It is not often that I even bother to read articles written by vendors, but there were some good points made in an article by a practice manager for Sipierian regarding MDM and regulation. The point being made was how increased regulation, both in the US with its Sarbanes Oxley and Patriot Act, but also elsewhere with things such as Basel 2 in financial services, should be a significant external “push” for MDM to complement internal “pull” by corporations. In order to measure the overall risk levels at a bank you need to know the total aggregate positions taken with counter-parties, and be able to see whether there are any high exposures with particular clients (the case of Enron springs to mind). In order to do this you need to know exactly who you are doing business with, including subsidiaries of that company, and yet how well do companies really know this?
Many MDM projects set out to get a better understanding of the total picture of either customers or suppliers, since their multiple source systems and classifications of these make it very hard to get a single consistent picture. Certainly many years ago Shell realised that it had no idea how much business it did with, say, Ford or Unilever, since quite apart from internal classification overlap, it was not clear exactly what “Ford” or “Unilever” consists of. This was a key reason why it invested heavily in an enterprise data warehouse project. Multinational companies have so many subsidiaries, often with different trading names (for example Shell owns companies like Bharat Petroleum, Unilever is known as “Hindustan Lever” in India) that it is unlikely that individual operating units have carefully checked the Dun & Bradstreet numbers of all these companies and classified them correctly.
This is important enough when dealing with a global account, but can be critical when dealing with financial trades. I know of one MDM initiative that a financial services organisation that started off as a direct result of Enron, when it transpired that in fact the organisation thought it knew how much exposure it had with Enron, but rapidly discovered that it did not when Enron collapsed. I certainly know of one famous financial institution where a former VP admitted to me that the bank had “no clue” how much business it did with a large, complex beast like Deutsche Bank, for all the usual MDM reasons.
The thing I find curious is all these regulations are all pretty much in place now, and although companies have spent a money on compliance, it is clear from these two cases that the problems are far from solved. The next time an Enron-like event happens (and it will) companies will not only be nursing losses from their exposed positions, but may also have regulatory problems if it turns out that they actually did not truly know the extent of their exposure. Given the state of data quality and master data in most large organisations, I wonder whether companies are being complacent or regulators simply sleepy in checking the effectiveness of the systems at companies. Having a report that tells you your exposure level is all very well, but how reliable are the numbers that make that up? My experience of working with data warehouse and MDM applications tells me that they are likely to be a lot less reliable than many people think.
If you find all this talk of banks rather abstract, consider this: the average hospital has 25 systems that record patient information. If you are one of those patients, how confident are you that these will all tie up?
1 comment so far
Not sure if you want a further clinical example (since you bring up hospitals at the end of the piece), but drug-associated adverse event reporting would be one.
Typically, companies and regulators receive adverse event reports and maintain separate databases for them. Companies always then submit theirs to regulators, and so those cases are routinely and non-simultaneously duplicated on regulators’ databases. Moreover, in the US, adverse event reports can emanate separately from both clinicians, patients, or mere bystanders, so there is scope for duplication there to, to an extent that about a third of the entire regulators’ databases having originated with non-clinicians (this is unlike in most of Europe, where patients’ reports of serious adverse events (at least) are not accepted by regulators, although it is true for the yellow card scheme in the UK, to the extent of about a quarter of the database).
This leads to:
a) Uncertainty of adverse event type frequency;
b) Messed-up (usually exaggerated) differential frequencies, which are used to sort ’signal’ (i.e. the subset of adverse event types that could be, but are not certainly, truly due to the drug) from ‘noise’ (those adverse events that are merely coincidental or unique idiosyncracies, etc.).
c) Potential over-reaction by regulators who see high frequencies of adverse events and have no idea what proportion are duplicates or even triplicates.
d) Scathing criticism by activists of pharmaceutical companies because the latter see and report fewer adverse events than regulators; this is then falsely and darkly imputed as reflecting deliberate, favourable bias towards the Companies’ products by those who sell them.
e) The consequent risk-benefit assessments often being inadequate.
One, current hoo-har where all this is likely to be at least a component is for rosiglitazone and cardiovascular adverse events in patients with diabetes. Large-scale prospective studies (i.e., the gold standard type of study, e.g., ProActive for pioglitazone by Takeda) have shown that these drugs benefit patients with diabetes and improve their otherwise high rates of cardiovascular complications. But a few boffins with track records for criticising the industry got hold of adverse event reports and have published a paper; luckily, this time, it looks like the FDA is being appropriately more circumspect about these boffins’ claims than was the editor of the New England Journal, and, of course, the lay press. It must be confusing and concerning for the patients.
Your e-mail address is for administration purposes and is never displayed.