A

Foreign. Welcome to Risk Never Sleeps, where we meet and get to know the people delivering patient care and protecting patient safety. I'm your host, Ed Gaudet. Welcome to the Risk Never Sleeps podcast in which we learn about the people that are on the front lines delivering and protecting patient care. I'm Ed Gaudette, the host of our program and today I am pleased to be joined by Andrea Steele, the AVP of information Technology and Business intelligence. Did I get that right?

B

You did.

A

Excellent.

B

Yeah, it's a very long title. It's actually too long for Oracle and we had to pare it down.

A

This is impressive. And you're at the Healthcare District of Palm beach county, correct? Yeah. Awesome. So let's just start off, help listeners understand a little bit more about your background, your role and your organization.

B

Sure. Thank you for having me on the podcast, Ed. So, a little bit about the Healthcare District of Palm Beach County. We have been around for 30 plus years. We're the public safety net healthcare system and our motto is we care for all. I started working here nine years ago in corporate for end quality and then moved over to corporate quality managing quality for our health centers. And then also, you know, grew into that larger role where I was also working for the rural hospital, our skilled nursing center. We have air and ground transportation, and then we have 170 public schools across the county where we staff the school nurses as well. So a lot of opportunities for both quality and it. And it's only been about a year that I transitioned into my role in it. I think I'm one of those folks that you call purple people who, you know, was identified by my business unit as the person you go to to ask questions when it is not getting back to you fast enough. And just have grown into this role over time, starting with getting my first certification as an EPIC Clinical Informaticist. That was in 2021 when we. Thanks.

A

That's no small feat.

B

No, it was. I actually had to take the class twice. It was a new language. Right. Just like epik is learning a whole new language. And now I'm learning the language of cybersecurity. So I'd like to think of myself as a linguist these days, but who knows?

A

Translating between business as well, I'm sure.

B

Definitely. Yeah. Yes, definitely. Translating, communicating between information technology and operations and making sure we're all speaking the same language. And if we're not on the same page, at least we're in the same book.

A

Yeah. A tough job, obviously. And I'm sure you're busy these days. Especially definitely. How did she get into healthcare?

B

You know, I would describe that to my family. My mom worked for a physical therapist for the last or she's retired now, but she worked there for 10 plus years. My first job at 12 years old was doing laundry for the physical therapy office. I washed and folded towels, sheets, pillowcases overnight and then my mom would take them back to work with her the next morning as the office manager. And I think I just started my love there. My sister is also aprn for a federally qualified health center. So it's just part of our family.

A

I think it's in the family. Yeah, yeah, yeah. And people don't realize how critical laundry is. If you don't have it, you can't run a hospital, can't run a clinic.

B

Yep.

A

People always think about risk on the technology side, but there's all these other services that are quote unquote, critical functions to operations. Yeah. When you think about the next 12, 24 months, what are your top strategic initiatives?

B

So for us here at the district, I would say it's really translating actually quality to it. I've started in the last year by having our team conduct root cause analysis, but the next phase would be implementing plan do check acts. So really like doing that whole process improvement cycle in each of our service lines. And then in addition to that, which is also no small feat, we also are trying to implement the SCRUM methodology. So our business intelligence department has been doing it now for a couple of months, maybe the last six months, and it has really improved our delivery time to our operational stakeholders, but also helped kind of answer real questions in real time for the developers so they're able to, you know, address roadblocks quickly and move forward with their jobs as well.

A

And are you following the pure Agile process or have you modified?

B

Trying to, but we're also open to being flexible. We can actually feed the tickets from the managed engine system into Azure DevOps to sort of start the process and you know, set up our actual two week sprints with the business, the operational owners. Right. So they tell us what the priority is and then we run.

A

And do other organizations use Scrum and Agile or are you the first?

B

Oh, I'm sure there are other organizations who are using it. I don't know that they have historically linked it to their IT ticketing system the way that we are. So I'm pretty excited about that.

A

I meant within the organization. Are there other groups that use it?

B

Oh, sorry, there are our Performance Excellence team and our project Management office are also using oh, cool. Yeah.

A

So it sounds like that'll be sort of a best practice for the organization.

B

Definitely.

A

Yeah. That's great. Yeah. You. I don't think many healthcare organizations are using. I know a few, but it's a really good question to ask, actually. I have to think about how I include that in the. We have this benchmark study. I want to think about how I include that in the benchmark study, you know, as you think about those things that you use to help guide your overall programs. Are you a NIST shop? Are you a NIST CSF shop? Are you a. You are.

B

We are. We're in this CSF shop. Yep.

A

And are you looking at the CPGs, the Cybersecurity Performance goals?

B

We are.

A

Oh, good, good, good. Excellent. And so assuming, like everybody else, you're probably also either thinking about or beginning to execute on some type of AI plan, policies, protocols. Governance committee.

B

Yes. So we had our one and only AI governance committee earlier this year and it then got integrated into our governance committee. So we had just one AI governance committee where we sort of talked about the lay of the land and also where we wanted to go, including implementation of DAX Copilot with EPIC and copilot through Microsoft 365. And then now we talk about the AI components as a regular, you know, standing agenda item, part of our data governance ongoing monthly meetings.

A

I love that idea. And so why did you decide, you know, what was sort of the impetus for putting it into data governance?

B

I would say that it's usually, at least from a legal and compliance concern, the concerns always come back to the data and the data integrity and, you know, where is it getting stored? So it just made sense. It's. We didn't need to keep a separate committee, a governance committee going when we could just sort of integrate it with what we had already started.

A

Got it. And how about other practices, other functions like risk analysis? And as you're bringing in AI type technologies or tools, do you have a formal risk analysis process as well for that or.

B

We are working on our formalized risk, but we actually have an Excel spreadsheet that helps us analyze the risks that come along with AI, but then separately. So the next thing, Right. That we actually brought through data governance was Tableau in the Cloud, which offers AI, so it's pulse component. So we'll be able to down the line casting even for our risk as well. So that's the piece that I'm really excited about. We'll be able to take enterprise risk data, feed it into Tableau as We already do today, but then also do forecasting of our risk and maybe even if we get super savvy down the line, maybe we can actually combine the enterprise risk data with our NOW data that we get from Cincinet on each of our vendors. So that's another just sort of aspect of some of the work that we've been doing. And we try to be a very data driven organization but sometimes being able to combine those different data sources can be a challenge. But.

A

Right.

B

Working on it. It's good to have dreams.

A

Excellent. Yeah, no, it's exciting times. What keeps you up at night?

B

What keeps me up at night, honestly, it's asset management and medical device management as well. Keeping track of our inventory is a.

A

Med device managed by the Biomed or the Bioengineer group.

B

We do have a biomedical group, but they do not currently have that cybersecurity component. So we're actually bringing on a third party vendor to do the cybersecurity upkeep and we'll have it integrated between IT Security and Biomed and have probably monthly meetings just to make sure that we're on the same page and tracking everything appropriately.

A

Excellent. All right, that's a really good overview. So now as we kind of turn to you, the person outside of your day job, what are you most passionate about? What would you be doing if you weren't doing this job?

B

Oh, I would probably be hanging out with my kids, camping. We went on a really long road trip over the summer where we camped all over Northern California. We did some panning for gold. That's a fun thing for small boys age almost seven and nine.

A

Oh, nice, nice.

B

Right on a river. So we did, you know, some just sort of rafting down the river as well.

A

Yeah.

B

And yeah, we love to go, of course, to all the amusement parks, Legoland, Disneyland, all those things. But we like to spend time outside.

A

Yeah. Now were you up in Big Sur or.

B

No, we went through Yosemite, up over to Tahoe and then back down through Mammoth.

A

Nice. Oh, so great. And you, you live in California?

B

I do. I live in Orange County, California, but in Silverado at the base of the Cleveland National Forest. So we have a creek out there.

A

Oh, beautiful. Oh, it's great.

B

Also have two chickens, two cats and a dog. It's pretty exciting in our house.

A

Yeah, no, that's great. My first trip out of school was to la, to Irvine actually for a trade show. This is back in the 80s and I was a big Doors fan and I remember just thinking I need to get to Venice Beach.

B

Oh yeah. Venice beach is amazing.

A

It's cool. Yeah, I still go. I still, anytime I'm in town, I try to go because, you know, it's like a pilgrimage. It's like. And I try to bring whoever who's with me and typically people have never been. So it's a, it's kind of fun to watch their, their reaction to Venice because they've heard about it but they've never been.

B

And there's always something exciting to see there.

A

It's such a great place. The whole area is Santa Monica, Venice. So wonderful. Okay, so if you could go back in time, what would you tell your 20 year old self?

B

Truthfully, I think I would tell my 20ish or so year old self just to believe in myself more. Right. I don't need the external validation. It's really about like trusting your gut and being willing to make mistakes, learn from those mistakes. Yeah. And I think I've had plenty of opportunities to make mistakes and then learn from them and believe in myself more.

A

So yeah.

B

If I could have just had the confidence that I have now at age 20, I think I'd be in a different place.

A

That's a common answer. I always, when I first thought of the question, I thought people are going to say, you know, invest in Microsoft or. Which is also a good advice. But no, we often get that answer. Which is a really good answer. It sounds like you do like the outdoors. I'm sure you like a little risk. What's the riskiest thing you've ever done?

B

You know, I would say skydiving. Right, right. But honestly, it was probably riskier driving around in little micro buses in Guatemala and Mexico with my cousin. That seems like much more dangerous actually than skydiving.

A

We were packed into buses of road and.

B

Yeah. Uphills and mountains and chickens on like these very small winding roads that are made out of dirt and you don't know if you're going to go off of a cliff. I think that was more dangerous, more risky.

A

I would agree that's much more risky. Yeah. Yeah. It's controlled risk to jump out of a plane, believe it or not.

B

I know.

A

But the bus driver, you never know what you get.

B

Yep, exactly.

A

Hardest lesson in your career.

B

Hmm. Artist lessons. You know, I think this is just something that I'm still learning and it's probably also from going from leading a small team of eight to a now team of 50 people. Right. And it's sort of that discrepancy between the desire to accomplish something versus the capacity to actually accomplish it. And so you have desire, you have capacity, and then you maybe have capability mixed in with capacity. And. And really being able to understand what is somebody's desire to get something done versus their actual knowledge, skills, and abilities to do it. And what are you doing right, as a leader to remove roadblocks for them to be able to do what they need to do at the end of the day. And it plays out not only in work, it also plays out in personal life, too. And so this is the thing that I've been just sort of thinking about over probably the last couple of months, that disparity and kind of also just talking with people about, like, how interested are you in doing this thing and what do you know about it? Are you willing to learn about it? Or do we need to actually bring in somebody from the outside who's already an expert? And then also, I would say, adding to that, it's also helping people be honest about where they're at and what their knowledge, skills, and capabilities are as well.

A

I love that answer. I. I always. You know, early on I realized I had this epiphany that it's skill and desire. Those are the two levers that you have. I mean, there's a lot of other things around it, but you articulated that so well. And it's also the things we don't do as leaders, like jump in and try to do it ourselves because.

B

Sure. Right, right.

A

Yeah. That delegation is so hard sometimes because. Yeah, that's really good. Really good insight. I love music. I typically ask folks, you're on a desert island and you could take five records or five movies with you, what would you bring?

B

I would probably bring Odessa, their In Return album, so that I could dance on that desert island. That would be nice.

A

It's like Burning man on your island.

B

Exactly. Similarly, probably Faithless. I like their Outrospective album as well. And then for movies, I was just remembering this yesterday, that movie feds from the 80s with the two women who wanted to become FBI agents. It's hilarious. You've got Rebecca De Mornay. She's, you know, ex marine. And then you have this other actress who is the smart one, Right? So you have sort of that. The complimentary, the brains in the bra. Right. And they had to work together to get through FBI Academy and work as a team, basically to both accomplish their goals. I just remembered it yesterday, and I'm hoping to rewatch it this weekend. F E Z Z F E D S. Feds.

A

Oh, okay. Feds. Oh, got It.

B

Fez, what's your favorite movie?

A

Oh, I love Jaws. I love Apocalypse Now, Star Wars. I'm a child of the 70s, so I tend to gravitate to those. Greece. I love Greece.

B

Oh, me too.

A

Good, isn't it? Great movie. It's such a great movie. Anytime it's on, I'll stop it. I turn it and I'll watch it. It's the same with Jaws too. Like, my wife's like, are you watching Jaws again? What's wrong with you? Like, I just can't not look.

B

That's awesome.

A

And Rebecca de Monet, Wasn't she in Risky Business? Ah, could keep it in the. The family here. The Risky Thing. Cool. Any last advice you have to professionals that are, you know, just starting up or maybe just coming out of school and want to break into healthcare and. Or cyber or it.

B

Let's see. Well, so breaking into healthcare, I would say, you know, be willing to start small and learn. And for cyber security, I feel like there's so much free education out there these days. You can start to, you know, just go learn on even the size of websites and then bring that knowledge with you to your interview process. And then you can also sort of think about the way that you are addressing it, security, even in your home, and bring that to an interview as well. So what we've also done here at the healthcare district is promote internally. So finding those folks on either the service desk or desktop engineer team who already have just sort of a mind for it or a knack for it or an interest in it. Giving them the opportunity. Right. Showing that desire. Let them go take some courses through pluralsight and then going ahead and interviewing them and seeing if they'll be a good fit and then moving them up in their career. It's been really successful for us.

A

Yeah. There's so many areas to start in and advance into over time, which I don't think people think about. They think about cybersecurity as like this very technical complex. It is. But you can also start small. You can start off as a risk assessor.

B

Definitely.

A

Yeah. That's really great advice. Any last thoughts or comments or insight to add before we end? This has been terrific.

B

No, no, I'm just curious what records you would bring to a desert island as well.

A

Oh, records. Oh, music. Oh, well, I mentioned the Doors earlier, so probably a Doors record. Probably Soft Parade or Morrison Hotel or Ellie Woman. I don't know. I love them all. Grateful Dead. I'm a huge Deadhead, so I still follow them around. So I was just at the Sphere for three shows.

B

Very cool.

A

In Vegas in June. Yeah. So they're. And they're still rocking. It's amazing. I love the Stones, so maybe Sticky Fingers album or Exile on Main Street. So I'm an old time rocker, but I love jazz and I love, I love all sorts of music, so very cool. Yeah, no, thanks for asking me, though. Nobody's asked me that.

B

Sure.

A

It's great. Excellent. All right, so again, thank you, Andrea, for joining us. This is Ed Gaudette from the Risk Never Sleeps podcast. And if you're on the front lines protecting patient safety and delivering patient care, remember to stay vigilant because Risk never sleeps. Thanks for listening to Risk Never Sleeps. For the show, notes, resources and more information and how to transform the protection of patient safety, Visit us@cincinnat.com that's C-E N S I N E T.com I'm your host, Ed Gaudet. And until next time, stay vigilant because Risk never sleeps.