Print Page   |   Contact Us   |   Sign In
E-Briefings – Volume 16, No. 5, September 2019

Welcome to The Governance Institute’s E-Briefings!

This newsletter is designed to inform you about new research and expert opinions in the area of hospital and health system governance, as well as to update you on services and events at The Governance Institute.

Click here to download the full PDF version.

Evaluating Health System Partnerships

Maintaining a diversified partnership portfolio has become a core skill set and business model used by leading health systems to support several elements of their strategy. This article provides specific guidelines around why and how health systems should regularly evaluate their full range of partnerships using a disciplined approach, especially in markets where the pace of change is rapid.

Read More

Collapse Article

By Robert York, Principal, and R. Christopher Regan, Founding Partner and Managing Director, The Chartis Group

Key Board Takeaways

  • Identify when the last comprehensive evaluation of each partnership occurred, and whether leadership is confident they are achieving the intended goals for each partnership.

  • Be ready to act on alternative options and a go-forward path if the partnership is not achieving the desired results.

  • Encourage incorporation of a formal partnership review process as part of the regular planning cycle for the organization.

Health systems continue to invest significant time and resources in designing, negotiating, and implementing various types of partnerships and affiliations. Market consolidation and partnership activity remained the top trend highlighted in Definitive Healthcare’s 2019 Annual Healthcare Trends Survey, which tracked 803 mergers and acquisitions and 858 affiliation and partnership announcements in 2018. The same level of activity is projected for 2019 as health systems employ a broad range of partnership models to fortify their strategic position and performance. These partnerships include innovative relationships with different types of partners across the care continuum to expand their capabilities and geographic reach.

Maintaining a diversified partnership portfolio has become a core skill set and business model used by leading health systems to support several elements of their strategy. The level of investment and dependency placed on partnerships requires health system boards and management to regularly evaluate existing partnerships in the context of changing market conditions and their evolving strategy. In most cases, leadership has greater visibility into partnerships with significant strategic or economic impact; however, systems don’t always have as good a sense of the value being derived from their overall portfolio, which may include numerous, smaller partnerships. Although the focus and scope of each organization’s partnership portfolio varies, the following approach to evaluating partnerships can be adapted to suit each organization’s unique needs. This approach can be expanded to address a variety of affiliation arrangements and can also be used by multiple parties seeking to jointly evaluate a new partnership.

Evaluating Existing Partnerships: Types of Questions Health Systems Are Asking

Many organizations conduct periodic reviews of specific partnerships, especially when challenges are encountered. However, health systems should regularly evaluate their full range of partnerships using a disciplined approach. This is particularly true in markets where the pace of change is rapid. Sample questions raised by health system leadership as they evaluate existing partnerships include:

  • Our managed service agreement (MSA) partnership model has worked well historically to align like-minded health systems across the region. Can this model continue to deliver benefits going forward given the need for greater clinical and economic integration across the region? How should we evolve the MSA to better align with the market, our organization, and our regional partners?

  • We are no longer sure our existing academic partners are fully aligned with us. What options exist to change this or is it time to move on?

  • Our pediatric ambulatory joint ventures called for achievement of several near- and long-term goals. How have we performed against those goals?

  • Will our partnership arrangements with outlying rural hospitals support our direction for the next 10 to 20 years? Do we need to re-evaluate our partnership model?

  • Is the value of our population health collaborative diminishing? How might it evolve to deliver greater value? Alternatively, is it time to pursue other options?

  • Our oncology network has worked well, but we want to align more closely with our health system and physician partners to achieve added benefit. What options exist to advance the oncology network partnership model? How does the clinical and economic alignment model need to evolve? How would changes benefit both parties?

  • We appear to have hit a wall with our existing payer partner in our Medicare Advantage product. What can we do to reinvigorate the partnership through new market, product, or economic models?

Proposed Approach for Evaluating Health System Partnerships

1. Profile the Existing Partnership(s) for Evaluation

Identify the partnerships to be reviewed and the key aspects of those partnerships to be evaluated. The elements to be profiled will vary depending on the nature, duration, and objectives of the partnership. At a minimum, the profile should include:

  • A summary of the strategic rationale, goals, and structure of the partnership

  • The specific terms, conditions, and commitments made and status of each

  • Progress to date in relation to the overall goals and specific quantitative and qualitative metrics established to gauge the success of the partnership

  • An evaluation of the respective contributions to date and satisfaction levels with relationships between and among the partners

  • A summary evaluation of the success of the partnership

The review process should also include the identification of any goals that were not achieved and an assessment of why they were not achieved.

2. Reassess the Current and Projected Market Environment

The basis of competition is rapidly evolving in healthcare. Each organization should ground its partnership review in a fresh consideration of the current and future market environment. What will it take to be successful in the future? Where do competitive vulnerabilities exist? What must be done to remain successful in the changing environment? Answering these and other questions may suggest that this review be conducted as part of a broader strategic planning process. The assessment should consider projected changes in demographics, socioeconomic conditions, the inpatient and ambulatory competitive landscape, physician provider requirements, payment model and pricing reforms, consumer expectations, evolving technologies and care models, and purchaser expectations. The board and senior leaders can then highlight future requirements for success as well as current gaps in relation to those requirements.

3. Refresh Organizational Goals and Objectives and Re-evaluate Existing Partnership(s)

Based on the information above, leadership should summarize its overall assessment of the partnership’s performance to date. Once the current state of the partnership has been assessed, update the goals and the criteria for evaluating the partnership’s future success. If the original goals are still valid, identify options to strengthen the partnership and make it more beneficial and successful in relation to those goals. Highlight opportunities to expand upon the original objectives. In some cases, fundamental changes in the structure and means of operating the partnership may be needed. The partnership should be re-evaluated in relation to these refreshed goals.

4. Identify and Evaluate Go-Forward Partnership Options

Based on the results of the above evaluation, consider ways the partnership can evolve. Leadership may want to contemplate alternative structural or operational approaches to better achieve the refreshed goals and objectives. Options might involve a different governance or management model to better align the partners’ interests, or an adjustment to the financial expectations or the economic model for the partnership. Significant strategic and financial analysis of the various options is frequently required to make an informed decision at the management and board levels.

5. Define the Preferred Path Forward, Then Act

Finally, the organization should reset the strategies and objectives for, and method of, operating its key partnerships. In cases where changes are desired, it is important to identify next steps in a timely manner. Even if the decision is to stay the course with modified objectives, the organization will need to reaffirm the current partnership model and course of action. A plan of action should specify the timing and resources required for any recommended changes in the partnership models or strategies.


The significant time, finances, and strategic expectation invested in partnerships justifies regular evaluation by the board and management. It’s critical to have a formal partnership review process that is incorporated into the organization’s planning cycle and is conducted across the broad portfolio of partnerships developed over time. Health systems should begin by identifying when the last comprehensive evaluation of each partnership occurred, and whether leadership is confident they are achieving the intended goals for each partnership.

The Governance Institute thanks Robert York, Principal, and R. Christopher Regan, Founding Partner and Managing Director, at The Chartis Group for contributing this article. Both authors are leaders in the firm’s Partnerships Practice. They can be reached at and

Cyber Risk Management: A Business Enabler (Not an IT Issue)

Cyber risk management is not an “IT problem”; it is an enterprise risk management matter that can be harnessed into a business enabler. The healthcare industry is experiencing a time of unprecedented change, including ongoing digital transformation. This article explains why hospitals and health systems must simultaneously undergo a cyber risk management transformation.

Read More

Collapse Article

By Bob Chaput, Executive Chairman and Founder, Clearwater

Key Board Takeaways

The first step in addressing cyber risk is engaging in a conversation about what cyber risks exist, the potential impacts on your organization, and steps that can be taken to strengthen the CRM program. Following are some key discussion questions to get you started:

Have you discussed fiduciary responsibility, duty of care, and reasonable diligence with respect to managing cyber risk?
In the event of a successful cyberattack on your organization, how prepared is the CEO to address concerns from internal and external stakeholders, with strong, unequivocal messaging about the CRM program?
Is your current approach to CRM well-aligned with the organization’s vision, mission, values, and services?
Is your organization likely to be involved in any M&A activity in the next several years? Would your approach to CRM pass the due diligence process?
Is your organization prepared to go toe-to-toe with healthcare industry disruptors with respect to its ability to protect data from cyber risks?

Cyber risk management (CRM) is not an “IT problem”; it is an enterprise risk management matter that can be harnessed into a business enabler. The healthcare industry is experiencing a time of unprecedented change, including ongoing digital transformation. We must simultaneously undergo a CRM transformation.

Healthcare continues to be the single most-targeted industry for cyberattacks1—and your organization might be next (if you haven’t been attacked already). The consequences of cyberattacks on hospitals and health systems can be far-reaching. Patient lives may be at risk, for example, when a ransomware attack disrupts the availability of data and a provider is unable to deliver services. An organization’s finances and reputation can be put at risk as well. Violations of the privacy and security requirements spelled out in the Health Insurance Portability and Accountability Act of 1996 (HIPAA) can result in fines, penalties, and corrective actions being levied against the organization. And more recently, litigation related to data breach incidents has demonstrated an increased risk of personal liability for an organization’s directors and officers.

Personal Liability

In the 1996 Caremark decision, the Delaware Chancery Court declared that, in such actions, directors can be held personally liable for failing to “appropriately monitor and supervise the enterprise.”2 Recent data breach litigation shows how corporate executives and board members can be at risk of personal liability when a cybersecurity incident occurs

Derivative litigation was also brought against Yahoo, Inc. for data breaches that occurred in 2014 and 2016. The $29 million settlement, approved in January 2019, “represents the first significant recovery in a data breach-related derivative lawsuit targeting directors and officers for breach of fiduciary duty.”3 The litigation that followed the 2017 Equifax, Inc. data breach also named certain officers and directors of the organization.4

HIPAA is the foundational legislation for the data security and privacy requirements that apply to any entity that “creates, receives, maintains, or transmits protected health information.”5 HIPAA’s language sets expectations of organizations with definitions of reasonable cause, willful neglect, and reasonable diligence, which refers to the business care and prudence expected from a person seeking to satisfy a legal requirement under similar circumstances.6 The Office for Civil Rights (OCR) uses these definitions to evaluate the scope of responsibility the organization holds for lack of compliance with regulatory requirements and civil money penalties.

In the event of a cybersecurity incident or data breach, the courts and OCR want to know the same thing: did your organization do everything, within reason, that it could to prevent the incident from happening? Or did your organization demonstrate “negligence” or “willful neglect” with respect to your CRM responsibilities?

It is the role of executive leadership and the board, not IT, to provide informed direction and oversight for the organization’s CRM approach, activities, and strategy.

The Shift to Leveraging CRM as a Business Enabler

Hospitals and health systems are facing especially challenging times. Profit margins are shrinking as costs rise. Legislation, policies, and regulations are changing fast. Non-traditional organizations, like Apple and Google, are positioning themselves as industry disruptors, eager to claim a share of the $6 trillion in annual healthcare spending projected to take place in the U.S. by 2027.7 Following are just two examples of leveraging CRM to meet these challenges.

Facilitating M&A Activity

A survey by Definitive Healthcare identified consolidation as the most important trend impacting the healthcare industry in 2019.8 What role does CRM have to play in mergers and acquisitions (M&A)? A lot, it turns out. One of the drivers of healthcare M&A activity is “using data more effectively to improve quality and outcomes, such as through personalized medicine or interoperable data exchange.”9

A global survey of M&A professionals by the Merrill Corporation found that “data privacy” concerns were among the most likely factors to sink a healthcare M&A deal, right after “political uncertainty” and “investor confidence.”10

Regardless of whether your organization is primed to acquire another organization or to be acquired, it is critical to build M&A considerations into your CRM program.

Competing with Disruptors

In its 2018 report on healthcare industry disruption, Pricewaterhouse Coopers (PwC) identified “technology invaders” shaking up the industry.11 PwC describes technology invaders as “technology companies seeking to grab a greater foothold in healthcare.”12 Apple is one example with its Health app.13 Other examples include Google and Amazon. As global players, they also bring mature CRM experience and resources to the table to meet stringent compliance, data privacy, and security and risk management standards from around the world. What this information points out is that all healthcare organizations—whether traditional or disruptive—need to pay attention to data privacy, security, and CRM issues to be competitive.

The Governance Institute thanks Bob Chaput, Executive Chairman and Founder, Clearwater, for contributing this article. He can be reached at or (615) 496-4891.

1Managing Enterprise Risks in a Digital World: Privacy, Cybersecurity, and Compliance Collide, 2019 Data Security Incident Response Report, BakerHostetler.

2Brenda Sharton and Gerard Stegmaier, “Breaches in the Boardroom: What Directors and Officers Can Do to Reduce the Risk of Personal Liability for Data Security Breaches,” Thomson Reuters, 2015.

3Freya K. Bowen, “Recent Developments in Yahoo and Equifax Data Breach Litigation Suggest Increased Risk of Personal Liability for Directors and Officers for Cybersecurity Incidents,” Perkins Coie Tech Risk Report, February 6, 2019.


545 CFR § 160.103

645 CFR § 160.401

7“National Health Expenditure Projections 2018–2027, Forecast Summary,” Centers for Medicare & Medicaid Services, 2019.

8“Definitive Healthcare Releases Results of 2019 Annual Healthcare Trends Survey” (press release), Definitive Healthcare, April 22, 2019.

9Keith Anderson, Robert Belfort, and Fatema Zanzi, “Mapping the Healthcare M&A Landscape,” Manatt, Phelps & Phillips, LLP, March 22, 2019.

10“M&A Professionals Bullish on Healthcare Deals for Next Year, Despite Political Uncertainty Concerns: Merrill Insight Poll,” Merrill Corporation, May 22, 2019.

11The New Health Economy in the Age of Disruption, PwC Health Research Institute, April 2018.


13“Institutions That Support Health Records on iPhone and iPod Touch (Beta),”, August 19, 2019.

Rethinking Physician Leadership

There are more physician leaders than ever at every level, yet we still need more and better physician leadership, everywhere. Hospitals and health systems still struggle to control costs, solidify quality in any comprehensive way, and energize clinical work environments while responding effectively to the population-level challenges of health. This article offers tips on what boards, CEOs, and leadership development personnel can do to improve physician leadership.

Read More

Collapse Article

By Larry McEvoy, M.D., Founder, Epidemic Leadership

Key Board Takeaways

What boards can do:

  • Emphasize high-capacity leadership and scaling collective intelligence as a strategic foundation for systemic function; learn how leading-edge adaptive organizations are leveraging systems thinking in their leadership development approaches.

  • Ask for a “leadership capacity” audit from the organization and match its attributes and design against requisites of developing high-capacity leaders and effective scaling of new thought and action patterns.

  • Create ongoing dialogue from both developers and participants about how the organization is scaling capacity and creating intended and surprising effects.

  • Ask how your executives and physician leaders are creating leadership capacity around, and how they themselves are understanding, the changing role of leaders in true systems.

What CEOs and leadership development personnel can do:

  • Emphasize learning together, across boundaries, both “in the classroom” and in practical settings; understand physicians have much to learn and much to teach.

  • Integrate experiential learning with practical “on-the-job stretch-and-learn” beyond comfort zones and outside of boundaries. (This doesn’t mean dermatologists should do heart surgery; it does mean asking people to lead topics and processes that are out of their—and your—comfort zone.)

For quite a while, healthcare boards and senior leaders have heard (or said) these words: “We need physician leadership.” Over the last two decades, they have seen the emergence of increasing numbers of formal positions, the proliferation of internal and external physician leadership programs, and large numbers of physicians pouring into physician leadership efforts. Today those clinicians, who now include PAs and NPs, have their own questions and concerns: “Where do I go now—where are they going to put all of us?” “It feels like people only want us to lead so much.” “We can’t do it without them,” as they nod toward the administrative suite.

Healthcare organizations have more clinician CEOs, board members, CMOs, and dyad structures. There are more physician leaders than ever at every level, yet we still need more and better physician leadership, everywhere. Hospitals and health systems still struggle to control costs, solidify quality in any comprehensive way, and energize clinical work environments while responding effectively to the population-level challenges of health. Perhaps most tellingly, the tribal divide between “administration” and “clinician” is as wide as ever. Organizations are moving too slowly and people are redlined—we can do great things in healthcare, but we still have a sick system.

Amid all the tools, programs, certifications, and roles, something’s missing. It’s time to rethink physician/clinician leadership development—not to throw out all the good things that are happening, but to move to a new level of impact and energy. If we really want a system of health, we’re going to have to focus on the health of our system. I suggest we make two shifts: from competency to capacity and from skill to scale.

Moving beyond Competency and Skill

Both increasing capacity and the ability to scale are characteristics of sustainable systems, but healthcare organizations are not yet modeling physician leadership development around these key dimensions. Most leadership programs are aimed at individual skills and competencies (to be plied in settings of varying sizes from one-on-one conversations to large multi-disciplinary processes). These are helpful adjuncts to leadership, but its highest use is to amplify the performance, learning, and vitality of the organization in every nook and cranny. Skills and competencies help us deal with the component parts of leading an organization, but they don’t necessarily help us move entire systems where patterns of thought, interaction, and action define performance and behavior of the organization as a whole.

The fundamental challenge of leadership is shifting these patterns across numbers of people and processes in the face of innumerable known and unknown challenges. Focus too much on skills and competencies, and you risk a confining, rule-based organization that eliminates variability. (Eliminating variability is good, of course, when the variability itself is a risk for harm or error; eliminating variability is a disaster when that variability is the seed of improvement or innovation.)

Capacity is not the opposite of competency, but rather the ability to leverage competency (one’s own and that of others) to successfully think and act on unconventional and emerging challenges. If competency equips us to respond as leaders with “we have seen this before and we know what to do,” capacity equips us with the ability to think and act at multiple levels and from multiple angles when we don’t know what to do. High-capacity leaders certainly have skills, but their capability to understand and interact with wider varieties of people, challenges, and dynamics with a wider and more flexible set of mindsets and approaches makes them quantum contributors. Competency is the currency in a static and predictable world; capacity is the currency of a complex and unpredictable one—and healthcare is the poster child for complexity and unpredictability with all of its changing and moving parts.

Think of capacity this way: a skilled and competent carpenter may have many skills and be competent with a large complement of tools, but he/she can only build one way. The high-capacity carpenter has the same skills and tools, perhaps more (or even fewer), but he/she can build in a wider number of ways, in different architectural styles, on different terrain, and with a wider array of materials. Two leaders may have the same emotional intelligence scores and be equally competent at having a performance conversation, but the one that can think and respond at multiple levels can leverage emotional intelligence and performance conversations to a far deeper degree. Research by Anderson and Adams has shown that individuals with deeper thinking and emotional capability have a greater reservoir for understanding challenges and responding with a wider array of creative approaches—and create higher organizational results and performance.1

The potential limitation of the high-capacity individual is the reality that there are hundreds and thousands of particles known as free-thinking humans orbiting nearby—each who can have a positive or negative influence on the performance of a healthcare organization. The highest leverage of capacity is to multiply it in and across large numbers of people to go from high-capacity leader to high-capacity system. We tend to think of scaling as a directive phenomenon (“roll out,” “push down,” send the memo), but it’s far more participative and organic than that. Swarm intelligence (heavily studied by the military), cloud computing, and the design of AI all emanate from the same awareness that needs to mobilize leadership development in healthcare: the highest level of leadership is the summoning of collective intelligence in any and all settings so that performance is both predictable in stable circumstances and responsive to new realities


High-capacity and participative approaches to scaling are essential attributes of systemic leaders, but to get there we have to move beyond an obsession with competencies as the measure of leaders. Both capacity and approaches to scale are developable in leaders as part of a systems approach to leadership. Such approaches incorporate various skills and competencies and have the benefit of simplicity—they gain their power from encouraging leaders to dig deeper into how they think, how they generate deeper awareness, and how they can facilitate diffusion of new patterns of thought, interaction, and action beyond themselves by inviting others to participate, not to comply. Such an approach can increase precision but requires the relinquishment of control; it can escalate commitment but requires participation over direction; and it requires leaders to discard the ego of expertise and telling for the humility of learning and listening. Our times are telling us that if we want to function as a system, we’re going to have to learn and lead “as a system.” If a system is more than the sum of its parts, we’re currently focusing too much on the parts.

The Governance Institute thanks Larry McEvoy, M.D., past-CEO of Memorial Health System and the President and CEO of Epidemic Leadership, for contributing this article. He can be reached at

1Robert Anderson and William Adams, Mastering Leadership: An Integrated Framework for Breakthrough Performance and Extraordinary Business Results, Hoboken, New Jersey: John Wiley & Sons, 2015; Robert Anderson and William Adams, Scaling Leadership: Building Organizational Capability and Capacity to Create Outcomes that Matter Most, Hoboken, New Jersey: John Wiley & Sons, 2019.