Leveraging EA and IoT Synergy for Digital Transformation

Posted May 10, 2016 in Business & Enterprise Architecture Cutter Business Technology Journal
Tushar Hazra
In this issue:



Over the past few years, the business world across the globe has been witnessing a new kind of change. It is unique, it is disruptive, and more importantly it is constant. This change is about the transformation of an entire enterprise and its ecosystem. It encompasses the convergence of all the digital assets, devices, systems, and applications as well as communication technologies and networks any enterprise uses. We commonly refer to this change as “digital transformation.”

EA and IoT: Better Together

Most business and IT leaders today are embracing the Internet of Things (IoT) to catalyze the digital transformation across their enterprises. The IoT is empowering businesses and consumers to connect and converge their world of physical objects with computer systems, applications, and services, and — most importantly — to handle the deluge of data they collect, consume, and analyze. In this context, the role of enterprise architecture (EA) is highly significant. While EA and IoT are not similar disciplines, I believe there is an inherent synergy between them, stemming from the fact that EA and IoT each support digital strategies for disruptive business operations. They deliver a converged enterprise that is collaborative, connected, and often socially infused.

Traditionally, EA has focused on delivering a set of guiding principles, frameworks, reference models, blueprints, and roadmaps to support operational ­excellence as well as strategic business and IT alignment goals. Today this focus is shifting toward lever­aging collaborative, agile, disruptive, and innovative approaches to executing EA practices for digital transformation. Like many thought leaders, I believe that in order to successfully implement a new change, a new EA must be pro­active and customer-oriented. This new EA must be innovative enough to deliver tangible business results more consistently and more frequently to capitalize on the IoT opportunity. EA and IoT together help enterprises to leverage their capabilities (people, process, and technology) while establishing mechanisms or conduits for the digital transformation.

Here are just some of the ways that EA and IoT complement each other:

  • EA can decide on a set of technology standards, platforms, and network protocols (e.g., Wi-Fi, TCP/IP, RFID) that solution developers implementing the IoT devices can use. The IoT devices and sensors can employ these standards and protocols to connect with the enterprise and thereby enhance the quality of service and experience for the device users.
  • The EA team can provide a set of proofs of concept or prototypes that solution developers can leverage to expedite IoT implementation.
  • The primary focus for EA and IoT today is data analytics and how data needs to be ingested, processed, analyzed, disseminated, and subsequently used by data scientists or decision makers. Emerging technology trends such as social computing, cloud computing, mobility, and big data add key benefits to the EA/IoT combination. For example, cloud can facilitate the connection of IoT devices, while big data analytics can help professionals observe the behavior of customers using those devices.

Many companies in the healthcare, transportation, retail, manufacturing, and pharmaceutical industries are already embracing the concepts of EA and IoT together in their digital transformation initiatives. One of them is the company I worked for, which I will call “Health-USA” (a fictitious name to maintain anonymity). Over the past three to four years, the company has been trying to expand its operations with a new set of services and solutions for patient-centric care delivery, care coordination, and clinical decision support. Recently, the company decided to implement IoT devices and sensors as part of its strategic IT plan. In the remainder of this article, I present a case study of Health-USA’s experience leveraging the combination of EA and IoT in its digital transformation effort and share a set of effective practices gleaned from that effort.

Case Study: Digital Transformation at Health-USA

Health-USA is a multimillion-dollar healthcare IT ­service provider with more than 60,000 public sector employees; it has been serving US citizens for more than a decade. In 2013, Health-USA acquired two technology firms and a training provider, all involved in healthcare delivery services. Once the newly acquired organizations were integrated within the enterprise, senior leadership decided to incorporate medical technology devices such as life management (measuring and monitoring) gadgets and wearables into the company’s enterprise solutions and services portfolio.

To this end, Health-USA formalized its partnership with a recognized manufacturer of wearable IoT devices. The hardware component of the chosen device consists of two sensors: one to wear as a contact lens, and the other as a patch that is capable of taking the patient’s blood sample (preferably from an arm), temperature, and blood pressure. The software component of the device is a mobile app that Health-USA wants to develop inhouse and deploy using iOS, Android, and Windows platforms for versatility. With these components in place, Health-USA aims to provide services to more than a million diabetes and hypertension patients across the US within a year. Initially, the company plans to perform a clinical trial with 1,000 patients with Type 2 diabetes in the mid-Atlantic region.

The Vision

The CIO, in collaboration with senior leadership, led a set of strategy sessions to formalize and kick off the enterprise-wide digital transformation. For Health-USA, the primary business goals of the digital transformation included enhancing the customer experience and improving the quality and efficiency of service ­provided to patients and their families. It decided to get into the wearable IoT device–based services ­business in order to:

  • Serve new and existing customers (diabetes patients with hypertension)
  • Strengthen Health-USA’s current market position
  • Gain a competitive edge over other service providers in the same field

Once he socialized the strategic vision and mission among the rest of the executives, the CIO asked the chief architect and the EA team (of which I was a member) to define an actionable strategic plan so the EA team could help the entire enterprise manage its digital transformation effort while facilitating the IoT implementation.

The Plan

The EA team began its engagement with two business units as early adopters of the digital transformation and IoT implementation strategies: Clinical Decision Support (CDS) and Health Informatics (HI). It then planned to get the Public Health Affairs (PHA) and Enterprise Health Solutions (EHS) business units involved within the next three months. The Health-USA leadership team directed both CDS and HI business units to work together with the EA team as a unified team to collaborate in developing the strategy, a roadmap, and an implementation plan for integrating the wearable IoT devices into the enterprise services portfolio and digital transformation initiative. The EA team devised an architecture strategy to:

  1. Collect the data from the wearable devices using mobile apps and a Wi-Fi network
  2. Ingest the raw data to an application in the CDS ­business unit
  3. Store the raw data in secure cloud data storage

The EA team made this decision based on current industry trends and research on commercially available tools and techniques for emerging technologies such as big data, cloud, data analytics, and IoT. We recognized that the use of private and secure clouds would enable us to control access to and protect the data collected (and shared) from the medical devices as well as the sensors. To harness the power of big data and data analytics, we selected a commercially available analytics tool to determine the quality, relevance, validity, and authenticity of the data. This subsequently allowed us to reduce the volume and velocity of the ingested de-identified data from the wearable devices before storing the data in a private cloud.

The CDS and HI business units plan to acquire and share a cloud-based data management and integration system to validate, process, cleanse, analyze, and ­disseminate the data to internal and external users for ­further analysis and informed decision making. Key external users include clinical research organizations, physicians, patients, and care delivery professionals. Internal users include data scientists, medical research scientists, and analysts from CDS and HI, as well as the PHA and EHS business units.

Identified Needs

During the initial strategy meetings the CIO had with his peers (from CDS and HI) and direct reports (including the EA team), my colleagues and I discerned the ­following needs:

  • Facilitating the adoption of the corporate vision of digital transformation across the enterprise, specifically for the CDS and HI business units and associated technology organizations identified as early participants in the digital transformation. This was new territory, as the team members had little or no prior experience with the IoT or the use of mobile medical devices.

  • Recognizing the gaps in business and technical capabilities while a number of capabilities related to leveraging the IoT were still under consideration. Key challenges with regard to leveraging the IoT included the privacy and security of the data (specifically for protected health information [PHI]) and the interoperability of the devices with existing applications, just to name a few.
  • Reestablishing the EA program and its governance (charter, principles, review bodies, and processes) while adjusting its way of engaging with any ­enterprise-level initiative “on the fly” in order to meet the business needs and goals. The EA team concentrated on promoting the adoption of IoT (strategy, roadmap, and plan) by:
  • Offering technology briefings, proofs of concept, and vendor demos
  • Cultivating EA strategies for data protection and data access control
  • Facilitating sessions to make associates aware of issues and risks related to wearable medical devices and sensors and to familiarize them with the processes for resolving patient safety and security concerns
  • Engaging and empowering the right experts and resources to deliver business results and operational excellence successfully. The most critical element here was not just ingesting or collecting the data from the IoT devices, but also making the data relevant and available for analytics by the data scientists and appropriate decision makers. The EA team guided CDS and HI business teams, application architects, application developers, and technology partners to develop and test a number of IoT, big data, cloud, data analytics, and mobile application development–related technology pilots, proofs of concept, and ­prototypes.

The EA team made a few additional observations while using IoT-based medical devices in conjunction with health informatics, mobility, and cloud computing. Since Health-USA already deals with PHI-based clinical and health informatics as well as biometric data, the management and analytics of the data discovered and captured from the IoT devices have been critical. In order to leverage cloud-based storage, we needed to secure the data in transit and at rest. Data loss prevention was another important issue for us. We considered multi-factor authentication for the data access control and NIST-recommended virtual disk encryption ­technologies to protect the devices. Requirements for compliance with government regulations, healthcare policies, and mandates intensified further since we were supporting US public sector clients; this added a new layer of security and privacy constraints for us. The lack of standards for connecting the IoT devices continues to pose challenges for the initiative today.

Essential Questions in Four Phases

In order to establish the credibility of the EA disci­pline, we cultivated a simple way to abstract the major elements for our digital transformation. As shown in Figure 1, we prepared a set of essential questions under the labels of Who, Why, What, Where, How, and When that we would ask ourselves (the EA team), business and IT sponsors, stakeholders, and business and IT teams over the four phases of the initiative: strategize, organize, socialize, and institutionalize. (See Table 1 for some sample questions.) We used the answers derived from the questions to develop different views and models of the transformation. The views and models also included the information pertinent to using the IoT, cloud computing, and big data analytics. The afore­mentioned four phases enabled us to develop a holistic approach to unite the technology, processes, inter­operability, and security for the enterprise:

  1. Strategize. During this phase, the EA team engaged senior leadership (sponsors and stakeholders) to get a clear understanding of the strategic vision. We identified the key business drivers for and desired benefits from our digital transformation journey. We started this phase in parallel with the CIO’s strategy meetings mentioned earlier. We frequently assessed our readiness for initial digital transformation projects and evaluated our ability to use the IoT (devices and connectivity), cloud, and data analytics effectively. We focused on the Who, Why, and What questions during this phase. The EA team’s primary intention in conducting this exercise was to recognize the ­business vision and identify the capabilities needed to leverage new and existing digital assets.
  2. Organize. In this phase, we started planning, blueprinting, and developing roadmaps for a set of projects that were prioritized according to their impacts on (and possible disruptions to) business operations. Although we primarily focused on Who, What, and Where questions, we also recognized certain specifics of How and Where. This exercise allowed us to evaluate our existing processes, technology, and regulatory compliance requirements. During this phase, we also laid out the initiative’s communication plan, while setting the rules of engagement for the EA team to perform architecture planning, capability assessment, and architecture reviews. We established our rela­tionship with the medical device, cloud, and data analytics tools vendors through technology briefings, demos, and evaluation and selection processes. The primary intention here was to pinpoint the gaps in business and IT capabilities and secure the new resources needed for digital transformation.
  3. Socialize. We actually launched this phase to instill the concepts of the digital transformation in the organization. We cultivated the idea of the patient’s use of wearable medical devices (as part of the IoT) and associated security- and privacy-related requirements. We also discussed the options for using cloud and data analytics across the enterprise early on. We refocused on answering a few more Who, Where, and How questions to explore data capture, protection, and storage needs. During this phase, we (the EA team members) also established a strong relationship with the individual project managers and the enterprise program management office (PMO), working together with them to build and/or revise the business cases to move forward with the selected initiatives and secure potential funding.
  4. Institutionalize. This phase has been vital for formalizing risk management, governance, and compliance policies and processes across the enterprise. We shifted our focus to establishing review processes and procedures to manage and monitor adherence to EA principles while complying with government mandates and industry regulations related to the usage of wearable medical devices. We also faced challenges due to the lack of standards in the use of the IoT devices and, more specifically, stringent clinical restrictions associated with wearables. We refocused on Who, How, and When questions to establish the governance of the EA standards, ­principles, and our corporate governance policies.
Figure 1 — A holistic approach to driving enterprise convergence.

Figure 1 presents the four phases in sequence. How­ever, in reality, we have mostly worked on two or more phases in parallel to expedite the involvement of EA as a discipline in the enterprise-level digital transformation initiative. We also empowered the project teams to leverage time and resources efficiently and consistently in order to make measurable progress with the digital transformation.

Table 1 — Sample questions for digital transformation (including the IoT implementation).


  • Who are our target customers? Internal and/or external?
  • Who are the key decision makers? Business sponsors? IT leaders?
  • Who are our primary digital asset users? Data scientists? Research scientists?
  • Who are our digital technology or business partners and vendors? Software and hardware?
  • Who are our team members? Business and IT? Application development? Operations support? Infrastructure? Security and access control?
  • Who has prior digital transformation experience?
  • Who is responsible for interacting with the IoT vendors? For managing contracts and associated relationships? 


  • Why do we need digital transformation?
  • Why do we need the IoT wearable devices?
  • Why do we need data analytics?
  • Why do we need big data?
  • Why do we need mobile applications?
  • Why do we need to consider new standards, new technologies, and/or a new development approach?
  • Why do we need to consider new integration technologies or network connectivity for the IoT devices?


  • What are our key new business and technology requirements?
  • What are our existing business and IT capabilities for digital transformation?
  • What are our existing digital assets? What new ones would be beneficial?
  • What are our existing business processes? What new ones should we implement? What needs to change?
  • What other ongoing projects may be impacted (or interfaced)?
  • What are our reusable technology standards?
  • What impacts do new technologies and work products have on our enterprise, financially and operationally?
  • What savings do these technologies and work products hold for the CDS and HI units and subsequently for the entire enterprise?
  • What types of agreements/contracts do we need to have in place with telecom and/or IoT device manufacturers?   


  • Where do we make the most business impact? Organizationally? Financially?
  • Where do we have most of our resources to start digital transformation?
  • Where we do we have the most architecturally significant components?
  • Where do we have most of the data needs?
  • Where do we currently store our PHI and PII data? Where do we store and archive our data in the future?


  • How do we manage the initial digital transformation project(s)?
  • How do we ingest the data from the mobile devices and the sensors?
  • How do we engage our IoT business and technology partners?
  • How do we store the ingested data? How do we separate our PHI and PII data from the rest of the ingested data?
  • How do we incorporate our existing EA best practices? How about new ones?
  • How do we perform governance activities (e.g., architecture review)?
  • How do we incorporate industry regulations, standards, and government mandates for IoT or mobile device usage?
  • How do we manage or maintain interoperability issues?
  • How do we manage availability, scalability, and security issues related to the IoT devices?
  • How do we manage or monitor the power consumption of the IoT devices/sensors?
  • How do we integrate the IoT implementation with the entire enterprise?


  • When are we ready to start the digital transformation? The IoT implementation?
  • When do we start to design, develop, and deploy the service for the IoT devices?
  • When do we start user acceptance testing of the IoT implementation?


What We Learned: A Set of Effective Practices

While we have had our own share of struggles in getting the organization ready, we have had a successful journey so far in establishing a collaborative, connected, converged, and socially responsible enterprise. The EA team has facilitated many focus group sessions with new and existing patients, clinicians, research scientists, and physicians and has collected various medical device–related requirements. We have also presented our findings from social meeting sessions (group dis­cussions) to various care delivery organizations and the Health-USA leadership team. As part of this initiative, the EA team is still successfully utilizing the core guiding principles of EA, basic tenets of IoT strategies and blueprints, and a set of innovative digital health (including medical technology) concepts to build an effective digital enterprise, e-Health-USA. Here are a few of the foundational practices that made our digital transformation effective:

  • Recognizing and managing the expectations of the leadership. Although this may sound like a common practice for any enterprise-level project, it plays an important part in digital transformation. It is important to keep the leadership well informed and up-to-date on the challenges, risks, issues, and impacts related to the ongoing projects while dealing with emerging technologies such as cloud, big data analytics, and IoT. Each of these technology trends requires the leadership to set a clear vision. However, the EA team must subsequently establish the right expectations and obtain leadership buy-in for alternative options as appropriate. For Health-USA, the leadership of the CIO was the most important impetus for the disruptive digital transformation journey.
  • Recognizing organizational readiness and the learning curve. It has been an important practice to recognize the capabilities of the enterprise in embracing the IoT implementation. We have instilled a cultural change in the mindset of the team involved through formal training, workshops, seminars, technology briefings, and vendor demos. We have encouraged and empowered the project team members to take ownership of new techniques, approaches, or ideas that can expedite the project schedule and success. That said, the company had to make a conscious initial investment to help the team scale the learning curve associated with leveraging cloud computing, big data, and data analytics. For Health-USA, this ­initial investment demonstrated the leadership’s ­commitment, which motivated the team to perform well in all phases of the initiative.
  • Adapting to the lack of IoT industry standards in formulating interoperability. This has been a key practice for us. While many healthcare IT industry leaders have already embraced IoT, there is still a lot of work needed to establish standards for providing accessibility, interoperability, and protection for the data retrieved from IoT devices. We had to shift our focus onto the hardware aspects of the wearable devices in order to manage the aforementioned architectural elements. For example, we have worked closely with the IoT sensor manufacturer to encrypt the data captured by the sensor before allowing it to be received by a mobile device.
  • Addressing the privacy, security, and regulatory compliance issues. This has been another major practice for us, and it requires attention throughout the digital transformation phases when leveraging cloud, big data analytics, and IoT. In most cases, it also involves securing the data while it is moving across multiple devices and the cloud or simply being streamed from a device to the enterprise system. We have established a federated or distributed approach to monitoring, maintaining, and managing the security and privacy aspects of the data while incorpo­rating regulatory compliance factors under the EA governance principles. At the same time, the federated approach helped us connect our “silo” organizations and establish a mindset for shared responsibility across the enterprise.
  • Adopting emerging technologies with an open mindset. This practice has been important for us in developing an adaptive EA and at the same time establishing a flexible culture across the enterprise. Leadership support was tremendously valuable in enabling us to evaluate emerging technologies and select technology options carefully and effectively. We have also had the opportunity to assess multiple open source–based products and tools while preparing multiple teams for the digital transformation. Our EA team — with the help of expert consultants, formal training, appropriate prototyping, and vendor demos — learned various ways of preventing PII and PHI data loss and leveraging real-time data ­analytics to minimize the risks of using IoT devices and big data.

I strongly believe that these practices can make any EA team effective in an IoT implementation while facilitating digital transformation. These practices have allowed us to integrate emerging technologies such as cloud and big data analytics with our enterprise-level initiative.


The initiative presented in this article is still a work in progress. However, I would like to offer four suggestions based on my experience in this digital transformation initiative and other real-world engagements:

  • Create value. It is important to solidify the creation of value by leveraging EA practices for the IoT implementation early in digital transformation. I suggest that the professionals involved clearly define a set of desired business value(s) during the strategize phase, and EA professionals must help to obtain leadership buy-in for the created value proposition (i.e., the ROI existing and new digital assets will provide).
  • Develop value. It is essential for EA as a discipline to take the lead in developing the value IoT, cloud, and big data will yield in the digital transformation initiative. In practice, value development requires collaboration between various teams. The EA team worked closely with the solution architecture, application development, and project management teams to develop various pilots, prototypes, and proofs of concept to demonstrate the value of these technologies to the enterprise.
  • Deploy value. It is vital to deploy the value developed early to achieve the trust and confidence of the entire organization. We used the pilots and prototypes to demonstrate the value developed. We also used these pilots to train new team members. This value deployment becomes even more crucial due to the fact that most associates, employees, and executives do not have expertise or experience in dealing with the complexities of using the IoT along with cloud computing and big data analytics. In our case, we used the socialize phase to extend the value deployment across the entire enterprise while holding more review, inspection, and walkthrough sessions for the work products. These sessions allowed us to evaluate and test the work products using different use cases and what-if scenarios.
  • Realize value. This may be the most difficult yet most rewarding part of the digital transformation journey. We have achieved a small but significant success in integrating the wearable IoT devices into the enterprise and have already managed to collect the data ingested by the IoT devices and support a team of data scientists to analyze it. We have also established a secure private cloud to store and protect a small ­segment of PII and PHI data. Most importantly, we have managed to leverage a set of industry-recognized standards for preventing data loss from the IoT devices. We have leveraged the insti­tutionalize phase to achieve our goals here. The EA team is currently working with all four business units of Health-USA to roll out services for 1,000 wearable devices as a pilot project for Type 2 diabetes patients in a selected region of the US. The data captured from the wearable devices will be processed, protected, and used in five major US diabetes research and care delivery organizations. It will also help the Health-USA data scientists and research scientists study the patterns of a patient’s self-management (using the pilot wearable devices) and subsequently offer ­relevant services to a wider range of the patient ­population.

I hope that the experiences I’ve recounted will resonate with Cutter IT Journal readers and that the suggestions and recommendations offered here will help you leverage EA/IoT synergy in your own digital transfor­mation initiatives.

About The Author
Tushar Hazra
Tushar Hazra is an Executive Enterprise Architect with over 22 years’ experience in various areas of architecture development, implementation, governance, risk management, and compliance. Dr. Hazra is a successful and recognized thought leader and an expert in delivering enterprise-level business solutions, strategy, blueprints, and roadmaps; strategic planning; and implementing effective enterprise architecture for digital transformation. He… Read More