A Privacy Officer s Guide to Providing Enterprise De-Identification Services. Phase I
|
|
- Derrick Carson
- 8 years ago
- Views:
Transcription
1 IT Management Advisory A Privacy Officer s Guide to Providing Enterprise De-Identification Services Ki Consulting has helped several large healthcare organizations to establish de-identification services aligned with privacy regulations and industry best practices. A mature de-identification service, as defined by our De-identification Maturity Model 1, will ensure compliance with privacy legislation, lower privacy risk, and enable organizations efficiently to share high-quality data for secondary purposes. It will also include performance measurement, which allows organizations to evaluate the success of the service in terms of increased efficiency, variety, and volume of data sharing, as well as the research and clinical utility of de-identified data. Based on our experience, we have developed an effective approach to building a mature healthcare deidentification service in three distinct phases: De-Identification Business Architecture Design, Software Tool Selection and Service Rollout. The methodology for each phase embodies a tried and tested approach and aligns with industry best practices. Our strategy ensures that clients reap the benefits of more efficient de-identification processes and software systems, and that these will outweigh the initial investment costs. Phase I: De-Identification Business Architecture Design Business architecture defines the goals, scope, roles, and process for de-identification and lays the groundwork for an efficient, economical, and transparent service. Designing or redesigning business architecture involves locating the de-identification service and its purpose within the organization and defining the basic structures of the service, such as business processes, staffing, reporting, and performance measurement. We have devised a streamlined 4-step approach to designing the business architecture for an effective de-identification service suited to an organization s needs, goals and structure: Phase I 1 Determine Organizational Resources and Needs 2 Determine Organizational Maturity Level 3 Redesign Business Processes & Establish a Measurement Plan 4 Determine De- ID Staffing & Set Reporting Structure Step 1: Determine Organizational Resources and Needs 1 Khaled El Emam and Waël Hassan, The De-identification Maturity Model, Privacy Analytics (2013). Available at under The Ki Approach: De-identification Maturity Model.
2 The first step is to determine how a de-identification service can fulfill organizational needs. In order to do this, we recommend carrying out a needs analysis, which must include clinical and research perspectives. It is also important to understand the existing contracts that the organization has with its data sources and what organizational needs they reflect. By analyzing the defined needs and juxtaposing them across metrics related to the management of scope, cost, time and resources, we can confidently move forward with a plan for a de-identification service that makes sense in the organization s particular context. We recommend that the following parameters be determined during this step: How will the service be funded? Is there sufficient stakeholder interest for it to be viable? How will a vendor or vendors be engaged? Where will the service be physically located? Who will have authority and accountability for it? Who will be responsible for carrying out the work? How does the service align with other projects? How does it integrate with other IT projects? Which standards will the service follow? Are there plans for privacy and security oversight? What will the service s developmental lifecycle be? How will the service contribute to the organization's main services? How will it work within other services? How will it fit into the overall business process? Who needs de-identification? What are the needs of each group of users? What is the business context of de-identification? Who will supply de-identification services? Which vendor(s) will be involved? Who will govern the program? What services will be provided? How will these match the needs of specific client groups? How will the data model be structured? How will data relationships be integrated? What are the existing contracts and how do they affect the requirements for a de-identification service? Step 2: Determine Organizational Maturity Level When working with clients to establish a de-identification service, we consider it important to conduct a maturity assessment of the current state of de-identification practices within the organization. This serves several purposes: it provides an objective evaluation of de-identification practices; it establishes a baseline against which to measure future progress; it provides a means of comparing the practices of different units or departments; and it offers guidance for future development. Our assessment involves conducting interviews, analyzing use patterns, dissecting processes, and looking at current practices for managing privacy-related services, etc. The tool which we use for these assessments is the De-identification Maturity Model, which evaluates an organization s key de-identification practices, their implementation, and the technologies used in the de-identification process. The different levels of each of these three dimensions are described below.
3 Key De-identification Practice Dimension P1 Ad-hoc At this level, an organization does not have any defined practices for de-identification. The methods used, if there are any, are not proven to be rigorous or defensible. Within the organization there tends to be a lot of variability in how data is de-identified, as the type and amount of de-identification applied will depend on the analyst who is performing it, and that analyst s experience and skill. P2 Masking Organizations at this level only implement masking techniques. Masking techniques focus exclusively on direct identifiers such as name, phone number, health plan number, and so on. P3 Heuristics At this level organizations have masking techniques in place, and have started to implement heuristic methods (rules-of-thumb) for protecting indirect identifiers. P4 Risk-based Risk-based de-identification involves the use of empirically validated and peer-reviewed measures to determine acceptable re-identification risk and to demonstrate that the actual risk in the data sets is at or below this acceptable risk level. In addition to measurement, there are specific techniques that take into account the context of the de-identification when deciding on an acceptable risk level. P5 Governance At the highest level of maturity, masking and risk-based de-identification are applied as described in Practice Level 4. However, now there is a governance framework in place, as well as practices to implement it. Governance practices include performing audits of data recipients, monitoring changes in regulations, and having a re-identification response process. The Implementation Dimension I1 - The Initial Level
4 At the Initial level the de-identification practices are performed by an analyst with no documented process, no specific training, and no performance measurements in place. I2 The Repeatable Level At the Repeatable level the organization has basic project management practices and structure in place to manage the de-identification service. Also critical at this level is the involvement of the privacy or compliance office in helping to shape de-identification practices. I3 The Defined Level The Defined level of implementation means that the de-identification process is documented and there is training in it in place. I4 The Measured Level The Measured level of implementation pertains to performance measures of the de-identification process being made and used. Measures can be based on tracking of the data sets that are released and of any data sharing agreements. Note: The levels in the Implementation dimension are cumulative in that it is difficult to implement a higher level without having first implemented a lower level. For example, meaningful performance measures will be difficult to collect without having a defined process. The Automation Dimension A1 Home-grown Automation An organization attempts to develop its own scripts and tools to de-identify data sets. A2 Standard Automation An organization adopts tools that have been used more broadly by multiple organizations and have received scrutiny. These may be publicly available (open source) or commercial tools. Based on the results of the assessment we can establish an organization s de-identification maturity level. For example, an organization that has purchased a data masking tool and implemented it, and has documented the data masking process and its justifications thoroughly, would be scored at P2-I3-A2. We then work with clients to develop an attainable target maturity level for each dimension. Step 3: Redesign Business Processes and Establish a Measurement Plan Once the basic structure of the service is established, the next step is to design its function. In this step, we shift our focus from structure to process. The answers to the following questions can be used first to assess current business processes, and then to envision the business processes of the new service: What is the service delivery model who handles client interactions? What are the business process model and business function model? How are services structured? What is the service process? What roles are involved?
5 How is the performance of the service measured and improved? What are the business rules that is, how much access to data do various clients and administrators have? Ki Consulting Once these questions have been used to assess the current state and to envision the future state of deidentification processes, the gaps between the two states provide the basis for a roadmap for development. The second part of this step, in line with the principles of performance management, is to establish a measurement plan in order to measure the value and maturity of the de-identification service. A measurement plan will usually be based on the three dimensions of the De-Identification Maturity Model. Development along each of the dimensions may be conducted simultaneously or staggered, depending on resources. A key aspect of an effective measurement plan is establishing realistic maturity level targets. We must be careful to establish a target level that is attainable within the chosen timeframe. Going directly from a Level P1 to a Level P4 is not a feasible target; however, aiming to upgrade to a Level 2-3 is. After securing Level 3 maturity, the system can be effectively upgraded to Level 4 and onwards. We help our clients to develop an ambitious, yet realistic plan to ensure that target maturity levels are attained. While organizational maturity levels provide a very useful framework for evaluating the development of the service, we recognize the importance of measuring progress against tangible outcomes. The Implementation dimension of the De-identification Maturity Model includes performance measurement: this will include measures of the volume and efficiency of data sharing, and of the utility of de-identified data from research and clinical perspectives. These measures can provide rapid and concrete feedback as to the value of improved de-identification practices and processes. Step 4: Determine De-identification Service Staffing & Set Reporting Structure In order for a de-identification service to have the authority to enforce best practices and engage staff in implementing changes, the service must be positioned at a senior level within the management hierarchy. Successful de-identification management depends on the authority and effectiveness of two key resources: 1. De-identification Practice Specialist: Provides expertise on tools, techniques, and methodology. The De-identification Practice Specialist is responsible for training staff in new practices by developing FAQs, providing a library of de-identification resources, and offering workshops. He or she also oversees risk management practices, develops de-identification templates for different data sharing scenarios, and creates and interprets risk reports for data releases. 2. De-identification Service Manager: The Service Manager is responsible for understanding the dependencies and relationships between different data recipients, data suppliers, and the service. He or she must have a high level understanding of all current projects and their timelines, milestones and targets in order to realize the collective benefit of the service. He or
6 she will also report on the maturity of de-identification methodology as it is implemented throughout the service. A frequent risk to the overall implementation of a de-identification service and the specific staffing component is staff aversion to culture change. The unfaltering support of upper management is critical to the success of the service. It is the role of the De-identification Practice Specialist and Service Manager to facilitate proper training and maintain employee confidence in the service in order to ensure full acceptance and lasting integration into the organization s practices. Phase II: Software Tool Selection Once the business architecture for an effective de-identification service has been designed, deidentification software can be procured that will meet the service s needs and goals. To choose deidentification software and prepare to implement it, we guide our clients through three overlapping steps: 1. Drafting RFP 2. Assembling a Library of De- Identification Materials 3. Selecting De- Identification Software Step 1: Drafting RFP Ki Consulting assists clients in drafting a request for proposals (RFP) in order to secure a vendor for suitable de-identification software. Drawing on the needs analysis conducted during the first phase, we define what software capabilities are crucial for the success of the service. Based on these needs we draft the requirements of the RFP. Step 2: Assembling a Library of De-Identification Materials Concurrent with Step 1, we will develop a repository of de-identification materials such as data mapping templates, workflow diagrams, toolkits, etc. These documents and templates will form a library of reference that will aid in the adoption and effective use of de-identification software. From prior engagements, we have collected a wealth of documents and templates that can be included in a library of de-identification materials.
7 Step 3: Selecting De-identification Software Following the issuance of the RFP, we work with our clients to evaluate the received proposals and select a preferred vendor. The choice of de-identification software should be governed by its capacity to implement mature de-identification practices: not only masking direct identifiers, but also providing risk metrics to guide the effective de-identification of indirect identifiers. Also key is that the software be easy to use and be perceived as useful by staff. We aim to select a tool that will effectively maximize the value of its implementation and provide the best ROI in terms of cost efficiency by increasing the volume and quality of de-identified data available to clients. Phase III: Service Rollout In order to achieve a successful launch of the de-identification service and to develop effective risk management practices, we recommend implementing new de-identification practices first in a relatively simple data provision context before moving on to more complex environments. A recommended phased service rollout would unfold as follows: Wave 1 Wave 2 Wave 3 Wave 4 One database for one client (e.g., one hospital) Multiple databases for the same client Multiple databases for several clients or for a complex client (e.g., an integrated health network) Online implementation Wave 1: One Database for One Client Beginning by implementing new de-identification processes within a single database for a single client allows staff to become familiar with new processes without the added complexity of interdependencies between databases. Until risk measurement is in place, it is difficult to manage the privacy risks created by clients potentially linking data from different databases, and providing a client with access to multiple databases is not recommended. Wave 2: Multiple Databases for Same Client Once an organization has developed the capability to measure data risk, providing multiple databases to a single client offers an opportunity to learn how to manage data interdependencies within the context of an established contract or agreement. Wave 3: Multiple Databases for Several Clients or for a Complex Client Once the organization is proficient in evaluating data risk and handling interdependencies, the next step is to develop the capacity to measure client risk. This involves creating versatile de-identification templates to be applied to data: that is, the data risk levels of different databases are mapped to a risk
8 classification of client types (e.g., hospitals, researchers, health networks) to determine the specific deidentification techniques that will be applied to data prior to release. At this level, clients patterns of data requests are monitored for performance measurement and risk management purposes. Wave 4: Online Implementation This final wave moves beyond applying templates to calculating risk automatically, allowing for data to be released instantaneously. Clients are granted different levels of data access based on a priori assessments of client risk. When a client requests a dataset, data risk is calculated automatically and mapped to the client access level to determine which de-identification techniques will be applied. Deidentification techniques are then automatically applied and the data is released instantaneously. At this stage, strong risk management, performance management and governance practices are required to ensure compliance with privacy laws and regulations. Summary Our de-identification service development methodology follows a tried and tested approach that we have successfully applied to numerous past clients. Based on our experience in the healthcare sector, we have refined an approach to developing a de-identification service in three clearly structured phases: De-identification Business Architecture Design, Software Tool Selection, and Service Rollout. Each of these phases integrates industry best practices with organizational structures and processes, with a specific aim of designing a service best suited to each organization s context, goals, and culture. This contextualized approach, guided by the concept of de-identification maturity, enables organizations to develop a de-identification service that will ensure compliance with privacy legislation and regulations, lower privacy risk, and increase the volume, efficiency, and utility of data sharing.
The De-identification Maturity Model Authors: Khaled El Emam, PhD Waël Hassan, PhD
A PRIVACY ANALYTICS WHITEPAPER The De-identification Maturity Model Authors: Khaled El Emam, PhD Waël Hassan, PhD De-identification Maturity Assessment Privacy Analytics has developed the De-identification
More informationTable of contents. Best practices in open source governance. Managing the selection and proliferation of open source software across your enterprise
Best practices in open source governance Managing the selection and proliferation of open source software across your enterprise Table of contents The importance of open source governance... 2 Executive
More informationU.S. Department of the Treasury. Treasury IT Performance Measures Guide
U.S. Department of the Treasury Treasury IT Performance Measures Guide Office of the Chief Information Officer (OCIO) Enterprise Architecture Program June 2007 Revision History June 13, 2007 (Version 1.1)
More informationWHY DO I NEED A PROGRAM MANAGEMENT OFFICE (AND HOW DO I GET ONE)?
WHY DO I NEED A PROGRAM MANAGEMENT OFFICE (AND HOW DO I GET ONE)? Due to the often complex and risky nature of projects, many organizations experience pressure for consistency in strategy, communication,
More informationFinal. North Carolina Procurement Transformation. Governance Model March 11, 2011
North Carolina Procurement Transformation Governance Model March 11, 2011 Executive Summary Design Approach Process Governance Model Overview Recommended Governance Structure Recommended Governance Processes
More informationThe Fast Track Project Glossary is organized into four sections for ease of use:
The Fast Track Management Glossary provides a handy reference guide to the fast track management model, encompassing the concepts, steps and strategies used to manage successful projects even in the face
More informationA Practical Guide for Creating an Information Management Strategy and Strategic Information Management Roadmap
A Practical Guide for Creating an Information Management Strategy and Strategic Information Management Roadmap Principal Author Sam McCollum, CRM, MBA Director of End User Consulting Parity Research LLC
More informationORACLE S PRIMAVERA FEATURES PORTFOLIO MANAGEMENT. Delivers value through a strategy-first approach to selecting the optimum set of investments
ORACLE S PRIMAVERA FEATURES Delivers value through a strategy-first approach to selecting the optimum set of investments Leverages consistent evaluation metrics, user-friendly forms, one click access to
More informationDITA Adoption Process: Roles, Responsibilities, and Skills
DITA Adoption Process: Roles, Responsibilities, and Skills Contents 2 Contents DITA Adoption Process: Roles, Responsibilities, and Skills... 3 Investigation Phase... 3 Selling Phase...4 Pilot Phase...5
More informationAchieving Business Analysis Excellence
RG Perspective Achieving Business Analysis Excellence Turning Business Analysts into Key Contributors by Building a Center of Excellence Susan Martin March 5, 2013 11 Canal Center Plaza Alexandria, VA
More informationApproaches to Successfully Implementing Statewide ERP
Approaches to Successfully Implementing Statewide ERP August 24, 2015 NASACT Clark Partridge, State of Arizona Michael J. Smarik, State of Arizona Daniel Keene, CGI James Colbert, CGI Agenda Statewide
More informationSEVEN WAYS TO AVOID ERP IMPLEMENTATION FAILURE SPECIAL REPORT SERIES ERP IN 2014 AND BEYOND
SEVEN WAYS TO AVOID ERP IMPLEMENTATION FAILURE SPECIAL REPORT SERIES ERP IN 2014 AND BEYOND CONTENTS INTRODUCTION................................ 3 UNDERSTAND YOUR CURRENT SITUATION............ 4 DRAW
More informationVisual Enterprise Architecture
Business Process Management & Enterprise Architecture Services and Solutions October 2012 VEA: Click About to edit Us Master title style Global Presence Service and Solution Delivery in 22 Countries and
More informationA Final Report for City of Chandler Strategic IT Plan Executive Summary
A Final Report for City of Chandler 6 January 2004 Table of Contents 1. Executive Summary... 1 1.1 Background... 2 1.2 Chandler Business and IT Context... 3 1.3 Chandler s IT Strategic Direction... 5 1.4
More informationHow Can I Better Manage My Software Assets And Mitigate The Risk Of Compliance Audits?
SOLUTION BRIEF CA SERVICE MANAGEMENT - SOFTWARE ASSET MANAGEMENT How Can I Better Manage My Software Assets And Mitigate The Risk Of Compliance Audits? SOLUTION BRIEF CA DATABASE MANAGEMENT FOR DB2 FOR
More informationTHE ANALYTICS HUB LEVERAGING A SHARED SERVICES MODEL TO UNLOCK BIG DATA. Thomas Roland Managing Director. David Roggen Director CONTENTS
THE ANALYTICS HUB LEVERAGING A SHARED SERVICES MODEL TO UNLOCK BIG DATA David Roggen Director Thomas Roland Managing Director CONTENTS Shared Services Today 2 What Is an Analytics Hub? 3 Analytics Hub
More informationUniversity of Wisconsin Platteville IT Governance Model Final Report Executive Summary
University of Wisconsin Platteville IT Governance Model Final Report Executive Summary February 2013 Project Objectives & Approach Objectives: Build on the efforts of the Technology Oversight Planning
More informationTechnical Management Strategic Capabilities Statement. Business Solutions for the Future
Technical Management Strategic Capabilities Statement Business Solutions for the Future When your business survival is at stake, you can t afford chances. So Don t. Think partnership think MTT Associates.
More informationRSA ARCHER OPERATIONAL RISK MANAGEMENT
RSA ARCHER OPERATIONAL RISK MANAGEMENT 87% of organizations surveyed have seen the volume and complexity of risks increase over the past five years. Another 20% of these organizations have seen the volume
More informationCAPABILITY MATURITY MODEL & ASSESSMENT
ENTERPRISE DATA GOVERNANCE CAPABILITY MATURITY MODEL & ASSESSMENT www.datalynx.com.au Data Governance Data governance is a key mechanism for establishing control of corporate data assets and enhancing
More informationPerformance Audit Concurrent Review: ERP Pre-Solicitation
Performance Audit Concurrent Review: ERP Pre-Solicitation April 2002 City Auditor s Office City of Kansas City, Missouri 24-2001 April 10, 2002 Honorable Mayor and Members of the City Council: We conducted
More informationStepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM
Stepping Through the Info Security Program Jennifer Bayuk, CISA, CISM Infosec Program How to: compose an InfoSec Program cement a relationship between InfoSec program and IT Governance design roles and
More informationAnalytics Strategy Information Architecture Data Management Analytics Value and Governance Realization
1/22 As a part of Qlik Consulting, works with Customers to assist in shaping strategic elements related to analytics to ensure adoption and success throughout their analytics journey. Qlik Advisory 2/22
More informationProgram Lifecycle Methodology Version 1.7
Version 1.7 March 30, 2011 REVISION HISTORY VERSION NO. DATE DESCRIPTION AUTHOR 1.0 Initial Draft Hkelley 1.2 10/22/08 Updated with feedback Hkelley 1.3 1/7/2009 Copy edited Kevans 1.4 4/22/2010 Updated
More informationDevelopment, Acquisition, Implementation, and Maintenance of Application Systems
Development, Acquisition, Implementation, and Maintenance of Application Systems Part of a series of notes to help Centers review their own Center internal management processes from the point of view of
More informationExhibit F. VA-130620-CAI - Staff Aug Job Titles and Descriptions Effective 2015
Applications... 3 1. Programmer Analyst... 3 2. Programmer... 5 3. Software Test Analyst... 6 4. Technical Writer... 9 5. Business Analyst... 10 6. System Analyst... 12 7. Software Solutions Architect...
More informationKPMG s Financial Management Practice. kpmg.com
KPMG s Financial Management Practice kpmg.com 1 KPMG s Financial Management Practice KPMG s Financial Management (FM) practice, within Advisory Management Consulting, supports the growing agenda and increased
More informationCisco Unified Communications and Collaboration technology is changing the way we go about the business of the University.
Data Sheet Cisco Optimization s Optimize Your Solution using Cisco Expertise and Leading Practices Optimizing Your Business Architecture Today, enabling business innovation and agility is about being able
More informationData Management Maturity Model. Overview
Data Management Maturity Model Overview UPMC Center of Excellence Pittsburgh Jul 29, 2013 Data Management Maturity Model - Background A broad framework encompassing foundational data management capabilities,
More informationFortune 500 Medical Devices Company Addresses Unique Device Identification
Fortune 500 Medical Devices Company Addresses Unique Device Identification New FDA regulation was driver for new data governance and technology strategies that could be leveraged for enterprise-wide benefit
More informationBusiness Process Reengineering
Process Reengineering UNeGov.net - School - Organization - 59 Outline 1 Introduction government transformation 2 Change Management steps in government transformation 3 Strategic Management Balanced Scorecard
More informationProject Management Office Best Practices
Project Management Office Best Practices Agenda Maturity Models (Industry & PMO) PMO Areas of Expertise (Scale & Scope) Project Management Office Process Model Project Management Framework PMO Implementation
More informationMANAGING OTT MESSAGING SERVICES FOR A GLOBAL TELECOM PROVIDER
MANAGING OTT MESSAGING SERVICES FOR A GLOBAL TELECOM PROVIDER Sytel Reply was commissioned by a client (a large global telecom operator) to provide quality Service Assurance. Over a period of 12 months,
More informationEnhance State IT Contract Expertise
Enhance State IT Contract Expertise Chris Estes State Chief Information Officer Office of Information Technology Services March 2015 1 P a g e Table of Contents 1. Legislative Request... 3 2. Introduction...
More informationWhitepaper Data Governance Roadmap for IT Executives Valeh Nazemoff
Whitepaper Data Governance Roadmap for IT Executives Valeh Nazemoff The Challenge IT Executives are challenged with issues around data, compliancy, regulation and making confident decisions on their business
More informationPERFORMANCE TEST SCENARIOS GUIDE
Test scenarios are used to translate a strategic capability (e.g., optimize mission effectiveness) into a realistic situation that illustrates the capabilities needed to achieve those objectives. Grounding
More informationTurning Strategic Insight Into Business Impact
Turning Strategic Insight Into Business Impact VMware Accelerate Advisory Services Identify Opportunities and Create Strategies for the Journey to IT as a Service No longer relegated to simply keeping
More informationIT Vendor Due Diligence. Jennifer McGill CIA, CISA, CGEIT IT Audit Director Carolinas HealthCare System December 9, 2014
IT Vendor Due Diligence Jennifer McGill CIA, CISA, CGEIT IT Audit Director Carolinas HealthCare System December 9, 2014 Carolinas HealthCare System (CHS) Second largest not-for-profit healthcare system
More informationHow To Improve Your Business
IT Risk Management Life Cycle and enabling it with GRC Technology 21 March 2013 Overview IT Risk management lifecycle What does technology enablement mean? Industry perspective Business drivers Trends
More informationBIG DATA KICK START. Troy Christensen December 2013
BIG DATA KICK START Troy Christensen December 2013 Big Data Roadmap 1 Define the Target Operating Model 2 Develop Implementation Scope and Approach 3 Progress Key Data Management Capabilities 4 Transition
More informationTransform HR into a Best-Run Business Best People and Talent: Gain a Trusted Partner in the Business Transformation Services Group
SAP Services Transform HR into a Best-Run Business Best People and Talent: Gain a Trusted Partner in the Business Transformation Services Group A Journey Toward Optimum Results The Three Layers of HR Transformation
More informationProcess Assessment and Improvement Approach
Process Assessment and Improvement Approach June 2008 The information contained in this document represents the current view of Virtify on the issues discussed as of the date of publication. Virtify cannot
More informationMaster Data Management Architecture
Master Data Management Architecture Version Draft 1.0 TRIM file number - Short description Relevant to Authority Responsible officer Responsible office Date introduced April 2012 Date(s) modified Describes
More informationCentral Project Office: Charter
Central Project Office: Charter ITCS: Central Project Office EAST CAROLINA UNIVERSITY 209 COTANCHE STREET, GREENVILLE, NC 27858 1 Table of Contents INTRODUCTION... 3 PURPOSE... 3 EXPECTED BENEFITS... 3
More informationTemplate K Implementation Requirements Instructions for RFP Response RFP #
Template K Implementation Requirements Instructions for RFP Response Table of Contents 1.0 Project Management Approach... 3 1.1 Program and Project Management... 3 1.2 Change Management Plan... 3 1.3 Relationship
More informationHow To Implement An Enterprise Resource Planning Program
ERP Implementation Program Key phases of ERP implementation: Analysis of the company existing or designing new business process descriptions Inventory of the company s existing formal workflows or designing
More informationPMO Starter Kit. White Paper
PMO Starter Kit White Paper January 2011 TABLE OF CONTENTS 1. ABOUT THE PMO STARTER KIT...3 2. INTRODUCTION TO THE PMO STARTER KIT WHITE PAPER...3 3. PMO DEVELOPMENT ROADMAP...4 4. PLAN PHASE...5 4.1 CREATE
More informationMNLARS Project Audit Checklist
Audit Checklist The following provides a detailed checklist to assist the audit team in reviewing the health of a project. Relevance (at this time) How relevant is this attribute to this project or audit?
More informationTDWI strives to provide course books that are content-rich and that serve as useful reference documents after a class has ended.
Previews of TDWI course books offer an opportunity to see the quality of our material and help you to select the courses that best fit your needs. The previews cannot be printed. TDWI strives to provide
More informationDecreasing Complexity and Cost of EHR Adoption John Weir President CAPG Policy Committee Meeting February 23, 2010
Decreasing Complexity and Cost of EHR Adoption John Weir President CAPG Policy Committee Meeting February 23, 2010 Presentation Outline About Lumetra Healthcare Solutions (LHS) Current opportunity with
More information04 Executive Summary. 08 What is a BI Strategy. 10 BI Strategy Overview. 24 Getting Started. 28 How SAP Can Help. 33 More Information
1 BI STRATEGY 3 04 Executive Summary 08 What is a BI Strategy 10 BI Strategy Overview 24 Getting Started 28 How SAP Can Help 33 More Information 5 EXECUTIVE SUMMARY EXECUTIVE SUMMARY TOP 10 BUSINESS PRIORITIES
More informationConducting A Preparedness Assessment
Conducting A Preparedness Assessment The Next Step In Considering A Big Data Initiative Company Logo Here Prepared For Names of Key Recipients June 1, 2014 2013 Lodestar Advisory Partners All rights reserved.
More informationVendor Risk Management Financial Organizations
Webinar Series Vendor Risk Management Financial Organizations Bob Justus Chief Security Officer Allgress Randy Potts Managing Consultant FishNet Security Bob Justus Chief Security Officer, Allgress Current
More informationAchieving Business Analysis Excellence
RG Perspective Achieving Business Analysis Excellence Turning Business Analysts into Key Contributors by Building a Center of Excellence 11 Canal Center Plaza Alexandria, VA 22314 HQ 703-548-7006 Fax 703-684-5189
More informationStrategies to Help Vendors Optimize Their Long-term Global Contracts
THE INDUSTRIAL PERSPECTIVE Strategies to Help Vendors Optimize Their Long-term Global Contracts May 2010 KPMG INTERNATIONAL HAVE YOU CONSIDERED ALL THE ISSUES? The following questions may help vendors
More informationWHITE PAPER. Leveraging a LEAN model of catalogbased performance testing for quality, efficiency and cost effectiveness
WHITE PAPER Leveraging a LEAN model of catalogbased performance testing for quality, efficiency and cost effectiveness Traditionally, organizations have leveraged project-based models for performance testing.
More informationRole and Skill Descriptions. For An ITIL Implementation Project
Role and Skill Descriptions For An ITIL Implementation Project The following skill traits were identified as fairly typical of those needed to execute many of the key activities identified: Customer Relationship
More informationRegulatory Compliance Management for Energy and Utilities
Regulatory Compliance Management for Energy and Utilities The Energy and Utility (E&U) sector is transforming as enterprises are looking for ways to replace aging infrastructure and create clean, sustainable
More informationagility made possible
SOLUTION BRIEF CA IT Asset Manager how can I manage my asset lifecycle, maximize the value of my IT investments, and get a portfolio view of all my assets? agility made possible helps reduce costs, automate
More informationYour Software Quality is Our Business. INDEPENDENT VERIFICATION AND VALIDATION (IV&V) WHITE PAPER Prepared by Adnet, Inc.
INDEPENDENT VERIFICATION AND VALIDATION (IV&V) WHITE PAPER Prepared by Adnet, Inc. February 2013 1 Executive Summary Adnet is pleased to provide this white paper, describing our approach to performing
More informationOregon Department of Human Services Central and Shared Service Programs
Overview DHS Central and Shared Services provide critical leadership and business supports necessary to achieve the mission of the agency: helping Oregonians achieve well-being and independence through
More informationWilhelmenia Ravenell IT Manager Eli Lilly and Company
Wilhelmenia Ravenell IT Manager Eli Lilly and Company Agenda Introductions The Service Management Framework Keys of a successful Service management transformation Why transform? ROI and the customer experience
More informationSourcing best practices. 2011 SAP AG. All rights reserved. Internal
Best Practices in Spend Analytics, Sourcing, and Contract Management Emily Rakowski, SAP SAP Procurement Summit: Newtown Square July 31-August 1, 2012 Sourcing best practices 2011 SAP AG. All rights reserved.
More informationQlik UKI Consulting Services Catalogue
Qlik UKI Consulting Services Catalogue The key to a successful Qlik project lies in the right people, the right skills, and the right activities in the right order www.qlik.co.uk Table of Contents Introduction
More informationBig Data Services From Hitachi Data Systems
SOLUTION PROFILE Big Data Services From Hitachi Data Systems Create Strategy, Implement and Manage a Solution for Big Data for Your Organization Big Data Consulting Services and Big Data Transition Services
More informationBuilding a Data Quality Scorecard for Operational Data Governance
Building a Data Quality Scorecard for Operational Data Governance A White Paper by David Loshin WHITE PAPER Table of Contents Introduction.... 1 Establishing Business Objectives.... 1 Business Drivers...
More informationPHASE 1: INITIATION PHASE
PHASE 1: INITIATION PHASE The Initiation Phase begins when agency management determines that a business function requires enhancement through an agency information technology (IT) project and investment
More informationThe Road to Enterprise Data Governance: Applying the Data Management Maturity Model in a Financial Services Firm
The Road to Enterprise Data Governance: Applying the Data Management Maturity Model in a Financial Services Firm Patrick DeKenipp, SVP of Business Intelligence, Sterling National Bank events.techtarget.com
More informationTHE STATE OF DATA SHARING FOR HEALTHCARE ANALYTICS 2015-2016: CHANGE, CHALLENGES AND CHOICE
THE STATE OF DATA SHARING FOR HEALTHCARE ANALYTICS 2015-2016: CHANGE, CHALLENGES AND CHOICE As demand for data sharing grows, healthcare organizations must move beyond data agreements and masking to achieve
More informationCenter for Healthcare Transparency
RFP Contents I. Project Description and Background II. Funding Available III. Proposal Requirements IV. Proposal Scoring V. Proposal Submission Process VI. Proposal Documents I. Project Description and
More informationOffice of the Auditor General AUDIT OF IT GOVERNANCE. Tabled at Audit Committee March 12, 2015
Office of the Auditor General AUDIT OF IT GOVERNANCE Tabled at Audit Committee March 12, 2015 This page has intentionally been left blank Table of Contents Executive Summary... 1 Introduction... 1 Background...
More informationSUMMARY PROFESSIONAL EXPERIENCE. IBM Canada, Senior Business Transformation Consultant
Doreen Funk, MA 191 Discovery Ridge Blvd SW, Calgary Cell: 587-434- 0811 E- mail: dorfunk@hotmail.com SUMMARY Senior management consultant with 20 years of experience in applying strategies and implementing
More informationChange Management in an IT Methodology Context
Change Management in an IT Methodology Context The Experience of TEDO (Technology Enterprise Delivery Office) December 2012 Speakers: Lydia Galanti (lydia.galanti@tdassurance.com) Iphigénie Ndiaye (iphigenie.ndiaye@tdassurance.com)
More informationSuccessful Enterprise Architecture. Aligning Business and IT
Successful Enterprise Architecture Aligning Business and IT 1 Business process SOLUTIONS WHITE PAPER Executive Summary...3 An Integrated Business & IT Infrastructure...3 Benefits to Business and IT Go
More informationThe College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012
The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only Agenda Introduction Basic program components Recent trends in higher education risk management Why
More informationData Management Maturity Model. Overview
Data Management Maturity Model Overview SEPG Tysons Corner May 6, 2014 Who Needs Better Data Management? Every organization in business. Why? Collection of data assets developed over time legacy application
More information2. Encourage the private sector to develop ITIL-related services and products (training, consultancy and tools).
ITIL Primer [ITIL understanding and implementing - A guide] ITIL - The Framework ITIL is the IT Infrastructure Library, a set of publications providing descriptive (i.e., what to do, for what purpose and
More informationComprehensive Testing Services for Life Insurance Systems
Insurance the way we do it Comprehensive Testing Services for Life Insurance Systems Capgemini s testing services provide the framework and tools to drive significant improvements in quality and efficiency
More informationPRIMAVERA PORTFOLIO MANAGEMENT
PRIMAVERA PORTFOLIO MANAGEMENT Every business faces critical enterprise investment decisions. Making these decisions is among your most pressing challenges. Your PORTFOLIO MANAGEMENT FEATURES Delivers
More informationHow the Information Governance Reference Model (IGRM) Complements ARMA International s Generally Accepted Recordkeeping Principles (GARP )
The Electronic Discovery Reference Model (EDRM) How the Information Governance Reference Model (IGRM) Complements ARMA International s Generally Accepted Recordkeeping Principles (GARP ) December 2011
More information14 TRUTHS: How To Prepare For, Select, Implement And Optimize Your ERP Solution
2015 ERP GUIDE 14 TRUTHS: How To Prepare For, Select, Implement And Optimize Your ERP Solution Some ERP implementations can be described as transformational, company-changing events. Others are big disappointments
More informationQA Engagement Models. Managed / Integrated Test Center A Case Study
1 QA Engagement Models Managed / Integrated Test Center A Case Study 2 Today s Agenda» Background» Overview of QA Engagement Models MTC & ITC» The Journey to Steady State» Transition Approach» Challenges
More informationSystem/Data Requirements Definition Analysis and Design
EXECUTIVE SUMMARY This document provides an overview of the Systems Development Life-Cycle (SDLC) process of the U.S. House of Representatives. The SDLC process consists of seven tailored phases that help
More informationITGovA: Proposition of an IT governance Approach
Position Papers of the Federated Conference on Computer Science and Information Systems pp. 211 216 DOI: 10.15439/2015F21 ACSIS, Vol. 6 ITGovA: Proposition of an IT governance Approach Adam CHEKLI Hassan
More informationProfessional Level Public Health Informatician
Professional Level Public Health Informatician Sample Position Description and Sample Career Ladder April 2014 Acknowledgements Public Health Informatics Institute (PHII) wishes to thank the Association
More informationProven Testing Techniques in Large Data Warehousing Projects
A P P L I C A T I O N S A WHITE PAPER SERIES A PAPER ON INDUSTRY-BEST TESTING PRACTICES TO DELIVER ZERO DEFECTS AND ENSURE REQUIREMENT- OUTPUT ALIGNMENT Proven Testing Techniques in Large Data Warehousing
More informationImplementing an Information Governance Program CIGP Installment 2: Building Your IG Roadmap by Rick Wilson, Sherpa Software
Implementing an Information Governance Program CIGP Installment 2: Building Your IG Roadmap by Rick Wilson, Sherpa Software www.sherpasoftware.com 1.800.255.5155 @sherpasoftware information@sherpasoftware.com
More informationDeloitte and SuccessFactors Workforce Analytics & Planning for Federal Government
Deloitte and SuccessFactors Workforce Analytics & Planning for Federal Government Introduction Introduction In today s Federal market, the effectiveness of human capital management directly impacts agencies
More informationWHITE PAPER December, 2008
INTRODUCTION Key to most IT organization s ongoing success is the leadership team s ability to anticipate, plan for, and adapt to change. With ever changing business/mission requirements, customer/user
More informationDATA QUALITY MATURITY
3 DATA QUALITY MATURITY CHAPTER OUTLINE 3.1 The Data Quality Strategy 35 3.2 A Data Quality Framework 38 3.3 A Data Quality Capability/Maturity Model 42 3.4 Mapping Framework Components to the Maturity
More informationEnterprise Content Management (ECM)
Business Assessment: A Quick-Reference Summary Intro to MIKE2 methodology and phase 1 The methodology that will be used throughout the specialist track is based on the MIKE2 methodology. MIKE stands for
More informationHIT System Procurement Issues and Pitfalls Session 2.03
HIT System Procurement Issues and Pitfalls Session 2.03 Presented by: Gerry Hinkley Davis Wright Tremaine LLP and Joseph M. DeLuca IT Optimizers Session Goals Provide you with A best practices approach
More informationBusiness Plan 2014-2015
Business Plan 2014-2015 Table of Contents RHRA Corporate Overview Profile 1 Vision, Mission, Mandate and Values 1 Strategic Priorities and Business Planning Overview 2 Fiscal Year 2014-15 Activities and
More informationIT S TIME! PRIMARIS EHR SOLUTION. Benefits of Operational Efficiency. Why Primaris?
IT S TIME! PRIMARIS EHR SOLUTION For years, Primaris has advocated the use of health information technology to improve patient care. We help providers take full advantage of their electronic health records
More informationYARDI Procure to Pay SuiteTM
YARDI Procure to Pay SuiteTM Go paperless with our centralized procure to pay solution. Reduce costs with online catalogs, electronic invoice processing and vendor, bid, and contract management. Gain valuable
More informationCustomer Experience Strategy and Implementation
Customer Experience Strategy and Implementation Enterprise Customer Experience Transformation 2014 Andrew Reise, LLC. All Rights Reserved. Enterprise Customer Experience Transformation Executive Summary
More informationIDC MaturityScape Benchmark: Big Data and Analytics in Government. Adelaide O Brien Research Director IDC Government Insights June 20, 2014
IDC MaturityScape Benchmark: Big Data and Analytics in Government Adelaide O Brien Research Director IDC Government Insights June 20, 2014 IDC MaturityScape Benchmark: Big Data and Analytics in Government
More informationTREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION
TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION The Customer Account Data Engine 2 Systems Development Guidelines; However, Process Improvements Are Needed to Address Inconsistencies September 30, Year
More informationCurrent Challenges in Managing Contract Lifecycle Management
Current Challenges in Managing Lifecycle Management s are the bloodline of your business. Due to increased pressure in volume, complexity and regulatory compliance, contracts have evolved from a simple
More information