Concrete illustration of the SecureChange Manifesto — IT department in transformation
Context
A major public hospital, with over 2,000 healthcare staff.
An IT department of 120 people (hospital information systems, infrastructure, patient records, imaging, administrative management).
Historically, the IT department operated in technological silos with a strongly hierarchical governance.
Today, the hospital is entering a deep transformation phase:
- Modernizing patient pathways,
- Increasing digitization,
- Interoperability with social care and community healthcare,
- Growing expectations from healthcare staff and patients.
The tipping point
After the pandemic, the need for a more agile IT department, closer to the field, became clear.
The hospital’s general management and CIO launched a transformation initiative:
- Shift from silo-based to product/service-based teams,
- Better integration of healthcare staff needs,
- More autonomy for project teams,
- Secure ethical and human considerations.
Concerns
Within the IT department:
- Loss of control over critical technical foundations (interoperability, security).
- Dilution of key expertise.
- Risk of budget fragmentation.
From general management:
- Potential loss of overall IT coherence.
- Increased risks to patient data security.
- Fear that technology choices may drift away from the hospital’s public service values.
The choice: managing the transformation with SecureChange
Clarifying what we want to preserve (Compass 1)
Collaborative work involving IT, general management, and healthcare staff representatives.
The identified invariants:
- Security and confidentiality of patient data,
- Coherence and interoperability of IT systems,
- Preservation of expertise and team know-how,
- Budgetary control,
- Quality of service as perceived by healthcare staff and patients,
- Core human values (compassion, respect for healthcare staff’s time, patient impact).
Building simple points of vigilance (Compass 2)
Examples chosen:
For security and compliance:
- Regular monitoring of security and compliance indicators.
For technical coherence:
- Shared architecture and standards repository.
For key expertise:
- Mapping of critical competencies and monitoring their retention.
For budgetary control:
- Transparent project-based budget tracking,
- Cross-validation required for any commitment above X € (validated by IT, financial control, and product team representatives).
For perceived quality:
- Regular healthcare staff satisfaction surveys.
For ethics:
- Regular review of technical choices with a human impact perspective.
Positioning leadership as guardians (Compass 3)
The CIO and IT leadership team act as guardians of technical, human, and ethical invariants.
“Coherence guardian” pairs are created in each area, combining IT leads and business representatives.
Continuous reevaluation (Compasses 4 and 5)
Every six months:
- Points of vigilance are adjusted based on field feedback.
- Invariants are jointly reviewed by an expanded governance committee (IT, general management, healthcare staff representatives).
Results after 18 months
- Gradual shift to product-based teams.
- Strengthened control over critical technical foundations.
- Enhanced trust between IT, leadership, and healthcare teams.
- Noticeable improvement in perceived quality.
- Strengthened budgetary and ethical governance.
- Human values explicitly embedded in the transformation management.
Testimonial
“In a hospital, technology only matters if it serves healthcare staff and patients.
Thanks to SecureChange, we modernized our IT department without losing our ethical standards or our public service mission.”
— Hospital CIO
Conclusion
This hospital IT department case demonstrates how an approach like SecureChange can guide an ambitious digital transformation in a human-centered and sensitive environment, while preserving technical, budgetary, and ethical fundamentals.
Note to the reader
This case study illustrates the general approach presented in the Secure Change Manifesto.
It does not include all the observable, measurable criteria and governance mechanisms, which are detailed in the SecureChange Principles.
To learn more, we invite you to visit the Secure Change Principles page.
Ready to explore?
→ Discover our guiding compasses
→ Explore our key principles
→ See case studies in action