Collaboration and training are two ingredients for a successful cybersecurity strategy.
The Change Healthcare cyberattack caused more damage to the healthcare industry than any previous attack, and the industry is still recovering.
Laurie Beyer, CFO of Greater Baltimore Medical Center, remembers this chaos well.
“We were processing all of our hospital claims through Change Healthcare,” she says. “We had to immediately get clinicians, IT, legal, billing, and myself all together and see how we're going to turn this around because it was impacting cash.”
Beyer says teamwork played an important role in the health system’s recovery.
“We ended up quickly pivoting to another clearing house,” she adds. “That decision was made in collaboration with all the important parties. That wasn't something that I just did on my own.”
The situation was intense, but not totally unfamiliar to Beyer, GBMC had suffered a cyberattack just a few years earlier.
“We had a cyber attack at the end of 2020, so we were still in the pandemic, and we were down for a month,” she says.
This challenge required an intense amount of collaboration and teamwork, Beyer says. The collaborative process involved huddles with all key constituents and figuring out how the system would process payroll and conduct other financial services.
Adding to the intensity was the fact that GBMC didn’t have a chief operating officer, who had retired and wasn’t replaced. Out of necessity, Beyer stepped to the forefront and worked with her team and the health system’s vendors to get operations back online.
Then came the question of “how do we make ourselves safe?” Beyer says.
A contributing factor to GBMC’s 2020 cyberattack was out-dated equipment (also one of the causes of the Change Healthcare attack).
“It happened because we had old equipment that hadn't been updated, and the [hackers] could get in easily,” Beyer says. “So we had to update all the equipment, get it up to 2021 standards.”
“The other thing we did, we had everything on one network when we got attacked, so everything went down,” she says. “ Working together, we segmented the electronic medical record from the imaging system, etc., so hat if we get attacked [again], it's not so devastating. That was a huge undertaking.”
With so many interdependent processes in healthcare, health systems that are able to immediately jump into smooth, familiar collaborations can make all the difference when a cyberattack occurs.
“I think we had one person in cybersecurity, so we had to bring on more resources and actually make homegrown people that we trained,” Beyer says.
Training staff was a large part of the process to building a team that could handle hectic events like cyberattacks, Beyer says.
“We had to really build the team internally,” Beyer says.
Beyer says cybersecurity is a part of GBMC’s quarterly Audit Compliance Committee, illustrating the direct impact of collaboration between finance and IT.
“Our chief Information officer and cyber manager will present, and give a lay of the land first, then we’ll discuss how GBMC is doing, and how vulnerable we are against all of the scoring that is out there,” Beyer says.
Now, “we're actually in a pretty good spot,” Beyer says.
CFO Lessons Learned
Collaboration
CFOs don’t need to act as assistant CTO, but they do need to ensure they are on the same page. Ensuring all cyber security software and equipment is up-to-date can help curtail cyberattacks before they turn into massive financial challenges.
Training
Beyer says training and certifying staff helped ensure that the system was prepared if another cyberattack were to happen. This, along with close-knit teamwork, helped to ensure that IT operations ran smoothly, as well as ensuring the organization remained agile and could quickly make decisions and pivot when needed.
For CFOs, isolated decision making is a strategy of the past.
Laurie Beyer, CFO of Greater Baltimore Medical Center, has over 25 years of experience in finance and healthcare. She knows what goes into successful operational strategies, it’s close-knit collaborations that CFOs need to be a present for. Being in tune with the strategy of the organization and everyone involved in it helps CFOs make the most informed decisions and deploy resources where necessary.
"Early in my career when I didn't really know what it would take to be a CFO, there was a tendency to want to make decisions in isolation," she says. "But over the years, I've learned that you need to be part of the strategy group and just make sure that you're in tune with the strategy so that you can actually help with deployment of resources."
Check out what she had to say in this quick clip or dive into the full interview here.
A different type of CFO model is growing in popularity as health systems face high turnover rates.
As the CFO role becomes more demanding, health systems and hospitals are seeing an exodus of chief financial executives. A recent study put the CFO turnover rate at 22% in 2024, a three-year high.
To address the turnover problem, some organizations are turning to fractional CFOs.
A fractional CFO is a chief financial executive who works on a part-time or project-based basis rather than being a full-time employee, and differs from an interim CFO, who is at the organization for a shorter period of time, usually during a transition. Fractional CFOs can give organizations a cost-effective way to access high-level financial guidance without the expense of a full-time CFO.
Fractional vs Traditional
When deciding to go with fractional a CFO vs a traditional one, it all depends on what the health system needs, both in the short term and long term. Weighing direct costs like salaries and benefits against indirect costs such as overhead, training, and opportunity expenses is essential.
Costs
Although traditional CFO salaries vary widely depending on the size and operations of the health system, the average healthcare CFO salary is about $123,000. In addition, typical CFO compensation includes benefits and long-term investment.
For fractional CFOs, compensation is usually based on hourly rates or monthly retainer fees, with studies indicating the average hourly rate for fractional CFOs in healthcare is between $200 to $350 an hour.
It's critical to examine this direct cost; while traditional CFO positions require more substantial salary costs, with fractional CFOs, health systems can avoid high fixed expenses and pay only for the time needed.
Strategy and Responsibilities
While traditional CFOs provide deep integration and continuous oversight, a fractional CFO can be tailored to include only the necessary strategic tasks, such as financial forecasting, risk management, or cash flow analysis.
A flexible financial leadership could allow health systems to scale services during rapid change without long-term commitments. However, if a health system is looking for more of a strategic financial partner who is dedicated to the mission of the organization, continuous collaboration, the culture, and the staff, a traditional CFO hire might be more fitting.
Executive Insight
Brandon Williams, CFO of Providence, a HealthLeaders Exchange member, says fractional CFO models may be on the rise in healthcare because of the flexibility and lower costs.
"I do believe we will see more fractional CFOs or similar models in the future," he says. "Many fractional CFOs have a diverse background and processes they have learned in other disciplines."
While there are benefits to both, Williams says the key is how health systems align long-term
and short-term strategies.
"A fractional CFO is not a long-term answer for large complex organizations, but they can bridge knowledge gaps, implement sustainable processes and provide strategic guidance."
Other Fractional CFO Models
Sutker-Moran, a business consulting and CFO services firm with healthcare clients, uses a team-based fractional CFO model, deploying a small team of financial executives who are paid as W2 employees through the firm. The team typically consists of three employees: a managing director (thought of as the CFO), a director (thought of as the controller), and a staff associate.
"At the end of the day, we're trying to provide the skill set and role needed for the company, mirroring and matching what the demand is of that business," says Scott Moran, president of Sutker-Moran. "So complexity could drive that, size could drive that, a lot of things can drive it."
GuideStar ElderCare, a provider of neurobehavioral eldercare and dementia care medical services to long-term care, nursing facilities and memory care facilities, is putting that model to work.
As the organization expanded to meet growth needs, Founder and CEO Steven L. Posar, MD, said he wanted someone who understood the financial concerns of a larger provider.
"The people that we had in place, simply weren't able to evolve with the change," he says.
Being an almost exclusively government-funded organization through Medicare and Medicaid, Posar says the organization also needed someone who was familiar with these programs as the pressure to hire ticked up.
Besides basic blocking and tackling financial tactics, Posar says flexibility was a key to making the decision. The organization needed someone to make sense of managed cash flow, the RCM function and "an organization with multiple capabilities that we could flex as needed."
Moran says he believes that more healthcare companies, will explore these models as they grow in popularity.
"The marketplace is changing the demands of the CFO is at an all-time high, and the supply," he says. "is continuing to diminish really from both ends."
Key Considerations
When deciding to go with a fractional vs traditional CFO, there are a few key considerations health systems must examine including:
-Indirect costs: onboarding, training, any additional costs that impact health system finances.
- Flexibility and scalability: adjustable service levels based on immediate needs versus long-term commitments.
- ROI and efficiency: measurable improvements in cash flow, profit margins, operational efficiency etc.
Companies can conduct a comprehensive financial leadership cost comparison by focusing on these elements and deciding which is best for the organization.
Bigger isn't always better, says the chief financial executive of a Baltimore-based hospital.
For Laurie Beyer, taking her financial expertise into healthcare just made sense.
Beyer joined GBMC HealthCare as vice president and CFO in October 2017, bringing more than 25 years of experience in accounting and healthcare to the Baltimore-based hospital.
"You can make a difference if you're really helping a community carry out the mission; that's what is attractive to me," she says. "Even though I'm the one who has to tell people 'no,' at the end of the day, our decisions are driven by making sure patients are taken care of, that we provide high quality care, and that we keep people safe."
Beyer previously worked at Union Hospital of Cecil County, a 125-bed rural hospital in northeast Maryland. She served as senior vice president and CFO for 11 years, and after transitioning to GBMC, a much larger system, she found that bigger doesn't always mean better.
"I found that when I got here to GBMC, some of the things that we did at the smaller hospital were actually better than here," she says. "So size isn't always best. Because actually the smaller you are, the nimbler you are to make decisions."
Because GBMC HealthCare is much larger, Beyer's work involves larger operational plans and strategies. But she says the organization has found agility in other ways, including by remaining independent.
"We are nimble here because we're still independent," she says. "We have an affiliation with Johns Hopkins for certain services that we don't provide or that we don't employ, but for the most part we are independent."
But there's more to the concept of agility for a health system than simply making decisions independently. Beyer says building a strong, skilled team, especially within the finance department, is a big component, particularly for reimbursement.
Maryland is exempted from the Centers for Medicare & Medicaid Services' Inpatient Prospective Payment System (IPPS) and Outpatient Prospective Payment System (OPPS) due to a Medicare waiver. This allows the state to set its own hospital reimbursement rates, ensuring all payers pay the same amount for services.
When Beyer joined GBMC HealthCare, the organization was spending close to $1 million on outsourcing financial services. To navigate this challenge Beyer recruited two seasonsed leaders to create a high-functioning internal reimbursement department, she says. Building the right skill sets to tackle the system's specific challenges is vital. Beyer says CFOs can help educate staff by holding educational meetings throughout the finance division for the managers as well as the staff to explain the elements of the operation, how they fit in and how they impact the financial results.
"Make sure that you've got the right team, establish relationships with your peers, [and] be available and be present," she says. "It's important to establish relationships so that when you do have a crisis that you can come together and solve it quickly."
As healthcare becomes more nuanced, with more operational and regulatory factors to consider, CFOs are realizing that collaboration Is essential. Building agility within the finance department means bringing together a team that can work together when needed and still use their individual skill sets to get things done. Beyer says collaborating with her COO, CMO, CIO and CNO helps her to have a solid understanding of all the areas of the hospital and it's operations. "I am an active participant on our strategy group and lead various initiatives. I meet regularly with each of the Senior leaders to offer assistance and feedback on their business plans," Beyer says.
"Early in my career when I didn't really know what it would take to be a CFO, there was a tendency to want to make decisions in isolation," she says. "But over the years, I've learned that you need to be part of the strategy group and just make sure that you're in tune with the strategy so that you can actually help with deployment of resources."
Here's what CFOs need to know about data governance.
As healthcare data becomes more nuanced and more valuable, the opportunities and pitfalls for data governance are vast. But through this governance CFOs can gain a fundamental understanding of its importance to operations and finances.
Check out this infographic for three quick tips on how CFOs can help with data governance.
From collaboration to self-awareness, here’s what CFOs are doing to make their jobs easier.
Forging a path to success in today’s healthcare landscape is no easy task for CFOs. From collaborations big and small, to driving operational innovation, to staying receptive to the needs of staff and colleagues, CFOs are expected to juggle a lot.
Recent interviews with several financial leaders at health systems across the country offer an idea of the top challenges they’re facing, as well as the opportunities they see for improvement.
Check out this infographic for the best CFO advice from our stories.
Clinical Collaboration
The CFO’s role has evolved a lot over the past few years. The demands of the position are putting new emphasis on collaboration, particularly with others in the C-Suite. CFOs can no longer make decisions without thinking how they impact other departments, like clinical care, IT and revenue cycle management. .
Bradley Hipp, CFO and Vice President of TMC Health in Arizona, says he has learned a lot about collaboration over his career. Prior to joining TMC, Hipp served as chief financial officer for Banner University Medicine Tucson, and he has also held finance leadership positions with Loyola Medicine and WellPoint.
Collaborating with clinical teams is a huge component to a CFO’s role, he says. Thinking of physicians as partners, not employees, is vital; both physicians and nurses have the expertise and the scientific mindset to think through operational challenges.
Hipp’s advice: “You think that you're so important with what you're trying to do, but if you don't have that collaboration with those physicians then you're not going to be successful."
Steady Innovation
A forward-thinking mindset goes hand-in-hand with the CFO’s role. From forecasting, to investments, to service lines, to technology, CFOs often feel the pressure to be a couple steps ahead of the game.
But the long game is often filled with speed bumps and barriers, and CFOs must be patient in waiting for financial results, especially when it comes to big technology investments. Sergio Melgar, CFO of UMass Memorial Health, helped lead his team through a massive system overhaul to implement Epic’s EHR. He says CFOs may find themselves breaking through unexpected barriers in this time.
Melgar’s advice: “You'll need to sort of break through more, call it personal barriers, than necessarily the system barriers.”
Being a Good Communicator
Lastly, in order for CFOs to successfully work alongside their team, they need to prioritize interpersonal and leadership skills.
Kurt Barwis, CEO of Bristol Hospital, has a long career in healthcare and beyond that spans decades, including positions of senior vice president, chief operating officer, chief financial officer, and director of patient services resources. Barwis, a registered lobbyist in Connecticut, also serves on the Board of Governors of the American College of Healthcare Executives and is a fierce advocate for healthcare reform.
He says as communication strategies change within health systems over time, effectively communicating across domains can become more challenging, making self-awareness and interpersonal skills more crucial than ever.
Barwis’ advice: "The CFOs of the future really do have to have that strategic knowledge. They may be smart, but you can't put them at the top of your organization if they have no people skills, no interpersonal skills, and, most importantly, no self-awareness skills."
Data governance is a big task. Where does the CFO fit in?
I know what you’re thinking: “Data governance is not a CFO’s job.” You’re right. It’s likely not in the job description. However, as both healthcare and technology evolve, so do their strategies, whether operational, technological or governing. For CFOs to understand the full scope of how their organization uses, protects and even profits off of its data, they need to have a hand in data governance.
Jim Dregney, CFO of Sauk Prairie Healthcare, says that while his organization has a leader in charge of data analytics and management, there is room for improvement.
“Data governance is tough,” he says. “The simple volume of information that is available through all of the various sources of data is daunting. There certainly is a need for the CFO to have a role in data governance.”
“Much of the data comes from sources that the CFO has direct oversight of and reflects financial performance in addition to operational performance that impacts financial stability,” He adds.
Data management can get complicated and messy. Close to everyone in a health system will interact with data, but that doesn’t mean it is always a smooth or simple interaction.
“One complication is that there can be multiple data fields that seem to report the same information, but they are actually quite different,” Dregney explains. “For example, when looking at patient volumes for a particular period of time, it is important to know the source of the data. Is it coming from the patient scheduling module or the billing module? If you’re looking at productivity measures, you would likely be looking at the number of scheduled visits for the time period, whereas if you’re doing analysis on average charges per patient visit, you would likely be looking at the number of visits or procedures for which charges have been posted.”
How “the data is reported and used once it’s in the system” Dregney says, “is entirely dependent on how the data is captured and entered into the system.”
The data that is brought in and used affects close to everyone in the organization, so one individual, or a small team of individuals, can’t effectively assess how the organization’s data is captured, used, protected, and distributed. As healthcare progresses and faces new challenges and opportunities, data governance will require a more hands-on approach (with more hands), from different parts of the organization.
“To do this effectively, it requires more than just the CFO or a limited number of leaders,” Dregney says. “It requires engagement and participation by all staff along a patient’s entire care journey.”
CFOs must recognize their role in data governance and how it can affect operations and finances.
“Every piece of data can be an effective analytic tool to improve operations,” Dregney says. “If there are gaps in the collection process, it can result in significantly impaired decision-making processes that put performance at risk.”
Data Deals
As healthcare organizations recognize the value and power of healthcare data, they can leverage this data to create more strategic partnerships that provide long-term value rather than just short-term licensing fees. However, health systems considering a data transaction, whether in the short or long term, should take a few practical steps so that they are well positioned for a future transaction.
For health systems looking to use their de-identified data in transaction deals, developing a data governance strategy to determine which methods can and should be used to de-identify the data can help create a clearer path to how it can be used and its value maximized. Creating a collaborative task force to tackle data deals and governance can be a great starting point.
Cybersecurity
When it comes to protecting healthcare data, the strategies for doing so have drawn scrutiny over the last year since the Change healthcare cyberattack. Organizations are ensuring they stay up to date with the latest software and security practices to prevent a breach of their own.
Cybersecurity intersects with data governance in a big way, from regulatory compliance to risk management, to data life cycle management, to security access and training. With so much of the foundation of a health system tied to these two categories, CFOs need to be on board with data protection strategies and governance before it becomes a giant financial issue like a ransomware attack.
By recognizing the importance of data protection through robust cybersecurity and data management investments, CFOs can continually examine how these investments are or are not benefitting the organization. While cybersecurity may be traditionally thought of as the CTO’s job, CFOs can collaborate with CTOs to understand the full value of cybersecurity investments and what makes one data protection technology better than the other.
Health system layoffs are on the rise. This year so far a large number of hospitals and health systems have laid off workers due to financial and operational challenges. Check out this infographic to zoom in on the issue, and what CFOs can do about it.
From collaboration to self-awareness, here’s what CFOs should know.
Forging a path to success in today’s healthcare landscape is no easy task. From collaborations big and small, to driving operational innovation, to staying receptive to CFOs are expected to juggle a lot.
Check out this infographic for the best CFO advice from our stories.
What factors play into implementing value-based care models to help contain costs?
On this episode of HL Shorts we hear from James Dregney, CFO of Sauk Prairie Healthcare. Dregney dives into the opportunities and challenges that arise when implementing value-based care models, including robust care coordination and preventative care.
