Authors:
Tiffany Williams, Head of US & Canada Information Governance, IQVIA
Amber Doner, Senior Director Quality Management, IQVIA
Information Governance in Patient Support: Manage Risks to Unlock Rewards
Patient support services have emerged as critical components to commercial success. When constructed correctly, they help you create more positive patient experiences and improve patient care and outcomes. Over the long term, patient support program (PSP) data also has the potential to serve as a rich source of real-world evidence for patient population research. But if you’re familiar with data privacy, information security, data integrity, and other aspects of information governance, you know that’s often easier said than done for two main reasons:
- PSP data is highly sensitive. Patient health information is among the most sensitive of personal information, and it is critically important that information about an individual’s healthcare is properly protected from inappropriate access, use, and disclosure. You must use and manage PSP data in accordance with federal and state laws, contracts, and other sources of information governance requirements. Data quality and data integrity are important too. It’s complicated and challenging, but you should not let this complexity keep you from starting.
- PSP data is messy. Programs gather and use information from many sources — including hub and copay vendors, National Drug Code pharmacies, and specialty pharmacies, among others. When you want to use that data for big-picture insights, you need more than basic governance. Across patients, payers, plans, and healthcare providers, you need clear guidelines for who can receive identifiable data versus de-identified information and other types of data. Again, it’s complicated, but the insights are worth your efforts.
Unlocking the potential of PSP data requires you to design and execute a thoughtful approach to information governance. That starts with a patient-centered approach to design, knowing what needs to be measured, and, ultimately, how that information will be used.
The building blocks of information governance
The heart of information governance is how you manage compliance requirements associated with the responsible use of the information you receive, store, use, or disseminate and operate across the data lifecycle. Such governance is crucial when you’re using patient-level information, both identified and non-identified data. Help patients understand the features and functions of your PSP system so they understand how data about them will be used. Encourage the use of non-identified patient information for research purposes to protect patient privacy. Use robust methods for de-identification, tokenization, linking, and other activities to address privacy and quality, ensuring data will be fit for research purposes. In all cases, good information security practices serve as a strong foundation for good information governance practices.
To make the most of PSP data, the industry needs to reframe information governance not as a compliance exercise but as a strategic business priority. Investing time in thorough governance upfront will allow significantly greater speed — and agility — over the long term. When done correctly, you enable innovation through integrity.
This approach leads to better results for everyone. Patients benefit with improved privacy protections and more research to support patient safety, quality, and outcomes. The industry benefits from greater opportunities to discover and commercialize treatments that lead to longer and higher-quality lives. Individual companies gain the ability to protect, if not strengthen, their brand and reputation in the market. And, of course, proper governance also helps prevent potentially costly and devastating consequences of inappropriate data handling.
Build your framework before you launch your product
Commercial teams need a framework for operationalizing information governance throughout the data lifecycle. Such a framework must address a host of needs and requirements that extend far beyond the traditional boundaries of commercial operations. These include legal/contract considerations, information security policies and processes, intellectual property protection, privacy considerations, and measurement and analytics capabilities. This also includes business perception, comprehensive communication, and proper training. A strong information governance strategy is essential for maintaining data integrity, promoting transparency, and achieving business objectives.
The framework also needs to consider each organization’s distinct needs, including commercial goals and requirements. When exploring a framework for your organization — and evaluating prospective partners to operationalize it — consider the following:
- How will the prospective partners collaborate with your organization to ensure alignment with privacy laws and contractual data use obligations?
- What experience do your prospective partners offer in working with and managing datasets with different usage requirements (e.g., sensitive data, anonymous data, and public data)?
- What are the prospective partners’ strengths in coordinating with multiple data vendors?
Invest in sound governance
Information governance is a complex and dynamic challenge — one best tackled with a comprehensive approach and in collaboration with an experienced partner. By investing in a strong yet agile foundation, you position your organization to succeed not just with the latest patient service line, but with innovation over the long haul.
When you operationalize information governance to mitigate risk, data partners and customers are more likely to view your business as a valued partner. It demonstrates that you are experienced in working with and managing datasets with different data use requirements (e.g., sensitive data, anonymous data, and public data). It enables collaboration with customers to support compliance with privacy laws and contractual data use obligations. And, finally, it promotes the importance of minimizing privacy risk and using data responsibly.
Ultimately, operationalizing information governance helps you unlock the transformative potential of your data — fostering innovation and efficiency while gaining and maintaining the trust of patients, providers, customers, and other healthcare stakeholders. It’s more than a strategic need; it's the key to mastering the challenges and opportunities of the patient- and data-centric future.