Drew Hinkle is the Chief Information Officer for the California Department of State Hospitals. Before his time with CDSH, Drew was the CIO at DSH for four years where he managed the enterprise server and networking team, as well as the client and field services team. And prior to that, he held technology positions at the California Highway Patrol and the California Secretary of State. With his extensive background with California State departments, Drew shares stories of data, remote work, and state hospitals adjusting to the pandemic.
The Davood for Thought podcast is brought to you by Launch Consulting.
www.launchconsulting.com
Drew Hinkle is the Chief Information Officer for the California Department of State Hospitals. Before his time with CDSH, Drew was the CIO at DSH for four years where he managed the enterprise server and networking team, as well as the client and field services team. And prior to that, he held technology positions at the California Highway Patrol and the California Secretary of State. With his extensive background with California State departments, Drew shares stories of data, remote work, and state hospitals adjusting to the pandemic.
The Davood for Thought podcast is brought to you by Launch Consulting.
www.launchconsulting.com
We are in an era of rapid change where resilience is vital, the Davood for thought podcast dives into the most important topics in government and technology today, our host dev goats sits down with this vast network of colleagues to dish on the tech challenges that affect us all. Follow this podcast on your favorite platform and join the conversation by sharing it on LinkedIn, Twitter, or Facebook. Hello, everyone. Welcome to Direct Technology's, Davood, for Thought podcast. I'm Davood Ghods, and I will be your host today. The way I stay up with the pressing topics of tech and government of today is to tap into the panel of experts. I've had the honor of connecting with over the years today, we have Drew Hinkle on the podcast. Drew is currently the chief information officer for the California department of state hospitals. He has held this position since September of 2019, but he has been with the department since 2009 before becoming CIO. Drew was the chief information officer at DSH for about four years where he managed the enterprise server and networking team, as well as the client and field services team before DSH drew was a consultant in the private sector. And prior to that, he held technology positions at the California highway patrol and the California secretary of state drew has a bachelor of arts degree from California state university Sacramento go Hornets, and he is a graduate of the estate. It leadership academy Drew from one ILA, graduate to another. Thank you for accepting my invitation to be on our podcast. We would like to learn more about your background and for someone who doesn't know about your area, your expertise, please tell us about yourself department of state hospitals, and what are some of the things you're currently working on. Welcome. Hi Davood. Thanks for having me. Um, I appreciate the opportunity to have a chat. Um, drew Hinkel I'm the CIO at the department of state hospitals. I've worked for the state of California in a couple different stents for about 23 years total. Um, I graduated from SAC state in the mid nineties, so quite a while back, um, and was lucky enough to get a job out of college for the secretary of state. I'd been a student there for a couple of years and landed a permanent position a few months after graduation. And, um, at secretary of state, I worked on some pretty cool projects. I was part of a team that modernized their election management systems. The first piece was moving their voter registration system from like an old mainframe to a client server centralized system, which was like state of the art in the late, mid to late nineties. Uh, the, uh, the first piece was moving that, uh, the voter registration system into a power builder, Oracle application, uh, phase two, was to deploy kind of a candidate in election uh, and swap that out from another mainframe. And that was Oracle and Java. And the, like I said, at the time, this was all pretty cool stuff. And it was, it was fun technology to learn on that team. I, I did a number of roles. I was a system administrator. I managed the backend servers I wrote code. Um, and that was sort of the advantage of being at a really small department for me is that I got to wear lots of hats and, and I learned so much in that role. Uh, you know, I could be a security administrator one day, a system administrator another day in a code or another day. Um, and it was really almost for me like a crash course into being a DevOps engineer, probably like 20 years before people actually started calling themselves DevOps engineers. So it was, it was kind of neat at the time. Uh, from there I went to work for the higher patrol and I worked there in kind of a similar role managing some infrastructure writing code, um, building out public facing and some internal web applications for them. And I was only there for about two years, a little less than two years. Um, for the next three, I did it consulting and I did that with some friends. And I'd say that was like my ideal job at the time where I had a bun of people that I really liked. And I worked, we worked together well and we went from different kind of state, uh, uh, business. We we'd bid on contracts, we'd win we'd, you know, spend nine months developing an application a year, um, and did a, I did a lot of C sharp, a lot of, uh, VB dot nets. Um, there were good times I learned and grew a ton as an engineer. And then the economy crashed in 2009. And I, I joked that I think I had like $12 in my checking account by the end, uh, and needed. My old boss at CHP was at the department of mental health. And he said, you need to come back and <laugh> and apply for a job with the state again,<laugh> um, so started at, uh, mental health, which is the predecessor for state hospitals in 2000 in fall of 2009. Um, and I've been there ever since. Uh, I came in thinking I was gonna be, uh, be here for a couple years and then I'd move and it's been 12 plus years and I really enjoy every step of the way. Um, I started as a developer and that was a great job. There was tons of work to do a lot of older systems that needed just basically replacing. Um, that was just good opportunity to just dive in and, and really work. I enjoyed the folks that I worked with. Um, I liked all of our, our user community. I mean, it was just, it was a good group of folks. Um, in 2012, uh, governor brown was doing that realignment of state government. And the group I was working on was getting realigned to a different department. And my CIO at the time came to me and said, Hey, do you want, you used to be a, like a system admin? Do you want to be a CIS admin again and, and, and stick around? Um, and I said, yeah, that'd be awesome. So I kind of took a job as a full-time CI admin, uh, you know, all the kind of active directory exchange, backups, VMware security, all that kind of stuff. Um, and then a couple years after that, I had, uh, um, another CIO at the time who had moved in, gave me the opportunity to manage, um, and be the project director for what at the time was our largest it project. So it was our personal duress alarm system, which is basically like a security system that, uh, staff on the campus is where in case they have what we would call some kind of like Dures event, but that could be like a patient, um, and unstable, like being physically aggressive with you. It could also be somebody, you know, falls and breaks their leg or has a heart attack or something falls on you. And you activate, um, basically an R F I D tag that tells, uh, the hospital police and emergency responders, whereas somebody is within, if it's inside, it's within three meters, if it's outside, it's within 10 meters, so it's fairly a accurate, um, and that was just, I learned how to do projects at that point. It was a, good, good opportunity for me. And as I was finishing that, um, my, my CIO retired and my CTO got his job and I applied for her job. And so I did four years as chief technology officer at state hospitals. And that's honestly, probably my favorite job that I, I I've had, although I like my current job quite a bit too, but I just really enjoyed being in the, kind of the technical, you know, being with the technical team, building out, uh, solutions. It was just a super fun experience. And, um, about, you know, two, two and a half years ago, my, my boss decided to retire in about half that amount of time. She kind of stuck around as sort of an advisor to me. So she'd come in a day or two a week. She'd helped me with some items. Uh, and then she'd do some projects that she wanted to finish before retirement. Uh, and it was actually kind of fun that the day that my, uh, that I became acting CIO, I was in Tahoe getting married the next day. So I had like a really good weekend. I got, I got like a little promotion on Friday and got married on a Saturday. Um, but it is fine. Um, so then about two years ago, almost exactly. Um, I was appointed CIO, uh, and I've been in that position since, um, in terms of DSH, I mean, we're a medical organization, we're the biggest state department that nobody has heard of. Um, we've got 12,000 users. We serve about 6,000 patients at a time and about 12,000 a year. Um, so we're really about like clinical solutions. So last couple years we've been about COVID response. Um, but a lot of medical, uh, and, uh, psychiatric psychological, uh, um, solutions. So right now, if I had to name a couple of big, big projects on our board, um, one is our pharmacy modernization. Um, this is gonna standardize our pharmacy solutions from five kind of standalone separate solutions into one, one vendor, one version of the product, one way of doing everything. And so for us, that's, that's a big one. Um, as we kind of try and consolidate and have, have more and more, uh, like one solution across 12,000 users, as opposed to five solutions each across, you know, 2200 users. Um, and then the second, uh, big project that's kind of on our radar and we've been working on this for, uh, a few years is, uh, our like chronic medical records. So, uh, for this, the idea we're in we're inal, we're in stage three of the project approval life cycle. Right now we have a, uh, a, a rough schedule of getting into stage four, doing the solicitation sometime this spring. And we're hoping that the contract is awarded by the spring of 23. The, um, the overall project itself is to buy kind of an off the shelf, electronic medical record system, and then build some pieces around the edges, right? So the pieces would be kind of some custom scheduling components. Um, it's gonna include a forensic behavioral health module. That's probably a little bit different than what we see in off the shelf, uh, EMRs we're going to have, I mean, those are probably some of, some of the, the, the big components that we're gonna be doing, but we'll do some integration with dental systems. Uh, we're going to, uh, have a, a tie in to like court hearings, like electronic court hearings for the patients. So it's gonna be a big project. Excellent. Well, thank you drew for going all the way back to your time at secretary of state CHP and then, uh, department of state hospitals, or what it was called, the department of mental health from DevOps to C admin, to CTO, to CIO, and for giving us a snapshot of what SSH does and touching on the business of DSH through in your 10 plus years at DSH and your other experiences, what emerging trends are you seeing in the it and business fields that we should all be paying more attention to these days. Technology wise, I I'll bring up a couple and then a I'll finish with kind of a non non-tech area. Uh, so first of all, these are definitely not new and emerging, but these are super, super critical to me in my organization. And especially with respect to the last couple years and, and that's security and data, and honestly, COVID has been brutal on both of those for us. Um, we pushed thousands of folks remote in March of 2020. Um, our edge, all of a sudden went from this kind of protected data center to people's home offices. Um, and, and when I say thousands, I mean, we probably pushed the ability for 6,000 people to work remote. Now, we didn't have 6,000 people at any given time working remote, but through VDI and deploying laptops, we probably have roughly about 6,000 people that, um, during, during COVID have worked remote. So, I mean, and to think about that, that's a, that's a are bigger than most departments, right? That's a huge amount of, of remote staff. When we did this, we started noticing such an uptick in, in what we, I would generally call like, um, you know, bad guy, intrusion attempts ever since. And it could be as simple as Phish, somebody's trying to get credentials and, and we've got kind of a decent program on that. Um, but we saw unauthorized folks trying to get access to systems. Mm. And they ranged from kind of like a generic knucklehead basement mm-hmm <affirmative> to, uh, organizations that seemed like they were a fairly sophisticated organization. And I'm really lucky. We're lucky that our, uh, we have a, a mature information when I started a DMH, the ISO was one person, and that person basically did policy. Um, and that person, uh, you know, recommended some things here and let's try this and try that, but really had no, um, kind of operational authority. Um, the team now is 10 folks, um, including some really high level technical, uh, staff, and they're responsible for security implementation their, uh, policy, uh, operational security processes. Uh, so I'm feeling like we have a fairly mature team in place right now, which is, which is just necessary because we have seen such, like I said, an Inc in kind of malicious behavior, definitely over the last two years. Um, but it's paid off, right. My team, my, my app team and my infrastructure team kind of worked together with the security team. So in the older days, it was sort of, let's not talk to the information security team, let's do our own thing. And then security became kind of a bolt on after the, a fact now it's kind of built in and integrated, but I, I think that's super important, no matter what you're doing, but we've gotta build with security in mind. And then my, my second technical piece I'd bring up is around data. Um, COVID taught me that you have to have, uh, like a single source of truth should be one source of truth, not like full. And it was actually amazingly difficult to do some things during COVID like just how many vaccinations have we administered? And it was for a couple reasons, one, we had instances of folks having different systems to collect the same data. So when my boss or my director would come and say, Hey, can we build this in Tableau or public us, this, uh, data, we would pull a set of, uh, information out of it. And then maybe my pharmacist would pull something. Then my hospital administration would pull something and none of us would match. We would be, uh, we would be close. Like, I mean, we're talking like fractions of a percent off maybe, but when you're dealing with thousands and thousands, it it's noticeable. And, um, what we found oftentimes is that we either had different systems, or we had different business rules about how we interpreted data. Um, and so that kind of showed the need, and I'd been kind of banging the drum of, we need to have like a mature data organization. We need to put effort into this. We need to be, um, data driven. We need to spend our time building these con you know, these systems of record and, and using data to make the right decisions, as opposed to using, um, you know, a gut instinct or a feel and the field great when you have a lot of experience, but in general, I think I'd rather have kind of the, the data to make these decisions. The last thing I would say on kind of, sort of a non-technology front is I I'm focusing on building out my workforce. So building out a hybrid workforce, um, and I think people have to focus their leadership on that. How do you build out your organization, how you develop a culture that they care about the mission they care about the success of the organization, especially when they're probably 80 to 90, and right now a hundred percent remote. Like I have people that haven't been into, we opened a new building in July, and I haven't, I have people that haven't been in there since July. Um, and so how do you, how do you do that? Right. You've gotta be mindful in, in how you, how you bring people into your culture, how you onboard folks, how you recruit, you know how I mean, I can't, I can't just throw out, throw out positions on, on jobs@ca.gov and think I'm gonna get like a hundred good candidates. Right, right, right. Cause like five years ago you could, but you can't anymore. Right. It's true. So, um, I think I am focusing and my leader, my it leadership team, we're focusing a ton of time in trying to figure out how we make ourselves like a good destination employer, somebody that other like techno good technologists wanna come and work for. Um, and that's just a huge takeaway with COVID it's it's, uh, how do we recruit? How do we keep people from not wanting to jump for the next thing? How do we make them like ingrained and, and engaged in the organization? Thank you. Um, you're talking what we practice at direct technology. You know, we call ourselves the human side of tech and by finding the right workforce, the hybrid workforce, um, you're trying to fill that gap, the human side of tech. Thank you, drew. I think you would agree that adjusting to the pandemic was challenging for many new organizations, and now everyone is thinking what the next major disruption is going to be and how can we better be prepared for it. So, resiliency is a big topic of conversation these days, and I'm sure it's important to your organization. What are some examples of resilience you've seen in the past year and what is the one thing organizations should be doing to improve resilience? I think we should automate and, uh, and write code to do things. And that's what we're kind of focused thing on. Um, infrastructure, automation, code automation, automation, uh, automating simple tasks, uh, we've purchased tools, uh, that allow us to, to do these things. And, and I, and I called it toil, right? It's doing the same thing over and over again. I wanna figure out how to write code to do that. I want my guys to write something that if they do it twice, I want them to out, uh, how to write code to keep doing that right. And it helps me in a number of ways and I'll get to the resiliency. Uh, but it helps first of all, because it's a repeatable process. I always have, I, I have a piece of software that always does the same thing the same way. And when I have a problem, it makes it so much easier to diagnose that problem in trouble. Shoot that problem. The second thing that it really does for me is that it allows me to take those people that are doing something right. Like let's just as simple as creating an active directory account or resetting a password. And it allows me to, to now use them to deliver some other service, you know, a server administrator who used to build VMware, uh, uh, servers, uh, and patch. Those now starts working on some other, uh, other project, right? Because we have that automated and, and, and even on a program side person that, that is dealing with commitment packets from a local county jail. And they, their process is to take a PDF and slide. I sit into, you know, five different ways and upload it to five different systems. We can put some RPA tool there to help with that, right. And then that person now, you know, that's a force multiplier for that group and that person can now, uh, focus on other tasks. And, and what it really does for me in, in this gets back to the resiliency is allows me to quickly react when there's some kind of disruption in the environment. So when I have this, these automated processes in my toolkit, and I have, let's just say like a server outage at one of my sites, right? So I have five hospitals and each one has some kind of flavor of a server room and with, you know, a core switch and some compute, right. That, that allows to have local services. But if there's an outage there, I have the ability to, to basically bring up a system in kind of a Dr. Mode at another location and have some automation in there that changes the IP addresses, you know, sets of IDNs, entry, firewall rules, all that kind of stuff. And all of a sudden I can get assist some backup and running in, in minutes and not like hours or a day or two. Right. It makes it so much more resilient for me. Excellent. I'm glad to hear that organizations within the state are ready for some type of a natural disaster, like a flooding, earthquake fires, some kind of disruption. Uh, it could be a technology disruption, like a widespread computer virus or a cyber attack, uh, or it could be a disruption similar to what we experienced last January, a civil under that you need to be prepared for. That's great. I'm gonna switch a little bit on you and talk a little about, uh, motivation at direct technology. We always talk about how we are going to get a project done, but we also ask ourselves, why are we doing what we are doing? What is your, why drew, what motivates you in your work? Um, I have a few whys, I would say, uh, the fir first of all, I mean, at the core of health and human services, we take care of people. So it's a super easy team to be on, right? You feel good at the end of the day about helping human beings out. Um, state hospitals is a little different because we take the of folks who a lot of times are criminally committed to us and can be violent in some instances, but still we wanna take care of them. We want to rehabilitate those folks, but I also kind of, um, get, get excited about providing systems that take care of our staff and keep them safe, providing the right levels of security, safe environment. It means something to us. Um, for me, um, secondly, I've been here so long that a lot of these folks on my team have been coworkers and some are even friends for a number of years. So I wanna see the, the, the folks on my team grow. I wanna see them continue to move up in their careers. Like I moved up in mind. So I'm really focused on putting my, a team in positions that they can stretch and grow and ultimately succeed. And that gives me a ton of motivation when, when we're trying to kind of plan out what we're doing. And then honestly, the last thing, uh, uh, is probably just at my core, I'm somewhat competitive. Um, so I want to try and do things a little better and quicker than others. I want to implement and sustainable systems. And I've been lucky that have had multiple really, really good CIOs that have taught me over the years. Um, and the competitive person in me wants to be better than them. Like I want to do things and say, oh, well, this is great when he was here, but it in improved tenfold here. And I, and you know, that's just part of who I am. Um, and, and I want whoever takes over for me, uh, when I retire or move on to something else, I want that person to build on what I've done and just keep building up as well. That's great. Uh, leaving it better than you found it. That's fantastic taking care of the people and doing succession plan. I hear so that's good. That's excellent. Let's talk about innovation, but not only just innovation, but what inspires innovation on your team? You've had teams at different organizations and small, large, what inspires innovation on your team? I think first of all, people need to believe in the mission of the department, um, and being brought into that mission that drives a desire to Excel. And then that desire a lot of times is gonna breed innovation. So someone, you know, might be doing the same thing over and over again, but if they have that desire to really like find in tune their craft and get better and better, that's gonna lead to in, um, lead to innovation. Um, I think autonomy is going to drive it as well. Um, I think having the ability not to be siloed into I'm just a coder or I just manage DNS, or I manage, uh, uh, servers or, or something like that, but have the ability to move across multiple domains and, and really like spec out and build solutions I think is, uh, is really good in state hospitals. I mean, I, I was saying earlier, we we're a large organization, but our it department is not that large. Right. So we have 12,000 staff and I only have a little over 200 employees, uh, it employee. So I have to have a bunch of people that are like integrators. And these are guys that can do five or six things really well. Um, and when they, and when you give them that ability, I've found a lot of times they, they come up with some of the best solutions, right. And because they, they geek out on something and they say, oh, I'm gonna try this. Oh, I've tried this. Uh, and, and it, you, you know, that ability not to be siloed allows individuals to kind of think outside the box and, and innovate. Um, and then probably the other thing too, is making sure you hire the right mindset, you know, people with the right mindset. So, um, we talk on our leadership team about growth minded individuals, right? People that wanna Excel, people that wanna kind of go from, you know, a, to B to C um, they wanna get better and look at new ways of doing something that that's, that that'll bring innovation too. That's great. That's true. All of those things bring innovation and inspires the staff to be innovative, uh, know a little bit I, your background and what your interests are, what, what is something that would surprise people about your background or interests? Yeah. I don't know if it's surprising or not, but, um, I don't have a computer science degree. I have a political science degree. Um, when I was go working as a student at secretary of state, I thought for sure, I was gonna go to law school, uh, and then get a job working in the capital. Like that was what was really interesting to me up until maybe the end of my senior year. And then I was really interested in being done with college. Um, and then I sort of just got into computers on my own. I built my own, I, in the mid to late nineties, I started running Lennox on my home computer. In fact, I still run it on my, a laptop at home. Um, but I always felt like having that poly sci degree was like a, not embarrassing, but like a, um, like a step down. Like, I wish like every time I, oh, if I would've gone back to school, I, I did a computer science degree. Um, but then finally I got into my current role and I'm like, oh, that political science degree actually, um, helps me out now. Right. I, I can write, okay. I know how government works. I know how the budget works. Um, so I, I feel good about having that as a foundation at this point. Um, and then if you want a real fun fact, I have an identical twin brother, but he doesn't in. Did not know that. Okay. He's a lot thinner than I am too. So <laugh>. No job. Yeah. Well, on that first one, you know, not having a computer science degree, but you've been in the trenches in it. So you've gotten it from experience and actually doing it in order to be a successful go CIO these days, you have to be a little bit of a techno grad also, and that I'm sure that political science degree has come handy at times. Yeah, definitely true. Where can people find you and keep tabs on what you're working on? How can people support your work? Yeah. Our, our bigger projects are reportable. Um, so you could definitely find information about them at CDT. Right. Um, and I would also say, um, people that, that work well with us, um, also typically look at, uh, what's released in the governor's budget, for example. So look on Jan 10 to see what's coming up. Um, there's definitely gonna be a number of initiative, those that have it components, uh, to them. Um, I would say also when, when the state, like we've done a big work group, uh, statewide, uh, around folks who are incompetent to stand trial and they're remanded in our custody so that they can regain competency and go to the court. Um, our director that, uh, group and, and I had a couple partners that reached out and said, Hey, I've been listening into, uh, what Stephanie's been saying. And, and I've got some suggestions, like that's a super great way to, uh, get in the mix, right? Like a soup, like, Hey, I, I I've heard your problem. I think I've got some, some ways to help with that. Um, and then in general, I'd say part partners or vendors, or, you know, whoever they really want to do work with us. The, the most successful ones, they spend their time building interest from, from my team and not coming to me. So they don't come and say, Hey, drew, I want you to buy this. And for your team, they go to my, you know, server administrator or security engineer or something and say, Hey, we think you have this as a need. We've gotten to know you. We know that this is your, uh, these are some of your pain points. And then that person, you know, talks to their boss who talks to their boss, who talks to like my CTO, who talks to me about some new, cool technology or solution that, that, that, that we should implement it. And, and I, I just, I really like having it that way, as opposed to, you know, somebody that knows me or doesn't even know me, but comes right to me and says, Hey, I think you should buy whatever for your organization. And I always tell them, like, don't sell to the CIO, sell to the, to the network team or the app dev team. Don't they sell it to me. Like you sell to them and they'll sell to me, and then I'll find the money for. It. That's right. Thank you. Thank you for sharing all those insights. And thank you so much for joining us today. Drew thank you to all the listeners out there for joining us as well. We will see you in the next episode of the vote for thought, where we will share more light on the human side of.