Today’s advances in digital technology and business models put more pressure on Chief Information Officers (CIOs) to stay ahead of existing and emerging competitors. This rings true across industries – and is especially relevant in healthcare as we see more and more startups and traditional technology leaders disrupting the space.
To explore the evolving role of the CIO and find best practices for a successful digital health strategy, BrightInsight, Inc. and The Boston Consulting Group (BCG) spoke with CIOs from the top biopharmaceutical (biopharma) and medical technology (medtech) companies as well as leading health systems.
Despite some notable early successes and the tremendous potential for digital health, biopharma and medtech companies have largely failed to scale beyond small pilots or siloed, one-off solutions. Early experiments reveal the challenges that digital transformation can bring: budget overruns, shifting global regulatory requirements, security and privacy considerations, and scalability roadblocks.
Read on to explore the evolving role of the CIO, to understand how to overcome the challenges of building a digital health infrastructure, and to gain first hand knowledge from leading biopharma and medtech CIOs on deploying everything from simple companion apps to advanced, clinically-validated Software as a Medical Device solutions.
This past decade, the rise of the digital economy has changed the role of the CIO. Change, however, is slow to come to healthcare as the industry lags behind every other industry in bringing about digital transformation.
BCG’s 2018 Digital Maturity is Paying Off study, surveyed more than 1,900 companies in Europe and the US to estimate their digital maturity based on 37 dimensions. Of all the industries BCG analyzed in this survey, healthcare had the largest share of laggards (forty three percent). Within healthcare, medical technology (medtech) companies have the fewest laggards (ten percent), while seventy percent of biopharma companies have yet to embrace digital transformation.1
Until recently few CIOs have stepped up to lead their companies’ digital efforts, but top performing companies have embraced this shift.
One example is Bristol-Myers Squibb (BMS), where CIO Paul von Autenried has transformed his role and his function to pursue a vision that positions BMS for success in the digital era.
In the past two years, we have intentionally reimagined IT at Bristol Myers Squibb. The reimagining process involved us shaking off some practices and mindsets that served us well in the past: We knew we needed to move from 'IT as an enterprise service provider' or 'IT as an internal capability' to where we are now: a steward of our company's digital capabilities."
CIOs are transitioning from being focused on IT outcomes and costs to business outcomes, revenues and platforms.
Moving from cost-controlling to revenue-building is the biggest change for CIOs, as it allows them to help drive product strategy. Another recent BCG survey found that approximately ninety percent of companies still viewed their CIO’s role as ensuring delivery of IT services to businesses, while forty percent of companies saw their CIO as digital leaders.2 The survey also observed that companies that were transforming their CIO’s role increased market share by seven percent while laggards saw their market share drop eleven percent from 2012 to 2017. This represents a big opportunity for CIOs.
Before digitization can transform a business, first the business must transform the role of its CIO.
A simple way to assess whether an organization understands the strategic value of technology is to look at the CIO’s reporting structure," says Kristin Darby, Enterprise Chief Information Officer, Envision Healthcare.
Another CIO who was interviewed agreed, "The CEO needs to genuinely believe that they can’t get their job done without the CIO next to them. The CEO needs to believe that the IT team is fundamental to the company’s ability to deliver scalability inside the corporation as well as outside."
Envision Healthcare’s Darby explains that, when shaping strategy, a CIO who either reports directly to a CEO or sits on the CEO’s executive Leadership Team – as opposed to the CFO, COO or another operational support function–is more integral in executing business strategy. Because IT touches every part of an organization, a CIO on a CEO’s executive leadership team is able to identify opportunities for transformation to which others at the table may not have line of sight.
At the beginning of 2018, citing the transformative effect digital will have on its business, Lilly named its Chief Information Officer, Aarti Shah, to the executive team reporting directly to its CEO, with additional responsibilities for digital health, advanced analytics and data sciences along with IT and Information Security
While I have been asked to lead this digital transformation, it is in extremely strong partnership with the rest of the organization," Shah says. "The other executive committee members understand that [digital health] is not simply an IT initiative, it is an enterprise-wide one."
Digital initiatives still face formidable challenges, even at organizations that have elevated their CIO to report to the CEO. Time and budgets are tight.
CIOs still spend about eighty percent of their time on legacy IT issues, and just twenty percent on digital strategies, according to one leading biopharma company’s CIO. At the same time the speed of business is accelerating, and CIOs are being asked to do more, faster.
Revenue enablement doesn’t just come from the commercial function. It comes from discovery onwards. If you are faster on finding the product, running the clinical trial, finding the patients, completing the study, being able to submit and get regulatory approval, well, all of that adds up significantly, because it takes most companies over $2 billion to get a product to market," says Jazz Tobaccowalla, Former Senior Vice President and Chief Information Officer at Regeneron Pharmaceuticals.
As CIOs take the digital reins at their organizations and transition from heads-down IT management to heads-up IT leadership, they need to build the proper foundation to enable their digital health products to cost-effectively and quickly scale.
Part of building this foundation requires CIOs to know when to build vs. buy digital tools, platforms and systems and how to best leverage their internal resources to differentiate their digital products from the competition.
1. “Digital Maturity is Paying Off,” Boston Consulting Group, 2018. https://www.bcg.com/en-us/publications/2018/digital-maturity-is-paying-off
2. “Where Do Large Swedish Corporations Stand on Digital?,” Boston Consulting Group, 2017. https://image-src.bcg.com/Images/BCG-Where-Do-Large-Swedish-Corporations-Stand-on-Digital_tcm22-187778.pdf
Forward-thinking biopharma and medtech companies have spent the past few years studying how digital technologies can be applied to medical devices, combination products or Software as a Medical Device to improve patient outcomes and provide real-time and real-world data on usage, compliance and other issues.
As executive teams at biopharma and medtech companies see the advancements in genomics, computing power and the proliferation of the Internet of Things in healthcare, they are looking to their CIOs to figure out how to manage the coming data deluge from millions of connected apps, medical devices, combination products and therapeutics. In order to future-proof their digital health programs, CIOs need to find a strong partner to build their cloud-based infrastructure instead of attempting to build a scaled-down, siloed version inhouse.
When evaluating whether to build in-house or buy a technology, one CIO recommended you look at two things:
Deciding to work with a partner instead of building it ourselves means their technology has to allow us to go radically faster while still allowing us to be differentiated."
Many of the CIOs interviewed shared this approach when determining when to buy versus build an underlying digital health platform.
We leverage off-the-shelf products from a cloud infrastructure perspective, so we can focus internally on developing differentiated data models and algorithms that drive business value," says Scott Sandschafer, CIO at Novartis. "Our IT organization works directly with the businesses to think holistically about the insights we can generate from the data – outcomes can be one objective, but we also think about the new types of insights we can generate from real-world data in the future."
While maintaining multiple digital health apps or siloed portals can be challenging for biopharma and medtech companies, securing clinician adoption of discreet solutions can be an even bigger challenge.
As the healthcare industry transitions from proprietary solutions to interoperable and open systems, convincing ecosystem partners – such as Electronic Health Record providers, disease management programs, payers or clinical trial systems – to support integration with a siloed platform is near-impossible.
The next-generation biopharma and medtech CIO will have to help their organizations move from siloed platforms and creating one-off integrations to leveraging scalable platforms that integrate with health IT systems that contain additional real-world data. Without integrating into the broader healthcare ecosystem, biopharma and medtech companies will not be able to capture the majority of the value of their digital solutions.
The unique challenge in healthcare and life sciences is the fragmentation of data, and we have already recognized that you cannot solve this problem on your own. At BMS, our IT organization – together with the strong collaboration we have with our internal Business Insights & Analytics organization – is working with key trusted partners who deliver secure, independent, third-party platforms that have a data governance model, a data curation model and a significant investment in analytics, AI, and machine learning methods. I would discourage any company trying to do that entirely in-house. With our partners, we can leverage their innovations to continually improve our digital capabilities while ensuring our data is reliable, accessible and secure," says Paul von Autenried, Chief Information Officer at Bristol Myers Squibb.
Companies that build their own custom digital health platforms underestimate the ongoing costs, time and maintenance these highly regulated systems carry with them.
One of the key shifts biopharma and medtech CIOs face as they move to develop digital products is the increased risks posed by security and privacy breaches. While CIOs have years of experience protecting their companies’ IT infrastructure and corporate data from external threats, they have not traditionally been responsible for large sets of patients’ medical data. Digital health changes that paradigm since CIOs now have to mitigate the same threats that hospitals and health insurance companies struggle to defend against to keep both patient identifiable and their therapy information safe.
In the United States, the Department of Health and Human Services’ Office for Civil Rights (OCR) publicizes its high-profile enforcement actions against healthcare organizations that fail to protect their patient data.3 The European Union went live with its General Data Protection Regulation (GDPR) legislation, which includes new rules for how companies can process health data, including biometric and genetic data (HLD).4
On the security front, ransomware attacks on healthcare providers rose 350% in Q4 2019 alone. A report from Verizon found that ransomware attacks were on the rise in healthcare and accounted for eighty five percent of malware attacks in the industry. Two-thirds of data breaches in healthcare targeted medical data while personal information was the target of the remaining third.5
Biopharma and medtech companies building digital health platforms are taking on new security risks by collecting patients’ medical data, even when much of the data is anonymized. Maintaining these platforms will require significant resources devoted to privacy law compliance and security threat mitigation in order to avoid the financial penalties, bad publicity and harm to patients that can result from a breach.
Validating medical software requires an investment that, quite frankly, exceeds the regulatory requirements that even financial services companies must adhere to. It is also, generally, not an area that is well-understood," Diana McKenzie, Board Member, Change Healthcare and Vertex Pharmaceuticals, Technology Advisor, and Former CIO, Amgen and Workday.
The U.S. FDA and similar regulatory agencies around the globe regulate biopharma companies’ digital health platforms and certain types of Software as a Medical Device (SaMD). However, the required document sets, notification processes and other material varies country to country.
In the US, for example, the FDA has refined its position on regulating medical software at least eight times over the past few years, with more changes likely coming. But it is clear that digital therapeutics will require both premarket clearance and ongoing documentation for any changes to the hardware, software, or the cloud environment. Digital health platforms must be built from the ground up with these regulatory requirements in mind, even as requirements may shift. One of the key benefits of a cloud environment for a digital health platform is that it can be changed and improved multiple times per day. However, when the platform is regulated as a medical device, each of these changes needs to be understood, documented and submitted as part of the device’s change control process in case the improvement changes the device’s intended use.
Biopharma and medtech companies need to contemplate their regulatory roadmap not only for their existing digital health products, but for the more advanced capabilities they will introduce over time. It will be the CIO’s responsibility to ensure their underlying digital health infrastructure can support regulated digital health solutions in a compliant manner around the globe.
3. “2017 HIPAA Enforcement Summary,” HIPAAJournal, 2017. https://www.hipaajournal.com/2017-hipaa-enforcement-summary/
4. “The Final GDPR Text and What It Will Mean for Health Data,” Hogan Lovells, 2016. https://www.hldataprotection.com/2016/01/articles/health-privacy-hipaa/the-final-gdpr-text-and-what-it-will-mean-for-health-data/
5. “2018 Data Breach Investigations Report,” Verizon, 2018. https://www.verizon.com/about/news/ransomware-still-top-cybersecurity-threat-warns-verizon-2018-data-breach-investigations-report
While biopharma and medtech CIOs may not run their company’s data analytics team, they are responsible for providing the tools that turn data from new digital health products into actionable insights. The faster a CIO can draw insights from their platform’s data sets, the faster they will transition from being a cost center to a revenue enabler.
One limitation in terms of analytics is having enough real-world data to generate actionable insights. In order to leverage digital health data to inform market strategies and drive product development, you need a large number of patients enrolled who have consented to share their data," says Anders Romare, Chief Information Officer, Novo Nordisk. "We are seeing very compelling real-world data, but need to continue to scale our digital health efforts to unlock the full value."
Digital health platforms will exponentially increase the amount of data biopharma and medtech companies generate, which could grow to include data from tens of millions of patients daily. This deluge will also challenge their data scientists with newer, unfamiliar types of data. Machine learning, analytics and artificial intelligence are areas that are evolving quickly, and biopharma companies will need to become experts in these fields if they build a custom digital health platform internally.
When aggregating data from tens of millions of users in real-time, user base scale-up is just one scalability challenge. Large biopharma companies offer a number of therapies, and their digital health platforms need to scale and be flexible enough to support the specific needs and features required by each brand and its respective patient population.
In order to scale, digital health platforms must also be interoperable with existing health IT systems, especially Electronic Health Records. One healthcare provider CIO said most hospitals won’t even review proposals from companies selling digital products in their health systems if those companies haven’t solved for interoperability yet.
One in four adults in the U.S. today have two or more chronic conditions,6 while more than half of older adults have three or more chronic conditions.7 Given the aging population and increasing number of comorbid patients, providers will not prescribe or use siloed, vertical digital therapeutics that don’t integrate into their workflow.
It is critical that biopharma and medtech CIOs ensure that the underlying infrastructure they leverage can integrate with therapies from other biopharma and medtech companies and into the broader healthcare ecosystem in order to reach scale and achieve ROI from their digital solutions.
6. “Prevalence of Multiple Chronic Conditions Among US Adults: Estimates From the National Health Interview Survey, 2010”. https://www.cdc.gov/pcd/issues/2013/12_0203.htm
7. “Managing Multiple Comorbidities”. https://www.uptodate.com/contents/managing-multiple-comorbidities
Biopharma and medtech companies have found that the total investment required to build a custom digital health platform, as opposed to using a pre-built platform, can hit $50 million, and the annual maintenance fees can range from $10 to $20 million per single brand or product.
One company offering a regulated medical app in just a few countries has over 85 people working to keep that single app in compliance with each countries’ different medical device regulations. While the product is doing well, the costs of maintaining the app on an ongoing basis have far exceeded the original estimates, ultimately dragging down the bottom line.
Digital health expertise is also in short supply because so few people have real-world experience building regulated digital health products. It takes a good amount of time to find, recruit and retain a large team of specialty digital health engineers and other key roles.
Finally, building a platform from the ground up can delay time to market for a biopharma or medtech company as there are no pre-built functionalities or systems to leverage. It can take around two years to build a new platform, which also can lead to product delays or allow competition to surpass you. The CIO of the future should look for ways to tap into existing innovative platforms and tools they don’t have to invent and that are continuously evolving and improving.
Biopharma and medtech companies’ core competencies are developing life-saving therapies and devices in a highly- regulated environment – not to develop software in a rapid, iterative manner. While CIOs and their teams have software expertise, it is often focused on managing the company’s core infrastructure, such as email systems and Customer Relationship Management (CRM) systems.
We quickly dismissed the concept of building our own custom platform so we could focus instead on developing transformational digital health solutions that bring to the forefront our deep-rooted history in science and focus on driving patient outcomes," a digital health executive at a leading life sciences company said. "Using a pre-built, compliant platform accelerates our time to market while allowing us to focus on digital health innovation and leveraging our clinical knowhow to improve patient outcomes instead of the underlying infrastructure."
While process improvement methodologies like Six Sigma have made their way into the workflows of many biopharma and medtech companies, none of these companies have been able to broadly adopt the software world’s equivalent: Agile Software Development. In BCG’s work with clients, they have observed that agile development speeds up time to market (measured in the number of months to release) and improves quality (measured in the number of customer- identified product defects per month), each by about fifty percent.8 Digital products that are not built using Agile processes, which use an iterative and incremental approach, will not evolve fast enough to keep up with the market or the demands of their end users. The iterative Agile development process is also difficult to reconcile with medical device regulations, which require updated filings for every material change to the software.
Partnering with digital health software experts can enable biopharma and medtech companies to focus on their core competency and accelerate their time to market.
8. Designing the Tech Function of the Future”: https://www.bcg.com/en-us/publications/2017/digital-designing-tech-function-future.aspx
The promise of data-driven transformation has inspired business leaders to pursue digital initiatives that enable them to use data to make better decisions and to make processes more efficient. Executives at healthcare companies that are digital laggards are also motivated by the fear that their competition is moving faster than they are into digital transformation. Some will make the mistake of moving into digital with sweeping, company-wide initiatives that will prove to be too ambitious as a first step.
Executives who get this right will be disciplined, agile, and pragmatic in their approach. These business leaders will act quickly to bring in early wins, but they will also carefully put together an innovation roadmap and build out the technical capabilities, resources and external partners needed to support their digital efforts long-term.
Based on interviews with leading biopharma and medtech CIOs, three recommendations emerged for fellow CIOs leading digital health innovation at their companies:
Many IT departments lack the agility and specialized expertise to meet evolving business needs, which leads business units to hire chief digital officers (CDOs) to lead their digital efforts.
As a result company leaders need to decide whether to transform their IT departments to work with business units to deliver revenue-enabling product and service technologies or to keep their IT department focused on mission-critical infrastructure that keeps the business functioning effectively and securely.
Most companies will choose to transform their IT department. The most effective CDOs will be temporary leaders who complete their digital projects in three to five years before transitioning their responsibilities internally.
At companies where the CIO has stepped up to lead digital initiatives, the CIO should report directly to the CEO or be on the CEO’s executive Leadership Team. As a full-fledged member of the executive team, the CIO can ensure the company’s leadership fully leverages IT’s expertise in digital technology and architecting platforms for success. Without the CEO’s support and attention, it is nearly impossible to deploy digital health solutions at scale.
In the past the integration costs often outweighed the efficiency gains of outsourcing cloud-based utilities. Digitization has enabled “stack architecture”, which significantly reduces these costs. Non-differentiating technologies like infrastructure, platform, and standard software packages are now readily available from external partners. Managed services offer reduced costs and improved security, stability and uptime.
CIOs should focus internal resources on the highly specific and differentiating product and service technologies at the top of the “stack architecture” that will give their company a competitive edge and partner with digital health software experts for all else. The advantages of leveraging a pre-built digital health platform far outweigh the potential benefits of building an internal platform from scratch.
Digital products will unlock new insights and revenue streams that are hard to predict from the outset. These initial projects should be focused on discreet, rapid digitization efforts that can deliver quick wins in a key area, such as accelerating clinical trials or improving patient engagement.
Quick-win initiatives that have already demonstrated success and value have a high likelihood of continued success, a substantial and rapid payback and should have visibility across the organization.
We have a strong ambition to make our patients better. We believe technology will play a huge role in enabling people with diabetes to better manage their disease in the real-world, and that we must continue to engage patients in a more compelling way." says Anders Romare, Chief Information Officer, Novo Nordisk.
Rather than taking years, these initial projects demonstrate their initial value within weeks or months and could potentially help pay for longer term digital transformation initiatives.
Organizational inertia is perhaps the reason why seventy percent of publicly announced transformation projects fail to meet the company’s objectives, timelines, or both. Get started with digital health projects today – even if it’s on a small scale – and then iterate and focus on monetization strategies later once data can inform those strategies.
Kal Patel, MD
CEO & Co-Founder, BrightInsight, Inc. can be reached at:
kal.patel@brightinsight.com
Alex Aboshiha
Partner & Managing Director, BCG can be reached at:
Aboshiha.Alex@bcg.com
Neveen Awad
Partner & Managing Director, BCG can be reached at:
Awad.Neveen@bcg.com
BrightInsight provides the leading global regulated digital health platform for biopharma and medtech. The medical-grade BrightInsight Platform is built under a Quality Management System to support and optimize regulated drugs, devices and software through integrated data and actionable insights to enable customers to drive increased patient adherence and engagement.
Our BrightInsight™ Platform uses software and services to capture, transmit and analyze data from CE-marked and FDA-regulated medical devices, combination products, apps, Digital Therapeutics, and Software as a Medical Device (SaMD), in compliance with security, privacy and regulatory requirements.
Our leadership team brings over 100 years of combined digital health experience in the biopharma and medtech industries. Our vision is to transform patient outcomes globally by bringing the power of digital technology to healthcare, and we work every day to achieve this by accelerating regulated digital health innovation for our customers through our scalable medical-grade platform.
The Boston Consulting Group (BCG) is a global management consulting firm and the world's leading advisor on business strategy. We partner with clients from the private, public, and not-for-profit sectors in all regions to identify their highest value opportunities, address their most critical challenges, and transform their enterprises. Our customized approach combines deep insight into the dynamics of companies and markets with close collaboration at all levels of the client organization. This ensures that our clients achieve sustainable competitive advantage, build more capable organizations, and secure lasting results. Founded in 1963, BCG is a private company with offices in more than 90 cities in 50 countries.