Skip to main content

Get Down With the Data: The CFO’s Role in Data Governance

Analysis  |  By Marie DeFreitas  
   April 17, 2025

Data governance is a big task.  Where does the CFO fit in?

I know what you’re thinking: “Data governance is not a CFO’s job.” You’re right. It’s likely not in the job description. However, as both healthcare and technology evolve, so do their strategies, whether operational, technological or governing. For CFOs to understand the full scope of how their organization uses, protects and even profits off of its data, they need to have a hand in data governance.

Jim Dregney, CFO of Sauk Prairie Healthcare, says that while his organization has a leader in charge of data analytics and management, there is room for improvement.

“Data governance is tough,” he says. “The simple volume of information that is available through all of the various sources of data is daunting. There certainly is a need for the CFO to have a role in data governance.”

Much of the data comes from sources that the CFO has direct oversight of and reflects financial performance in addition to operational performance that impacts financial stability,” He adds.

Data management can get complicated and messy. Close to everyone in a health system will interact with data, but that doesn’t mean it is always a smooth or simple interaction.

“One complication is that there can be multiple data fields that seem to report the same information, but they are actually quite different,” Dregney explains. “For example, when looking at patient volumes for a particular period of time, it is important to know the source of the data.  Is it coming from the patient scheduling module or the billing module?  If you’re looking at productivity measures, you would likely be looking at the number of scheduled visits for the time period, whereas if you’re doing analysis on average charges per patient visit, you would likely be looking at the number of visits or procedures for which charges have been posted.”

How “the data is reported and used once it’s in the system” Dregney says, “is entirely dependent on how the data is captured and entered into the system.”

The data that is brought in and used affects close to everyone in the organization, so one individual, or a small team of individuals, can’t effectively assess how the organization’s data is captured, used, protected, and distributed. As healthcare progresses and faces new challenges and opportunities, data governance will require a more hands-on approach (with more hands), from different parts of the organization.

“To do this effectively, it requires more than just the CFO or a limited number of leaders,” Dregney says. “It requires engagement and participation by all staff along a patient’s entire care journey.”

CFOs must recognize their role in data governance and how it can affect operations and finances.

 “Every piece of data can be an effective analytic tool to improve operations,” Dregney says. “If there are gaps in the collection process, it can result in significantly impaired decision-making processes that put performance at risk.”

Data Deals

As healthcare organizations recognize the value and power of healthcare data, they can leverage this data to create more strategic partnerships that provide long-term value rather than just short-term licensing fees. However, health systems considering a data transaction, whether in the short or long term, should take a few practical steps so that they are well positioned for a future transaction.

For health systems looking to use their de-identified data in transaction deals, developing a data governance strategy to determine which methods can and should be used to de-identify the data can help create a clearer path to how it can be used and its value maximized. Creating a collaborative task force to tackle data deals and governance can be a great starting point.

Cybersecurity

When it comes to protecting healthcare data, the strategies for doing so have drawn scrutiny over the last year since the Change healthcare cyberattack. Organizations are ensuring they stay up to date with the latest software and security practices to prevent a breach of their own.

Cybersecurity intersects with data governance in a big way, from regulatory compliance to risk management, to data life cycle management, to security access and training. With so much of the foundation of a health system tied to these two categories, CFOs need to be on board with data protection strategies and governance before it becomes a giant financial issue like a ransomware attack.

By recognizing the importance of data protection through robust cybersecurity and data management investments, CFOs can continually examine how these investments are or are not benefitting the organization. While cybersecurity may be traditionally thought of as the CTO’s job, CFOs can collaborate with CTOs to understand the full value of cybersecurity investments and what makes one data protection technology better than the other.

Marie DeFreitas is the CFO editor for HealthLeaders.


KEY TAKEAWAYS

As healthcare data becomes more nuanced and more valuable, the opportunities and pitfalls for data governance are vast.

Through data governance CFOs can gain a fundamental understanding of its importance to operations and finances.

CFOs can work with CTOs and data analyses to create a data governance strategy


Get the latest on healthcare leadership in your inbox.