Diva Tech Talk interviewed Meredith Harper, Chief Privacy and Security Officer for Henry Ford Health Systems (www.hfhs.org).
With strong science and math aptitudes, Meredith began her tech journey as early as the 2nd/3rd grades, participating in science fairs, math clubs and the like. “By the time I got to middle school,” she said, “my parents realized they needed to move me to a different environment. I ended up being bussed, with kids all over Detroit, to a middle school for gifted children. This prepared me to go, nicely, into my college prep, at Cass Technical High School(casstech.schools.detroitk12.org/).
Longing to become an architect, (“split between the left and the right brain”) Meredith graduated high school in the top 3% of the Detroit Public School System, and started college at Hampton University, in Virginia. At the end of her freshman year, she lost her father. “So, I moved back home to Michigan,” where she was awarded a scholarship to attend the University of Detroit, Mercy (https://www.udmercy.edu/). Her initial major was architecture but in junior year, she switched to a computer science program, because “I lost the passion for the ‘creative’ side of it all --- the drawing and that kind of stuff. I began to look at programs that would allow me to use that analytical side of my brain, as well as still be creative.” She picked CIS (Computer Information Systems). “That was the time, the early ‘90’s, we were doing a lot of things with CAD/CAM, and I could transfer credits, over to the school of business which awarded my degree.”
Meredith’s first industry job was on the Help Desk for Budco (https://www.dialog-direct.com ) supporting Ford Motor Co. (www.ford.com) dealerships. She then moved to Ann Arbor, Michigan as a data analyst for The Medstat Group (www.medstatonline.com), where her team provided analytical software and supported in-depth dataset analysis for pharmaceutical companies like Merck, and Johnson & Johnson. Medstat is now a part of Thomson/Reuters (https://www.thomsonreuters.com/) and “even in the early ‘90’s, we were collecting millions of rolls of data,” Meredith said. Becoming a project manager, she widely traveled to install and support paid health claims systems at client sites, nationwide. “I got a chance at an early age to see different operational environments. That’s when I realized I wasn’t just a technical person. I liked to talk to people; I liked to sell things.”
At the beginning, “I knew absolutely nothing about healthcare,” Meredith said. “So, I ended up going back to school, because I wanted to get insight into the industry.” While working full-time, Meredith received a master's degree in health services administration at the University of Detroit, Mercy, which she finished in three semesters. Meredith credits the person she calls her personal “angel investor,” Sister Mary Kelly at U of D, for pragmatically supporting her early journey. “She was my program chair for the master’s program. I was traveling quite a bit, for my job, and she would, sometimes, sit in lectures for me and tape them. She would FedEx them to my hotel, and allow me to take my exams on the weekend. She really was the catalyst that helped me through that program. Without her, I would never have completed it; I would not be the person I am, today.” Meredith tells many audiences about Sister Mary “because we need to understand, we don’t get where we are, by ourselves.”
Meredith rounded out her MedStat career by leading project teams, for large clients (“I had a long-time client in New York City, and lived in Times Square, New York City, for 6 months!”). Then she then moved on as an analysts and junior consultant at Johnson and Johnson (https://www.jnj.com/) doing hospital operating room consulting: “looking for opportunities for cost-savings, operational improvement, and offering software to support those cost-savings.”
She worked as a team leader for an AS 400-based application at the Central Georgia Medical System (https://www.navicenthealth.org/). “I was the lead for 6 or 7 individuals, only men. I was the only woman,” she said. Meredith benefited from being mentored by director of IT, Kyle Johnson, now a CIO. “She taught me a whole lot about leading teams --- how you traverse this environment primarily made up of men.” The biggest lesson that Meredith inculcated was that “building positive relationships is important. Sometimes people only respect the relationship they have built with you, not the knowledge you bring.”
At Children’s Medical Center, in Dayton Ohio, (https://www.childrensdayton.org/), she worked indirectly as a project manager for her first female CIO, Beth Burdette. “We had made it through Y2K without the world blowing up,” Meredith laughed. “And we moved to the next regulatory ‘thing’ which was HIPAA (the Health Information Portability and Accountability Act). We were trying to figure out --- what were we going to do with this? Children’s Medical Center wanted to know what they could do to comply.” Meredith made it her mission to show them. She led the gap analysis for all the health systems IT and operational areas. “I had to sit down and read the entire 1100-page document to understand exactly what the implications were going to be. It was our job to understand how HIPAA was going to help or harm our operations and our patients; then we prepared our remediation and implementation plan.” Meredith moved back to Michigan and began to work Health Alliance Plan (www.hap.org) to establish their HIPAA plan. “From that point forward, 2002, I haven’t been able to get away from HIPAA since,” she laughed.
Henry Ford Health Systems, who owns HAP, asked Meredith, in 2003, to become their first Chief Privacy Officer. “We found as we became more mature as a program, and as the security rules evolved, we had to start thinking differently about what investment Henry Ford was going to put in their program to ensure they could comply with these regulations, long-term. I got a unique chance, over those next 8 years.” Originally embedded in the compliance department, separate from IT, “I became the first Privacy and Security Officer because we felt those two areas needed to be married. We needed to be governed by the same rules. We needed to have the same leader.”
In 2012, HFHS “went into a massive evolution.” Meredith proposed “radical changes” to the system’s Chief Operating Officer, including the combining of departments, and moving the privacy responsibility into technology. One of the personal benefits to Meredith is that she began to report directly to Henry Ford’s first female CIO: MaryAlice Annecharico (Diva Tech Talk Episode 24). “She’s been an advocate for us. We have been able to build a team of 53 amazing people, who are very passionate about the work that we do, as it relates to network security -the perimeter of our work and how we secure it; information security - the governance, forensics and cybersecurity part of our world; the information privacy team, which consists of our trainers, educators, policy developers, privacy investigators --- those who touch the patient the most. We have an IT audit and risk management group. And the last group we brought onboard is our identity and access management group.” Meredith is fascinated by all the disciplines she leads. “Data is king around here. The more we can control access to data, the more we can control our risk. Our biggest vulnerability is the group we don’t think about --- the 29,000 individuals who work for us!” So HFHS latest strategies revolve around protecting and training for the operational movement of data down to the employee level.
“I love this stuff,” Meredith exclaimed. Talking about her team, she said “We live and breathe it. It’s not a 9 to 5 kind of job. It’s 24 x 7. The bad guys have gotten really savvy; they are not operating from 9 to 5. So we have a 24 x 7 operation where we’re monitoring the environment, and managing to decrease that risk for the organization. We have to put as much money into training and education as we do into technology. We trust but we verify.” Meredith also acknowledged “I’m having a ball because I am one of the few women in the country who do it, at this level!”
Meredith’s personal strengths are her math/science aptitude combined with strong communication skills; a propensity to take calculated risks and stay flexible; intellectual curiosity; emotional intelligence (“I think I have the ability to be able to be calm, when needed; the capability to see things for what they are, and move the organization methodically to get things to the end”); and coalition-building (“I believe that you can’t do this work by yourself.”). Ever the eager student, Meredith is enrolled again in a post-university masters (“I just can’t stop going”) in jurisprudence in health care law at Loyola Law School in Chicago, a prerequisite for their J.D. program she plans on entering, next. This doctoral program offers students the same mass of knowledge as offered to a would-be attorney. But Meredith will not become a lawyer. Instead, she intends to take her doctorate and teach on the university level. “So, I get that legal spin without having to take the bar exam.” Among her ambitions is not only to teach, but to write the specialized textbooks for her classes.
As an African-American woman, in a male-dominated field, Meredith said “I think it’s more challenging for other folks than it has been for me. They have to get used to the idea of women being at the table. I don’t. I think I have helped them understand that women can play in this space. It’s not relegated to one gender or the other. I don’t think it has negatively impacted me,” she said matter-of-factly. “I think I have just had to overcome some things. I have chosen to take those opportunities as learning experiences for the other individual ---- maybe they have just not had an experience with a woman leader, in the way they need to. And maybe it’s my job to teach them that.”
Meredith recommends that women aspiring to achieve tech leadership roles:
“Acquire thick skins.”
“Recognize that you will fail. Spin that failure into a ‘life lesson’ you can use, moving forward. Learn from it; move on to the next thing.”
“Communicate what your needs are, but also be able to translate what the organization or the individual on the other side of the table needs. Talking and listening, decipher their needs.”
“Know that you can do this.”
Giving back to her community, Meredith is active in MCWT (www.mcwt.org). There she is on an operational compliance team, has been a speaker at one of the summer 5th through 8th grade Camp Infinities, and has recruited other women to support the camps. She is also active with both her former high school and grade school, by adopting classrooms and individual girls to “show them they can begin to be what they want to be.” In addition to her busy agenda at HFHS, she also chairs the Michigan Healthcare Cybersecurity Council; is active in HIMSS (the Health Information Management & Systems Society); and is a faculty member for the security boot camp fielded all over the country by Clearwater Compliance LLC. She credits her husband and family for helping her achieve balance, and retain energy. “I lean on them a lot. Sometimes, I can say things to my husband, and he provides a listening ear.” Since her spouse extensively travels, as does she, “we take advantage of every holiday, and every weekend. Church and our spiritual life is huge. We spend time, on Sunday, level-setting, and getting prepared for the coming week.” Among her more than 20 recent professional awards, Meredith recently received the University of Detroit, Mercy “Spirit Award,” (and “my husband was very excited to see me get that!”)
According to Meredith, every woman leader should “dare to be different!” Please feel free to contact her at Meredith.harper@hfhs.org.
Follow us on Twitter - @divatechtalks
Visit us on Facebook -https://www.facebook.com/divatechtalk
If you like this podcast, please subscribe on your favorite podcast channel.