CPIA Module 19, Section 1: Informatics Governance Structures and Committees
MODULE 19: GOVERNANCE, POLICY & ETHICS

Section 19.1: Informatics Governance Structures and Committees

Building the Decision-Making Architecture for a Safe and Strategic Digital Health Ecosystem.

SECTION 19.1

Informatics Governance Structures and Committees

From Controlled Chaos to Coordinated Strategy: Deconstructing the Bodies that Guide System Evolution.

19.1.1 The “Why”: The Critical Need for a Guiding Architecture

In your pharmacy career, you have seen firsthand the consequences of unstructured decisions. A prescriber develops a personal preference for a non-formulary drug, creating workflow disruptions and confusion. A new “corporate initiative” is rolled out with little front-line input, leading to workarounds and resentment. A critical safety concern is raised but gets lost in a sea of competing priorities, only to surface later after a near-miss event. These are not isolated incidents; they are symptoms of a system lacking a clear, transparent, and authoritative decision-making framework. They are symptoms of poor governance.

When applied to health informatics, the stakes are magnified a thousand-fold. An Electronic Health Record (EHR) is not a static piece of software; it is a living, breathing ecosystem that is the central nervous system of the entire hospital. It dictates clinical workflow, houses the collective knowledge of the organization, and is the primary tool for executing nearly every medication-related task. An ungoverned EHR is a recipe for clinical chaos and organizational paralysis. It becomes a digital wild west, where the “squeakiest wheel” gets the system change, regardless of strategic importance or safety impact. Well-meaning clinicians, frustrated by system limitations, may create risky “shadow IT” workarounds. The IT team, overwhelmed by a flood of unvetted requests, becomes a bottleneck rather than an enabler of progress. Most dangerously, critical safety improvements and strategic projects languish while resources are consumed by minor, low-value tweaks.

Informatics governance is the antidote to this chaos. It is the formal, multi-disciplinary structure of committees, policies, and procedures that an organization establishes to ensure that all decisions related to health information technology are strategic, consistent, safe, transparent, and accountable. It is not about adding more meetings for the sake of bureaucracy. It is about creating dedicated forums where the right people—clinicians, administrators, IT professionals, and informaticists like you—come together at the right time to make the right decisions for the right reasons. It transforms the management of the EHR from a reactive, chaotic firefight into a proactive, strategic, and collaborative process. This section will deconstruct the essential committees that form the backbone of this critical framework, preparing you to not only participate in them but to become a leader within them.

Retail Pharmacist Analogy: From a Single Pharmacy to a National Chain’s P&T Committee

Imagine the evolution of a pharmacy. In a single, independent pharmacy, the owner makes all the decisions. If a new drug comes out, they decide whether to stock it. If a workflow needs changing, they change it. This is fast and simple, but not scalable or standardized. This is the “ungoverned” state.

Now, consider a national chain with thousands of pharmacies. How do they decide which drugs are on the formulary? How do they update the dispensing software for 50,000 pharmacists? They can’t rely on individual store managers. They create a formal structure. This is governance.

  • The Corporate P&T Committee (The Steering Committee): A group of high-level executives, clinical experts, and finance directors who make the big, strategic formulary decisions for the entire company. They analyze clinical trial data, evaluate economic models, and negotiate contracts with manufacturers. Their decisions are binding for every pharmacy in the chain. They are focused on the strategy, budget, and major clinical standards of the entire organization.
  • The Regional Clinical Advisory Board (The Clinical Advisory Group – CAG): A team of experienced pharmacy managers and clinical coordinators from a specific region. Corporate P&T might decide to add a new class of diabetes agents to the formulary. This regional group’s job is to figure out the “how.” How will they operationalize this decision? What training do pharmacists need? What will the new workflow look like in the computer system? They provide essential, on-the-ground clinical feedback to ensure corporate decisions are practical and safe to implement.
  • The IT Help Desk & Software Update Team (The Change Control Board – CCB): This is the operational gatekeeper. When a pharmacist at Store #1234 finds a bug where the new diabetes drug’s sig is printing incorrectly, they submit a ticket. This team doesn’t debate the clinical merits of the drug; they evaluate the technical request. Is it a real bug? How severe is it? How many other stores are affected? They prioritize this request against hundreds of others, schedule the fix, test it, and roll out the software patch to the entire chain in a controlled manner. They manage the flow and timing of all technical changes to the system.

You have already lived within a governance structure. This module simply gives you the formal language and architectural diagrams for the exact same concepts, translated to the high-stakes world of a hospital’s EHR.

19.1.2 The Apex of Strategy: The Informatics & Technology Steering Committee

At the very top of the governance pyramid sits the Informatics & Technology (I&T) Steering Committee. This is the “corporate P&T committee” from our analogy, but with a much broader scope. It is the senior-most decision-making body, responsible for ensuring that all technology initiatives, including every major EHR project, are perfectly aligned with the health system’s overall strategic goals, financial realities, and clinical priorities. This committee does not debate the placement of a button on a screen; it decides whether to invest millions of dollars in a new telehealth platform, approve the budget for a system-wide upgrade, or charter a major initiative to reduce sepsis mortality through advanced clinical decision support.

The Steering Committee provides the essential link between the C-suite’s vision and the on-the-ground reality of health IT. It serves as the ultimate authority, resolving conflicts that cannot be settled at lower levels of governance and providing the executive sponsorship necessary for large, complex projects to succeed. Without a functioning Steering Committee, a health system’s technology strategy becomes rudderless, driven by departmental politics and isolated requests rather than a unified organizational vision.

Masterclass Table: Deconstructing the I&T Steering Committee Charter

Charter Component Detailed Description Why It Matters for a Pharmacist
Mission & Purpose A clear, concise statement defining the committee’s reason for existence. Example: “To provide strategic oversight and guidance for the health system’s information technology investments and initiatives, ensuring alignment with organizational goals for patient safety, quality of care, operational efficiency, and financial stewardship.” This statement sets the “true north” for all technology decisions. When you propose a project, you must be able to link it directly back to this mission. A request to improve barcode medication administration (BCMA) scanning rates directly supports “patient safety.”
Membership & Roles Membership is by role, not by name, and represents the highest levels of leadership. It is co-chaired by a clinical leader (e.g., Chief Medical Officer) and a technical leader (e.g., Chief Information Officer).
  • Executive Sponsors (Voting): CMO, CNO (Chief Nursing Officer), CIO, CFO (Chief Financial Officer), COO (Chief Operating Officer).
  • Clinical Leadership (Voting): Chief Medical Informatics Officer (CMIO), Chief Nursing Informatics Officer (CNIO), Chief Pharmacy Officer (CPO) or Director of Pharmacy.
  • Operational Leadership (Advisory): Key service line directors, Quality/Safety Officers.
 The presence of the CPO/Director of Pharmacy is non-negotiable. This ensures that medication management—a core function of the hospital—has a voice at the highest level. Your entire informatics program’s influence flows from this seat at the table.
Scope of Authority Defines what the committee has the power to do. This is the most critical section.
  • Review and approve the annual IT strategic plan and budget.
  • Approve or reject all major capital projects (e.g., new modules, major upgrades, system replacements).
  • Charter high-priority, cross-functional initiatives (e.g., “Opioid Stewardship Dashboard Initiative”).
  • Set organizational priorities for IT resource allocation.
  • Serve as the final point of escalation for issues that cannot be resolved by other governance bodies.
 If you want to implement a new pharmacy inventory management system or a complex sterile compounding module, this is the committee that must approve the funding and resources. Your business case must be compelling enough to win their approval over competing projects from other departments.
Meeting Cadence & Agenda Typically meets monthly or quarterly. The agenda is formal and follows a standard structure:
  • Review of minutes from the previous meeting.
  • Dashboard Review: Key Performance Indicators (KPIs) on system stability, project portfolio status, and budget.
  • Major Project Updates: Briefings from project managers on high-visibility initiatives.
  • New Project Proposals/Business Cases: Formal presentations for new funding/resource requests.
  • Strategic Discussion: Forward-looking topics, industry trends, etc.
 Understanding this rhythm is key. If you have a major proposal, you and your Director must work to get it on the agenda, which often requires significant pre-work and socialization with committee members *before* the meeting.
Pharmacist’s Playbook: Presenting to the Steering Committee

As an informatics pharmacist, you will likely be called upon to support your Director in presenting a business case to this committee. Your presentation must be concise, data-driven, and speak their language—the language of strategy, safety, and finance.

  1. The Problem Statement (The “Why”): Start with a compelling, data-backed problem. Weak: “Our pharmacists are spending too much time on IV admixture.” Strong: “Last year, we documented 15 medication errors related to manual IV compounding, two of which resulted in patient harm. Furthermore, manual documentation consumes an estimated 2,500 pharmacist hours annually, representing a ‘soft cost’ of over $150,000 in lost productivity.”
  2. The Proposed Solution (The “What”): Clearly state what you want to do. “We propose the implementation of the ‘Sterile Compounding’ module within our EHR, which integrates with barcode scanners and gravimetric devices.”
  3. Strategic Alignment (The “How it Helps Us”): Explicitly link your project to the organization’s goals. “This project directly supports our strategic initiatives to improve medication safety (by reducing errors) and enhance operational efficiency (by automating documentation).”
  4. Return on Investment (ROI) (The “What’s in it for Them”): This is crucial for the CFO and COO. Quantify the benefits. “We project a 90% reduction in compounding errors. The automation will free up 0.5 Pharmacist FTEs to be redeployed to higher-value clinical activities. While the initial investment is $500,000, we project a 3-year ROI through improved safety, reduced waste, and more efficient charge capture.”
  5. The “Ask”: Be crystal clear about what you need from them. “We are requesting approval of the $500,000 capital budget and the allocation of IT resources to begin project initiation in the next quarter.”

19.1.3 The Voice of the Clinician: Clinical Advisory Groups (CAGs)

If the Steering Committee sets the destination, Clinical Advisory Groups (CAGs) are the expert navigators who chart the safest and most efficient course. These are the forums where front-line clinical wisdom is translated into concrete requirements for the EHR. CAGs are multi-disciplinary, clinically-focused groups responsible for the design, validation, and optimization of clinical content and workflows within the health IT systems. This is where the real “sausage is made” for order sets, clinical decision support (CDS) alerts, clinical documentation, and medication process workflows. Without effective CAGs, EHRs are inevitably designed in a vacuum by IT staff, leading to clunky, impractical systems that clinicians resent and work around.

For pharmacy informatics, these groups are your home turf. The most effective health systems have a specific Pharmacy Informatics Subcommittee or a medication-focused CAG that reports up to a higher-level clinical governance body. This is the group that debates the precise wording of an opioid warning, the default doses in the vancomycin ordering workflow, and the required fields for a chemotherapy order. Your role as a pharmacist is not just to be a participant in these groups, but to be a leader, using your deep knowledge of medications and workflows to drive consensus and design safer systems.

The Ecosystem of Clinical Advisory Groups

Governance is not a single committee, but a network of interconnected groups. A mature health system will have a hierarchy of CAGs to manage the complexity of clinical care.

Clinical Governance Hierarchy
Overall Clinical Governance Committee

(e.g., CMIO, CNIO, CPO, Service Line Chairs)

Pharmacy & Med Safety CAG

Pharmacists, Nurses, Safety Officers, MDs

Physician Advisory Group

Inpatient, Ambulatory, and Specialty MDs

Nursing Advisory Group

Inpatient, ED, and Ambulatory Nurses

Masterclass Table: Deconstructing the Pharmacy & Medication Safety CAG
Charter Component Detailed Description The Informatics Pharmacist’s Role
Mission & Purpose “To design, review, and approve all medication-related clinical content and workflows within the EHR, ensuring they are safe, evidence-based, efficient, and aligned with organizational policies and regulatory standards. This group serves as the primary clinical authority for the medication use process.” You are the chief architect and facilitator. You prepare the agenda, present proposed changes, and translate the group’s clinical decisions into technical specifications for the IT build team.
Membership & Roles This group must be multi-disciplinary to be effective.
  • Chair: Often the Pharmacy Informatics Manager or a dedicated Medication Safety Pharmacist.
  • Pharmacy Reps: Informatics Pharmacists, Operations Manager, Clinical Manager, IV Room Supervisor, Technician Supervisor.
  • Nursing Reps: Nursing Informatics, Med-Surg Nurse, ICU Nurse, ED Nurse.
  • Physician Reps: Hospitalist (MD), Intensivist (MD), key specialists as needed.
  • IT Rep: The lead EHR analyst for pharmacy applications.
 You must actively recruit engaged members from each area. A CAG without a skeptical ICU nurse or a busy hospitalist providing feedback is designing in an echo chamber. You must ensure all voices are heard.
Scope of Authority The “bread and butter” of pharmacy informatics work.
  • Approve all new and revised medication order sets and protocols.
  • Design and approve all medication-related Clinical Decision Support (drug-drug interaction alerts, allergy alerts, dose range checking, clinical guidance alerts).
  • Define workflows for BCMA, sterile and non-sterile compounding, medication reconciliation, and pharmacy verification queues.
  • Review and prioritize all non-emergent requests for changes to pharmacy and medication-related systems.
  • Analyze medication-related safety events and propose informatics-based solutions.
 This is your primary forum for driving clinical improvement. When you identify a safety risk, you bring the data here, present a proposed solution (e.g., a new alert), facilitate the debate, document the decision, and then build the approved change.
Decision-Making Process Decisions are made by consensus when possible. When not, a formal voting process is used. All decisions, along with the clinical rationale, must be meticulously documented in the meeting minutes. These minutes become the official record and justification for why a system is built a certain way. You are the official scribe. Your documentation is the shield that protects the organization during an audit or legal inquiry. If someone asks “Why does this alert fire?”, you must be able to produce the minutes showing the multi-disciplinary clinical decision and rationale.
The Pitfall of the “Vocal Minority”

A common failure mode for CAGs is allowing the “vocal minority”—often a single, passionate, and influential physician or nurse—to dominate the conversation and drive decisions that benefit their niche workflow at the expense of the entire system. A strong chairperson, often the informatics pharmacist, must skillfully manage these dynamics.

The Script (for redirecting): “Thank you, Dr. Jones, that’s a very important perspective for the ICU workflow. I want to make sure we also consider the implications for the Med-Surg floors. Sarah, from your perspective as a floor nurse, how would this proposed change impact your team’s process?” This technique validates the initial speaker while intentionally broadening the discussion to ensure a system-wide solution is developed.

19.1.4 The Operational Gatekeeper: The Change Control Board (CCB)

After a brilliant strategic initiative has been chartered by the Steering Committee and a safe, effective clinical workflow has been designed by a CAG, there is one final, critical gate a change must pass through before it can be implemented in the live EHR environment. This is the Change Control Board (CCB), also known as a Change Advisory Board (CAB). The CCB is a formal, IT-led group whose primary function is to manage, prioritize, and de-risk the process of making changes to production IT systems. Its focus is not on the clinical or strategic merit of a change—that has already been decided by other governance bodies—but on its technical feasibility, risk, and operational impact.

The CCB is the air traffic control tower for the EHR. Its job is to prevent system collisions, ensure that changes are properly tested, and schedule deployments in a way that minimizes disruption to clinical operations. It reviews all significant changes, from major software upgrades to the activation of a new order set. A request that comes to the CCB without prior approval from the appropriate clinical governance group is, in most mature organizations, dead on arrival. The CCB’s mantra is: “Has this been approved by the business/clinical owner?” For you, this means a request must come with the stamp of approval from your Pharmacy & Med Safety CAG.

The Anatomy of a Formal Change Management Process

The work of the CCB revolves around a structured change management process. As an informatics pharmacist, you must master this process, as you will be the primary author and shepherd of medication-related change requests.

The Change Request Lifecycle

1. Idea / Need

A safety issue is identified or a workflow improvement is proposed.

2. Clinical Vetting

Proposal is presented to and approved by the Pharmacy CAG.

3. Change Request

A formal IT ticket is created with detailed specifications & CAG approval attached.

4. CCB Review

CCB assesses technical risk, resource needs, and schedules the change.

Masterclass Table: The Change Request Form – Your Key to the Kingdom

A well-written change request is the single most important document you will create. It must be clear, complete, and compelling. A poorly written request will be rejected or delayed.

Form Section Content Required Pharmacist’s Pro-Tip
Request Title A short, descriptive title. E.g., “Build New Sepsis PowerPlan Order Set” Be specific. “Order Set Change” is useless. “Modify Acetaminophen IV Order Sentence” is excellent.
Requestor & Clinical Owner Your name/department, and the name/title of the clinical leader sponsoring the change (e.g., Director of Pharmacy). Always have a clinical sponsor. It shows organizational alignment and is not just your personal “good idea.”
Description of Change A clear, detailed description of the requested change. What is the current state? What is the desired future state? Use screenshots, mockups, and precise language. “Change the alert” is bad. “Modify the ‘High Dose Apixaban’ alert to fire on doses > 5mg BID for patients with a CrCl < 30 mL/min" is good.
Justification / Business Need The “why” behind the request. Link to safety, quality, regulatory requirements, or efficiency. This is where you attach the CAG meeting minutes! “This change was approved by the Pharmacy & Med Safety CAG on 10/15/2025 to address a near-miss safety event related to apixaban dosing.”
Technical Risk Assessment What is the potential impact of this change on other parts of the system? What is the risk of failure? What is the back-out plan if the change causes problems? Work with your IT analyst counterpart to complete this. Show you’ve thought through the consequences. “This is a net-new build and carries low risk of impacting existing order sets. Back-out plan is to deactivate the new PowerPlan.”
Testing Plan How will you ensure the change works as expected before it goes live? This must include unit testing (by the builder) and integrated testing (by you and end-users). Be exhaustive. “Testing will be conducted in the TEST environment and will include: 1) Ordering the PowerPlan on a test patient. 2) Verifying all medications and default doses. 3) Verifying all associated CDS alerts fire correctly. 4) Pharmacist and nurse sign-off.”
Requested Go-Live Date & Urgency When do you need this to be implemented? Justify the urgency. The CCB recognizes different levels of change. Urgency must be justified based on clinical risk.
  • Standard: A routine improvement.
  • Expedited: A time-sensitive need, often related to a new regulation or formulary change.
  • Emergency: A patient safety crisis or system-down issue requiring immediate action, often bypassing the full CCB meeting.
Pharmacist’s Playbook: Navigating the CCB Meeting

You may be asked to attend the weekly CCB meeting to speak to your change request. The audience here is technical. They are less concerned with the clinical nuance and more concerned with system stability.

Your 60-Second “Elevator Pitch” for the CCB:

“Good morning. I’m here to represent change request 75309, the new Sepsis PowerPlan. The clinical need for this order set was driven by the Surviving Sepsis Campaign and was approved by the multidisciplinary Sepsis Task Force and the Pharmacy CAG last month—approval documents are attached to the ticket. From a technical standpoint, this is a net-new build of an order set containing 15 medication orders and 10 lab orders. It has no upstream or downstream dependencies on other major workflows. The build has been completed in our test environment and has undergone three rounds of integrated testing by pharmacists, nurses, and physicians, with all test scripts passing. We have a full communication plan for go-live. We are requesting approval for deployment during the standard change window next Tuesday.”

This pitch tells them everything they need to know: what it is, that it was clinically approved, its technical scope, that it’s been tested, and what you’re asking for. It shows you respect their role and have done your homework.