 

IoT at Trinity Health 

Trinity Health is national, not-for-profit Catholic health system employing 97,000 full-time employees that operates ninety-three hospitals in twenty-two US states and one hundred twenty continuing care programs or facilities including home care, hospice, community care, and senior living facilities. Based in Livonia, MI, with annual operating revenues of $16.2 billion and assets of $23.4 billion, the company returns almost $1 billion to its communities annually in the form of charity care and other community benefit programs. Committed to leading the nation in building a people-centered health system, in recent years Trinity Health has tightened its focus on better health, better care, and lower costs. Innovation is considered critical to Trinity Health’s success. 

Trinity Health began exploring the Internet of Things as an important technology about ten years ago. Since then, it has invested in implementing pilots centered on a number of IoT-based point solutions. These have included IP-enabled medical devices and patient wearables and, more recently, self-regulating refrigerators and home monitoring tools. The trials are helping Trinity Health learn about IoT execution requirements and understand how more pervasive collection of and access to patient health data can lead to new ways of working. Point solutions serve as strategic experiments whereby Trinity Health identifies and refines sensor placement; creates middleware to connect technologies and data; develops vendor relationships with device providers, data aggregators, and infrastructure suppliers; and builds associations with promising start-up firms. Often, IT initiates a point solution to inspire colleagues to reimagine current work processes. IT partners with key internal areas to increase the likelihood that new ideas will be accepted by and integrated into the organization. Informatics represents a particularly good partner because its staff is clinically and technically savvy, making it good at highlighting where point solutions could be productive. 

In 2012, St. Joseph Mercy Oakland Hospital, one of Trinity Health’s member hospitals, planned a facilities upgrade. Trinity Health recognized the initiative as an opportunity and began a pilot—the Intelligent Care System (ICS)[foot]Trinity Health’s Intelligent Care System (ICS) is an integrated suite of healthcare technologies.[/foot]—to deliver an innovative patient health experience from assembled point solutions. Trinity Health furnished thirty hospital rooms with key sensor-embedded equipment. The pilot team described a vision for how integrated technologies would help the health system improve four outcomes: safety, clinical, satisfaction (of patients, doctors, and staff), and efficiency. Then leaders selected eight technologies that they believed would best support this vision.[foot]“St. Joseph Mercy Oakland (SJMO) Intelligent Care,” St. Joseph Mercy Oakland Hospital SJMO, video that describes the eight ICS technologies piloted at the hospital, https://www.youtube.com/ watch?v=n-cQR0iZjwU.[/foot]

The pilot team drew upon lessons from earlier strategic experiments and worked with vendor partners to resolve execution obstacles. Security was a key concern. Rather than pushing for open network architectures, Trinity Health opted for a closed network approach—not just for the component technologies, but for the entire hospital—to significantly reduce cybersecurity concerns (i.e., the risk that devices could be hacked and misused). 

The proprietary nature of the ICS networks, devices, and data formats introduced significant integration challenges. The pilot team constructed a semantic integration and reconciliation layer to bridge the eight technologies. By connecting IoT data with electronic medical records and the company’s enterprise data infrastructure, this layer also helped the project team assemble a holistic view of the patient. The data infrastructure included master data management and data quality management for its core structured and unstructured data and brought with it a growing data science team focused on analytics. 

Additionally, the pilot team established policies and procedures, both to reinforce security and ease integration and to address data ownership and appropriate data use concerns. The team relied heavily on Trinity Health’s vendor management, legal, and contracting capabilities to coordinate within and across external partners. HIPAA and related practices came in handy. For example, Trinity Health mandated that business associate agreements [foot]A BAA is a contract between a HIPAA-covered entity and a HIPAA business associate that protects personal health information (PHI) in accordance with HIPAA guidelines. The agreement requires partners to share risk of data breach and to respect data use restrictions.[/foot] be secured with its IoT partners, from device providers to data aggregators. HIPAA also helped to establish explicitly that patients owned the data that flowed throughout the ICS. 

Pilot leaders began developing specific use cases that leveraged subsets of the eight chosen IoT technologies in order to impact priority levers of patient care. The levers included fall prevention, pressure ulcer reduction, improved alarm management and response, simpler workflows, and better communications. For example, one use case was designed to test the integration of a nurse call system with a real-time location system and smart bed technology; the lever was to reduce fall risk. The pilot team configured the smart bed technology to send an alert to a nurse’s mobile device if a patient starts to get out of bed. When an alert is received, the nurse can respond to the patient, call the patient and ask him or her to remain in bed, or text another caregiver to respond to the patient. There is an electronic display board of on-duty staff real-time locations, and nurse call alerts are automatically cancelled upon the caregiver entering the patient’s room. The resulting 57% reduction in nurse call response time correlated with a 12% improvement in patient satisfaction. 

Once the use case infrastructure was in place, additional use cases were tested. 

We started seeing additional benefits that the technology could bring us as we implemented [the pilots].

Robert Jones, Senior Director of IT, St. Joseph Mercy Oakland Hospital 

For example, the pilot team expected that increased handwashing should reduce infection rates. As real-time location capabilities evolved, hand hygiene technology was introduced to monitor handwashing by care providers as they entered a hospital room. The pilot team calculated handwashing percentages from actual hygiene behavior and correlated them to infection rates of hospital-born infections. The hand hygiene use case was so successful in decreasing infections that it was expanded, with subsequent ICS rollouts. 

Over 14.5 million hand washes have taken place at St. Joseph Mercy Oakland Hospital since May 2013, representing increased adherence within medical-surgical and critical care patient care areas. This adherence has led to a 29.7% reduction in C. difficile infections and 24.5% reduction in MRSA infections. 

In 2013, Trinity Health’s ICS effort expanded from the pilot of 30 beds to the remainder of the 90-bed wing. Then in 2014 the effort extended into a new eight-floor, 204-bed tower. Throughout the expansion, Trinity Health found it key to have the right leadership on board and heavily involved. 

[At St. Joseph Mercy Oakland Hospital,] the senior director of IT and the chief medical information officer were tied at the hip. It wouldn't have been successful without either one of them.

Marcus Shipley, Senior Vice President and Chief Information Officer, Trinity Health 

Trinity Health considers IoT a business priority that it will evolve and grow. In some respects, IoT will get easier as developments in industry standards resolve key connectivity issues. For example, the Fast Healthcare Interoperability Resources (FHIR) standard, drafted in 2014 in part to create a consistent application programming interface (API) for exchanging electronic health records, should help simplify current integration strategies. 

In other ways, ICS efforts will become more complex as Trinity Health encounters new frontiers of how data can be used and reused. For example, Trinity Health hospital rooms may one day become integrated with home monitoring solutions that oversee patients as they recover from their hospital stays. If a patient does not comply with the prescribed rehabilitation program, should the patient be penalized by his or her insurance program or plan? Leadership at Trinity Health foresees increasing internal conversations that explore such questions—and that it will involve patients and consumers in the conversations. 

Are You Ready for IoT? 

IoT readiness represents a company’s technical and organizational ability to create insights from actual, real-time, contextual behavior and to act automatically, in real time and in context. If IoT readiness might advance your company’s business pursuits, then start experimenting. Strategic experiments will teach your company how to resolve the four core concerns of integration, security, data ownership, and appropriate data use by means of internal and external relationships. These experiments will also teach you how your company will need to change—a topic for another briefing. 

Figure 1: Four Concerns Companies Must Resolve to Be Ready for IoT