Our vision is a world where everyone embraces health. In our Remarkable Leadership series, we talk with people who are making that vision a reality by leading the work to create a new system of health, empower our customers and communities, and better support every individual’s health journey.
Gary Dick has been with Highmark Health for over six years and serves as the chief information officer.
He focuses on delivering innovative technology solutions that fulfill Highmark Health’s mission of creating a remarkable health experience, freeing people to be their best.
His experience includes global infrastructure and application management, large-scale data center operations, mergers, acquisitions, and business redesign. Gary is passionate about improving quality, growing leaders, and expanding competitive employment opportunities for persons with disabilities and veterans. During his career he has enjoyed opportunities to sponsor career development activities and establish programs that provide work experience and on-the-job training for people with disabilities.
Gary arrived at HM Health Solutions in 2013 to assume the role of senior vice president, IT Infrastructure and Security. Prior to that, he was at Bayer Material Science. In 2018, his role was expanded to include chief information officer and he now leads the IT organization in its support of the Highmark Health enterprise.
Tracey Rapali (TR): Gary, what is the IT organization responsible for at Highmark Health?
Gary Dick (GD): At Highmark Health, the IT organization has responsibility for a wide range of technologies. Our IT organization provides application development, digital print and managed IT services for the Highmark Health enterprise. Some examples also include responsibilities for network communication technologies, which are all the phones and wireless capabilities throughout our enterprise. Additionally, we provide desktop support and end user services for PCs, phones and other devices needed throughout the organization.
Another important part of what we do is cybersecurity. We have responsibility for protecting the data of our organization and keeping our assets safe from malware, ransomware, and cyber-attacks.
Our IT organization sorts functions by different platforms otherwise described as groupings of applications that work together to enable our business to operate. Some platforms may have 50 applications, others may have several hundred. The largest one we have is the Enterprise Health Solution (EHS) Platform that supports the health plan insurance business for functions like enrollment, claims and billing. Some of the smaller platforms we have are related to our dental and stop loss insurance as well as document solutions.
There are approximately 13 different platforms throughout Highmark Health that enable our business to operate. There is one that focuses on the clinical environment Epic is a big part of this platform. And then we have one that supports the health plan organization EHS, as I previously mentioned. That platform is delivered not only to our health plans but also other Blue Plans. We support the infrastructure and technical maintenance to operationalize business for 10 million members serviced through this platform.
TR: What is unique about your IT organization at Highmark Health?
GD: In IT at Highmark Health, we have an established employee engagement program. There are a variety of committees and groups within IT that promote positive learning experiences for employees across our enterprise. Our teams are so much more than talented developers, coders, and technology support experts. In 2020, we hosted the first ever IT Carnival for employees to learn about various functions of tech from their colleagues in IT. There was a tremendous amount of pride at this event and it was exciting to see IT teams be surrounded by such significant positivity and attention.
We want our employees to do the best work of their careers during their tenure within IT. We never settle for mediocracy, and IT is not somewhere that typically gets notable attention for career development. So, we are dedicated to ensuring our employees feel empowered while doing their job, and to speak up if they have ideas that could incite change. Our leadership is invested in these teams, and truly believe that IT functions play a pivotal role in enabling the transformation of the health industry.
Also, we have operational excellence professionals who focus on continuous improvement across our IT organization. They are trained to notice and motivate needed changes so we can be sure all systems are operating at full capacity and we are serving patients, members and employees with an above average experience. Lastly, the enterprise includes a large-scale digital print facility. We also have an IT platform that supports this enterprise piece. This is not typically something managed in-house by technical support teams at health care companies. That gives an idea of the breadth of what we support, from a technical standpoint.
TR: You mentioned IT’s role in transforming the health industry. Could you talk a little more about that?
GD: IT in health care is positioned to power the future of the industry. As the world rapidly evolves, we are constantly adapting and bringing new technologies to the market to meet the progressing needs of our patients and members. There are abundant opportunities for IT to play a vital role in creating and/or expanding access to health services for diverse populations across the country. IT can tackle barriers to health care without limitations like geography to create solutions for people seeking care in a variety of settings. We are working to innovate and scale health technologies and strategically move our industry forward. Our goal is to use tech and IT support systems to provide a remarkable experience and free people to be their best.
TR: What platforms do nurses and doctors use for patients?
GD: Many caregivers use the Epic platform to update electronic health records. For example, during a visit, the clinician will update the results of the patient’s visit in Epic. Patients in turn can use the Epic platform to schedule appointments and view their health information through MyChart. It’s a great way for patients to connect with their physician, quickly access test or screening results and keep track of personal health information. Users can also schedule appointments and telemedicine visits through the MyChart app. This functionality is a convenient way for many users to interact with the health care system.
TR: What differentiates IT at Highmark Health from IT organizations at other health care companies?
GD: One of the main things that is different from other health care organizations is that we support both a hospital system and provider network and health plans. There are not many health care companies that have such large insurance and hospital components. We support eight hospitals on the Epic platform, as well as EHS, dental and stop loss components of insurance, on top of traditional health insurance offerings. Also, our digital print facility is different from what a lot of health organizations have from an IT standpoint. It puts out about two billion impressions a year and mails about 140 million envelopes a year. We have a broad portfolio of companies, related to IT support.
I would also say what makes health care a little bit unique is that health care records seem to be very valuable to steal. So, protecting health care data is in many cases a larger responsibility than in some other industries. Health care data can be more valuable in the marketplace and as a result of that it seems to be more sought after by the folks looking to penetrate different companies. Our degree of diligence and techniques must be more sophisticated to protect health care information.
Jenna Roesch (JR): What are some examples of how we protect valuable health information from cyberattackers?
GD: We monitor activity throughout our networks and keep close watch on all of our end points devices like computers, servers, medical equipment, and other business technologies. Because we are also responsible for protecting data and systems for the provider side of our business, we have to make sure just like a server or printer that security of medical devices is maintained appropriately as well.
We validate requests for internally stored data to ensure they are sourcing from trusted partners. We are continually monitoring patches and release information our tech vendors provide so that our software and hardware are properly updated to protect against cyber threats. Also, we train our employees, because one of the big liabilities is phishing attacks where someone might send an email disguised as content someone may be expecting or routinely receive, but it is really an adversary trying to steal credentials. Once credentials are stolen, then data can be stolen.
Another active threat that we protect against is ransomware. This seems to be a very popular attack where hackers will try to infect a system through an email or some other attack vector and lock up data. Then, they will require payment (ransom!) to be able to regain access to that data. What helps us protect against this is retiring old systems that are no longer supported and keeping all systems updated and backed up. We continue to monitor our perimeter for suspicious activity, and train our employees to ensure that we do not click on malicious URLs, open tainted attachments or share credentials with untrusted parties.
TR: During COVID-19, how have you supported the expansion of telemedicine capabilities?
GD: We had been doing a little bit in the area of telemedicine prior to COVID-19. But at the onset of the pandemic, there was a massive ramp-up of capabilities. We started by doubling our capabilities for telemedicine, then we doubled it again and again. It is amazing how quickly we ramped up the technology for servers and licensing to support that capability. The good thing is that we are optimistic, as we get beyond the surge of COVID-19, we are going to be able to sustain a lot of telemedicine infrastructure and the consumer behaviors along with it. We will be a lot more efficient moving forward for our physicians and customers. We are looking forward to leveraging this technology a lot more often. This was a positive outcome of all the pandemic activities we went through.
TR: You are very supportive of veterans and people with disabilities can you tell us more about this?
GD: We have programs here at Highmark Health for both veterans and persons with disabilities. We have a veterans program that actively recruits veterans and ensures they have the support they need to acclimate to the work environment. There are a couple networking groups within IT where the veterans accomplish some really great things. Not only do they reach out to other veterans, but they prepare care packages and send them to active and retired veterans as well as cards, gift cards and notes of appreciation. Working veterans also help onboard new veterans through a support organization. I think the most exciting thing for me is that the veterans are really recognized and there is a lot of pride in the fact they served. That is recognized by their fellow IT employees. When veterans do start, they get a small flag that represents the branch of the military they served in to put in their cube or office to demonstrate support. I’ve really enjoyed seeing that interaction amongst them and throughout our IT organization.
For persons with disabilities, we participate in the Careers2B program. This is designed so they can get that first year of work experience and make it easier to migrate into a full-time roll within Highmark Health or somewhere else within the marketplace. Over the last handful of years, there has been more than 100 people who have come through that program between Highmark Health and other local companies in the Pittsburgh area. This has been very exciting to see grow. The two things that we really try to focus on are increasing the number of people who are in IT who are veterans and increasing the number of people within IT who are dealing with some type of disability. We try to make sure both groups are given ample opportunities for competitive employment as well as development along the way to do the best work of their career and continue growing professionally.