top of page

Maturing its Enterprise Data Management (EDM) program helps a healthcare organization reduce risk and optimize its technology investments 

Data is the greatest asset and greatest risk of any business. After a change in executive leadership, a healthcare organization was ready to tackle the business risk caused by a long-standing absence of a comprehensive data management program. BusinessWhys helped them develop a roadmap to mature their EDM program.  


Having a mature data management practice is critical, especially in healthcare organizations that access and generate a lot of sensitive data, including personally identifiable information (PII) and protected health information (PHI). A failure to adequately manage and protect sensitive PII and PHI can adversely impact patients' care and safety; it can also lead to costly regulatory penalties (HIPAA) and irreparable damage to a company's reputation.  


Informed by the client's goals of reducing risk, increasing operational efficiency, and making better business decisions, the BusinessWhys team performed an extensive discovery process, culminating in a comprehensive application audit. This audit evaluated data sensitivity, accessibility, functionality, and criticality for all applications used in the business. It also uncovered gaps in accountability and vendor management.

The findings and recommendations presentation included an:

Application inventory 

Analysis of application risk based on data sensitivity, business criticality, and surface risk (defined data access and volume) 

List of gap areas prioritized based on risk  

List of underutilized/redundant applications as decommissioning targets 

The organization's baseline data maturity mapped against an industry-accepted data maturity curve to measure progress 

A detailed one-year roadmap to address highest priority gaps and mature EDM through process, technology, and people changes