Monday Morning Update 3/23/26

Top News

CMS issues a final rule that standardizes electronic claims attachments and electronic signatures, allowing providers to send supporting clinical documentation, such as notes, images, and reports, electronically instead of by fax or mail. CMS excluded prior authorization attachments from the rule.

The final rule takes effect on May 26, 2026. Covered entities must comply by May 26, 2028.

CMS proposed a more ambitious rule in 2022 that would have addressed claims attachments, prior authorization attachments, and broader workflow fixes. CMS split that rule into two tracks, the newly published claims attachment rule and a 2024 rule that moved prior authorizations toward structured data exchange via APIs instead of document attachments.

HIStalk Announcements and Requests

Poll respondents are skeptical, but not dismissive, of Amazon’s healthcare ambitions. Few expect it to make a major impact, perhaps reflecting doubts about its invincibility following Haven’s failure and the modest traction of One Medical and Amazon Clinic. A contrarian take is that Amazon doesn’t need to solve healthcare’s complexity when it can benefit from cherry-picking low-risk, high-reward aspects such as digital pharmacy, logistics, and owning the digital front door.

New poll to your right or here: Whose side do you take in AI-powered encounter coding? Bold thinkers would argue that AI tries to make coding orderly and objective when it was never designed to be, rewarding how well the story is told more than messy clinical reality that cannot be reduced to checkboxes. It’s like US tax law, where you could ask 10 experts to calculate the same family’s tax bill and get 10 different yet defensible answers.  

Sponsored Events and Resources

None scheduled soon. Contact Lorre to have your resource listed.

Acquisitions, Funding, Business, and Stock

A small China-based study finds that delivering patient education in the patient’s own cloned voice improves compliance and satisfaction compared to using the cloned voice of a physician. The team used Resemble.ai to clone the voices.

HIMSS doesn’t respond to my inquiries about its IRS Form 990 non-profit tax filings even though they are required by law to provide them, but I notice that they finally filed the FY2022 form a few months ago. Highlights:

• Total revenue dropped by 14% over the previous year.
• Nearly half of its income came from conferences, whose revenue tripled that of memberships.
• Advertising and media contributed $10.7 million in unrelated business revenue.
• HIMSS lost $9 million versus $19 million the year before.
• Its net assets dropped from -$29 million to -$41 million.
• Top compensation was earned by President and CEO Hal Wolf ($1.3 million), COO Sebastian Krolop ($922,000), and EVP Bruce Steinberg ($595,000).

Sales

• Two NHS trusts will implement Altera Digital Health’s EPR in a 10-year, $38 million contract.

Announcements and Implementations

AI-powered search engine operator Perplexity AI introduces Perplexity Health, which will allow users to connect to their provider’s health information via B.Well along with data from Apple Health, Fitbit, and Withings. Its dashboard will track metrics and answer health questions from the user’s own data.

Privacy and Security

The Cybersecurity and Infrastructure Security Agency urges organizations to implement Microsoft’s newly updated best practices for securing Intune and other endpoint management software following the cyberattack on Stryker.

Other

A SmartSense by Digi survey finds that hospital CFOs plan to spend more on technology in 2026, but rising cost pressure, high pilot failure rates, and compressed ROI timelines are forcing a shift toward platform solutions that deliver fast, measurable financial returns. Other findings:

• Half of the hospitals demand at least 110% ROI in new technology within 18 months versus the previous runway of three years.
• Nearly 60% say that at least half of their technology pilots fail, leading them to seek proven rather than experimental solutions.
• Top project drivers are payment and regulatory requirements rather than AI or outcomes.
• Most expect to make AI investments, but only for technology that provides quick, measurable financial or operational gains.

Sponsor Updates

• Wolters Kluwer Health expands its relationship with the American Heart Association to include the journal Stroke: Vascular and Interventional Neurology, for a total of 12 American Heart Association journal titles.
• FinThrive receives the Platinum 2026 Pinnacle Award for AI Excellence in the Intelligent Process Automation category.
• PerfectServe will sponsor The Millenium Alliance’s Healthcare Providers Transformation Assembly April 7-8 in Denver.
• The Harvard Business School Alumni Magazine profiles Waystar CEO Matt Hawkins.
• WellSky will present and exhibit at the ACMA National Conference April 20-23 in Orlando.

Blog Posts

• Implementing Contact Center Automation With AI (Five9)
• CISO Brief: Regulatory Update on the 2026 National Cybersecurity Strategy (Fortified Health Security)
• HIMSS 2026: 6 priorities healthcare IT leaders should focus on next (Nordic)
• Is Your ServiceNow SPM Driving Value or Creating Drag? (Optimum Healthcare IT)
• AI Can Suggest. Health Systems Must Deliver Action. (Praia Health)
• The Hospital CFO Technology Outlook Report: How Financial Leaders are Rethinking Spend in 2026 (SmartSense by Digi)
• What Healthcare Payments Can Learn from Retail Experiences (TrustCommerce)
• Turning Fragmented Patient Data into Faster Therapy Starts (Surescripts)
• Hospital Outpatient Observation Care: Facility vs. Professional Coding (TruBridge)

Contacts

Mr. H, Lorre, Jenn, Dr. Jayne.
Get HIStalk updates.
Send news or rumors.
Follow on X, Bluesky, and LinkedIn.
Sponsorship information.
Contact us.

Morning Headlines 3/20/26

Verily Secures $300 Million Investment to Advance its Precision Health AI Strategy

Alphabet-owned Verily raises $300 million, renames itself Verily Health, and says that it will focus on developing AI-enabled precision health solutions.

Chartis acquires Leap AI, accelerates healthcare innovation through AI and technology transformation

Chartis acquires venture studio Leap AI.

House bill pressures VA to get EHR back on track, or risk contract termination

A proposed House bill would restrict the VA from signing new agreements with Oracle Health or bringing new sites live if the VA doesn’t implement and meet system and operational metrics.

Health Universe Raises $6M to Integrate AI Agents into Healthcare Organizations

Health Universe, which helps healthcare organizations build, deploy, and govern AI agents, announces $6 million in seed funding.

News 3/20/26

Top News

Alphabet-owned Verily raises $300 million, renames itself Verily Health, and says that it will focus on developing AI-enabled precision health solutions.

Alphabet participated in the round but, gave up its majority stake in the company. Other investors include Series X Capital, UCHealth, and the University of Colorado Anschutz.

Verily’s moonshot phase ran from 2012 to 2016, when it pursued ideas such as glucose-sensing contact lenses and massive health mapping studies. It struggled with layoffs and leadership changes through mid-2024, when it pivoted to become a vendor of data platforms and technology to health systems and pharma.

Verily Chairman and CEO Stephen Gillett, whose background was cybersecurity and retail before joining Google in 2016 and Verily in 2020, will remain with the company.

Reader Comments

From DataTrust: “Re: GuardDog. What stood out to me wasn’t just that one company crossed the line, it’s how easy it seems to claim treatment as the reason for access without much verification.”

From ChartAudit: “Re: Epic wrongful death lawsuit. The allegation that clinicians couldn’t reconstruct a medication timeline or clearly distinguish active versus discontinued meds is the kind of issue most of us have worked around for years. The question is whether that’s a usability nuisance or a true patient safety risk, and whether courts are now going to be asked to decide the difference in product design.”

Sponsored Events and Resources

None scheduled soon. Contact Lorre to have your resource listed.

Acquisitions, Funding, Business, and Stock

Chartis acquires Leap AI, a venture studio. 

Diabetes and insulin management technology company Glytec announces plans to relocate its headquarters from Boston to Atlanta, where it will hire an additional 500 employees over the next several years.

About 2,400 Kaiser Permanente mental health professionals stage a one-day strike after being warned by their union that KP will replace therapists with AI. They were joined by 23,000 Kaiser nurses. Kaiser denies the claim.

Announcements and Implementations

MRO adds identity verification technology to its Patient Central patient records request system.

In Canada, Ontario considers implementing a province-wide patient data-sharing system and says that it is in discussion with vendors. The province spent $6 billion on previous projects with little success.

Wolters Kluwer Health will provide Continuing Medical Education to clinicians who use its UpToDate Expert AI.

Google partners with CMS to pull patient medical records into Fitbit, positioning its AI health tools as a consumer-facing front end for longitudinal health data.

Government and Politics

VA Deputy Secretary Paul Lawrence, PhD says in an EHR update that “The bottom line is that, this time, the Federal EHR is working, stable, and reliable” as rollouts accelerate “with the right leadership in place.” The VA has scheduled 23 sites to go live in 2026, starting in April with Michigan sites in Detroit, Saginaw, Ann Arbor, and Battle Creek.

Meanwhile, a proposed House bill would restrict the VA from signing new agreements with Oracle Health or bringing new sites live if the VA doesn’t implement and meet system and operational metrics.

A report says that politicians of Sweden’s Region Skåne were misled by an IT procurer into selecting Cerner Millennium in 2017, which allegedly did not meet mandatory EU safety requirements. The civil servant who led the selection later took a job with Cerner at twice the pay. The government announced the selection in September 2017, but no go-lives have occurred and the project’s cost has risen to $234 million. Meanwhile, implementation has been mothballed after a system review by 150 government employees concluded that Millennium is not “useful enough to be implemented.” The government will pursue other options.

A study of the ACA Marketplace finds that rising premiums and subsidy losses have left 10% of last year’s enrollees uninsured, driven half of those ages 18 to 29 out of the market, and forced many to cut basic expenses while worrying about affording premiums, emergency care, and hospitalization.

Sponsor Updates

• Judi Health wins seven 2026 Stevie Awards for sales and customer service.
• CTG will introduce a cyber resilience scoring dashboard next week at the 2026 RSA Conference.

Blog Posts

• Who Owns Lung Nodule Follow Up in Health Systems and Why That Matters (Qure.ai)
• From Strategy to Execution: Key Insights From HIMSS26 (Tegria)
• Patient Safety Awareness Week: Teaming Up for Safer Medication Decisions (First Databank)
• Data, AI, and the Contact Center: Turning Insight into Real Business Growth (Five9)
• How to Build a Resilient Ransomware Defense Program in Healthcare (Fortified Health Security)
• Why Health System IT Investment Works Like a 401(k): Insights From Former CIO Todd Richardson (HCTec)
• Why patient confusion could be one of your biggest revenue cycle management bottlenecks (and what to do about it) (Inbox Health)
• How Boone Health is using predictive no-show modeling to improve access and outcomes (Meditech)
• 10 Ways EHRs Cause Physician Burnout (And What to Do) (Med Tech Solutions)

Contacts

Mr. H, Lorre, Jenn, Dr. Jayne.
Get HIStalk updates.
Send news or rumors.
Follow on X, Bluesky, and LinkedIn.
Sponsorship information.
Contact us.

EPtalk by Dr. Jayne 3/19/26

Mr. H asked earlier this week, “If medical practices really care about patient health and access, why are their offices closed 75% of the time?” Several readers added comments, so I thought I would share.

A member of our hospital medical staff wanted to experiment with evening hours for patients who couldn’t leave work during normal office hours. The plan was to staff the clinic from noon to 7 p.m. one day each week.

The first roadblock was the building management team. They were unwilling to leave the front doors of the medical office building open after its published 6 p.m. closing time. Concerns were also expressed about how the extended hours would negatively impact janitorial contracts.

The staff was split 50/50 about the idea. Those who didn’t have children at home were excited to have a morning free to run errands. Parents who had to arrange childcare noted a lack of flexibility with care providers and the extra charges assessed for extended care, even if children arrived later in the morning. Needless to say, the plan was dead on arrival.

In contrast, the majority of the local Direct Primary Care practices offer non-traditional hours, either scheduled or on demand. They are typically located in a freestanding building or a strip mall rather than a medical office building, which makes it easier for after-hours access.

They don’t bill insurance, so they have smaller staffs. They usually need just one person to support the physician who is seeing patients. Smaller patient panels allow the physicians to cover their own their own call  without an exchange or call group. They are more likely to be able to help patients resolve issues outside of traditional office hours.

The practice modality continues to grow in our area. Spending $70 per month to cover all your primary care needs starts to look like a great deal when you’re in a high-deductible health plan.

I worked in the emergency and urgent care space for a while. I have been surprised in recent years not only by how early some primary care offices close, but also by the difficulty in getting in contact with a physician once the phones switch into after-hours mode.

Back in the day, we had a Rolodex at the ED charge nurse desk that had so-called back-line telephone numbers. These bypassed voicemail at most of the local practices, which made it easy to reach people until about 5:30 p.m. Those cards also had the numbers for the exchange services that were used for after-hours calls. Sometimes they included the physician’s pager number, and when physicians received pages to call the ED, they typically did so promptly. There was a level of trust that we wouldn’t abuse the phone numbers, and in return, they would be accessible to us.

These compendia may not exist in the era of for-profit urgent care centers. Physicians end up asking staff to look up a provider on the web, call their office, and listen to the voicemail to get the exchange number.

Physicians may or may not respond to text messages. I used to deal with a couple of physicians who wouldn’t call back until they were texted three or four times. Sometimes that would occur after the patient had already left the building. If physicians won’t respond to other physicians who are calling about patients in an emergent or urgent situation, they probably won’t consider adding non-traditional office hours.

From Edward Louis: “Re: vendors behaving badly. This one should go in the hall of shame. Our organization started receiving responses back for a Request for Information (RFI) that we issued for a major operations refresh involving one of our largest business units. One of the vendors reached out to a current supplier to ask about integration with them for the conversion. If they’re willing to violate our non-disclosure agreement during the RFI process, they’re certainly not going to get our business.”

That’s not only an integrity issue. It also illustrates a lack of experience with that particular integration. I agree with excluding them, but I would also be breathing a sigh of relief at having dodged other potential issues.

An Associated Press article that hit the wires yesterday trended on Facebook after it was picked up by local news organizations across the country. Tallahassee Memorial Hospital has filed a lawsuit trying to evict a patient who refuses to leave the hospital even though she was discharged in October 2025. The article was light on the details given patient privacy concerns, which made people scratch their heads.

Unfortunately, this situation happens and usually involves medical complexity, lack of qualification for skilled nursing care, lack of family or friend caregivers, refusal to go to a nursing facility, or a combination of these.

I’ve seen pediatric patients who can’t go home due to living conditions, so they stay in the hospital until the case works its way through the family court system. One of my patients in residency had resided at the local hospital for 18 months. If you’re looking to see what’s in the medical literature on the topic, “nonmedical discharge barriers” as a keyword search will provide some interesting case studies.

Several people forwarded me an article about Pope Leo’s comments that access to healthcare is a “moral imperative” and that nations should provide universal healthcare. The speech was given at a conference that was organized by both religious and healthcare groups.

The Pope commented on the release of the second “World Health Organization European Health Equity Status Report,” His speech included comments on the need to address mental health issues, specifically for the young. I don’t think we will see universal healthcare in the US any time soon, but calls for it certainly aren’t going away.

This Friday is Match Day, when most US medical school seniors learn where they will spend the next several years completing residency training. Unfortunately, the number of graduating seniors and recently-graduated physicians exceeds the available training spots. Competition for the most lucrative specialties is always fierce.

Students found out Monday if they matched. Those who didn’t can enter a secondary pathway to try to obtain a position at a program that might have unfilled spots. Back in my day, it was called the Scramble. People literally got on the phone and called across the US to see what was open. Now the process is slightly more humane.

If you have people in your life who are part of the process, be kind to them this week. Many lives will be altered on Friday. The Match and its aftermath are ridiculously stressful.

If you are a physician, what’s your Match Day memory, good or bad? Leave a comment or email me.

Email Dr. Jayne.

Morning Headlines 3/19/26

Heartio Secures $4.25M to Transform Cardiac Care

Heartio, which offers an AI-powered tool for detecting coronary artery disease from standard ECGs, raises $4.25 million in funding.

Healthcare Technology Company Scales Up in Metro Atlanta

Diabetes and insulin management technology company Glytec announces plans to relocate its headquarters from Boston to Atlanta, and hire an additional 500 employees over the next several years.

Raapid Secures Series-A Extension to Scale Neuro-Symbolic AI-Powered Medical Coding

Raapid, a risk-adjustment and medical coding vendor, announces additional Series A funding from UPMC Enterprises.

This Week in Health Tech 3/18/26

Readers Write: A Global Perspective on Advancing Precision Medicine with Genomic EHR Integration

Readers Write: A Global Perspective on Advancing Precision Medicine with Genomic EHR Integration
By Jennifer Ford

Jennifer Ford, MBA is manager of clinical product management and genomics at Meditech.

The promise of precision medicine is simple, using genetic data to identify the best treatment for each patient as quickly as possible.

During my travels to South Africa and Namibia, healthcare leaders in both urban and remote areas shared enthusiasm for the role of EHRs in incorporating genomic data to guide treatment decisions. However, it also made wonder that if the passion for advanced technologies like genomics is so universally embraced, then what barriers are holding us back from widespread adoption?

The Challenges of Adopting a Precision Medicine Program

Despite its promise, adoption of genomics and precision medicine has been slow. Several challenges, both real and perceived, are hindering its adoption:

• Costly testing. While the costs of personal genetic testing have declined significantly in recent years, many patients still face difficulties accessing genetic testing due to high out-of-pocket costs and limited or no coverage.
• Limited availability of testing. Not every health system offers this type of testing, either due to a lack of local testing facilities, insufficient funding, or the absence of a service line.
• Lack of understanding testing value. Many healthcare providers are unfamiliar with the use of genomics in diagnosis and treatment, particularly those working in environments where genomic data is not a prevalent part of the EHR.
• Lack of EHR Integration. Providers often don’t have access to this data within their EHR workflows, and if they do, it is as a static document that is attached to the patient’s record and is too cumbersome to sift through.
• Result data is not actionable. The lack of standardized clinical alerts or decision-support systems that incorporate genomic data means providers may lack the tools or training to make genomically informed decisions.
• Testing is reserved for academia. Precision medicine remains more prevalent in academic and research centers than in community-based health systems, where most care occurs.

These challenges and misconceptions often stem from experiences that predate the integration of genetic data into the EHR, but the paradigm can change.

Overcoming the Challenges of Adopting a Precision Medicine Program

I’ve worked with healthcare leaders who are integrating genomics into the EHR. The result has been that when genetic data is ingested discretely into the EHR, clinical alerts become available for each patient based on their genetic information, enabling personalized patient care.

Genetics is not just for academic centers. I’ve seen the value that community hospitals gain when patients receive genetically-led services locally rather than traveling to larger academic medical centers. By equipping community clinics with a user-friendly, plug-and-play solution, they can focus on translational research that will lower costs, improve accessibility, and achieve better patient outcomes.

The Benefits of Adopting a Precision Medicine Program

The benefits of genomics in healthcare are becoming increasingly clear. The use of genomic data extends beyond cancer treatment, as health systems are using it to improve behavioral health treatment, newborn and pediatric care, and health and weight management. Having effective technology that can analyze genomic data to provide clinical support empowers clinicians to deliver more targeted patient treatment and support population health objectives. Adopting a genomics program can also support service line growth.

Global Precision Medicine Initiatives

Various initiatives worldwide are bringing genetic testing to the forefront of healthcare. Each area of the world faces distinct challenges related to geography, patient demographics, and scaling testing opportunities.

In South Africa and Namibia, healthcare leaders shared their desire to improve access to genetic testing in African nations. To reduce costs and maximize the benefits of genomic data, they are experimenting with leveraging social determinants of health to identify and prioritize patient cohorts to whom they will deploy testing. Where technological infrastructure may be limited, national labs are looking for ways to more equitably transport and perform testing from remote villages using drones, satellite internet services, and other technologies.

In England, the National Health Service (NHS) announced a £650m investment to provide every baby in England with DNA screening to identify potentially fatal diseases and to offer personalized healthcare as part of the government’s 10-year plan. The NHS recognizes that when patients receive personalized healthcare to prevent ill health before symptoms begin, it will reduce the pressure on NHS services and help people live longer, healthier lives. In the US, a similar approach has been announced in Florida’s Sunshine Genetics Act, which funds newborn genome sequencing pilots. These efforts are helping shift the paradigm toward proactive, personalized healthcare.

In Maryland, Frederick Health operates a dedicated precision medicine and genetics clinic that uses genomic data for precision medicine in behavioral health and beyond. In a Scottsdale Institute presentation, they shared how they addressed cost concerns by negotiating testing costs with laboratories and started a rapidly growing clinical trials program. They use genomic data to identify patients for clinical trials, increasing enrollment and improving care. They have found that moving clinical trials into the community hospital space increased revenue.

Ontario Shores Center for Mental Health Services in Canada announced that it would offer free pharmacogenetic testing of eligible patients to improve outcomes. The testing is initially focused on improving the treatment of patients who are admitted with schizophrenia or schizoaffective disorder, with plans for future expansion to use pharmacogenomics in behavioral health management.

Final Thoughts: Adopting Precision Medicine in Clinical Care is Essential

The more that genetic data is integrated into the EHR, the faster widespread deployment will occur. As clinicians find meaningful utility in genetic data, the importance of a strong precision medicine program shifts from a nice-to-have to a must- have. The key factor is how the EHR can leverage genetic data to improve patient outcomes.

As applications for genetic data evolve, an established genetic program becomes essential to improving physician satisfaction by empowering them with the advanced tools that they need to provide the best possible patient care.

Readers Write: When the Cloud Becomes the Attack Surface

When the Cloud Becomes the Attack Surface
By Brian McManamon

Brian McManamon, MBA is general manager of managed security and managed cloud services at Clearwater.

Healthcare organizations often talk about cloud as though it is a destination. In reality, for most hospitals, it has become an operating layer that keeps expanding.

That expansion did not usually happen through one formal strategy. It happened incrementally through SaaS adoption, remote access, vendor integrations, analytics tools, backup environments, and acquisitions. What many organizations now manage is not a clean cloud migration, but a hybrid environment made up of on-premises systems, cloud platforms, and third-party services that are tied together through identity and connectivity.

That matters because the cloud is no longer just part of the technology stack. In many environments, it has become part of the attack surface.

For many hospitals, “moving to the cloud” does not mean shutting down the data center and rebuilding everything as cloud-native. It usually means adding cloud services around existing operations. Clinical and business systems may still sit on-premises while identity, disaster recovery, remote access, analytics, and collaboration tools increasingly depend on cloud services. SaaS expands the footprint even further, often without being treated internally as part of the organization’s cloud environment.

That is where risk begins to grow quietly.

One of the most common misconceptions is that cloud is secure by default because the provider is secure. Major providers such as AWS, Azure, and Google Cloud invest heavily in securing their platforms. What they do not secure is each customer’s implementation.

Hospitals still own the responsibility for identity, configuration, access controls, logging, monitoring, and governance. If those areas are weak, cloud adoption can expand exposure faster than teams realize.

The opposite misconception is also common. Some organizations assume that keeping critical systems on-premises limits cloud risk. In practice, many of those same organizations have already adopted cloud identity, SaaS, remote vendor access, and external integrations. They have become hybrid whether they planned to or not. The difference is that they may not be managing that reality with a clear operating model.

Hybrid itself is not the failure. It is normal. In many cases, it is the natural result of smart teams making practical decisions over time.

A department adopts a new SaaS platform. IT centralizes identity. A cloud backup initiative begins. A new analytics platform is introduced. An acquisition brings another tenant, another domain, or another set of inherited tools. None of those decisions is inherently problematic. The problem is that governance and visibility often do not scale at the same pace.

That is when the cloud starts to become the attack surface.

The risk shows up first in identity. In hybrid healthcare environments, identities increasingly function as the control plane. Privileged roles accumulate. Service accounts remain active without clear ownership. Exceptions to MFA or conditional access persist longer than intended. Shared administrative access and standing privileges expand the potential blast radius of a single compromise.

An attacker no longer needs to move through the environment in the old ways if they can come through a valid account, exploit a policy exception, or take advantage of weakly governed permissions in a cloud-connected system.

The problem is compounded by visibility gaps. Many healthcare organizations do a strong job monitoring endpoints and network activity, yet cloud signals often remain fragmented. Logs may live across multiple consoles, subscriptions, tenants, and SaaS environments. Security teams may be watching the perimeter closely while missing critical changes in role assignments, application permissions, data shares, or service account behavior.

When those signals are not centralized and correlated, detection slows down. In some cases, it never happens at all.

Data sprawl adds another layer of risk. Healthcare environments generate copies of sensitive data for backups, archives, exports, analytics, and testing. Over time, protected health information can end up in more places than intended, sometimes with broader access and weaker protections than production systems. The issue is not only where the data started, but where it moved, who can reach it, and whether that movement is being governed consistently.

This is why cloud security in healthcare cannot be treated as a narrow infrastructure question. It is a governance question, an identity question, and ultimately a resilience question.

Cloud can improve resilience, but only when it is designed deliberately. Redundancy, scale, and operational flexibility can be real advantages. But those advantages weaken quickly if identity becomes a single point of failure, if disaster recovery exists only on paper, or if dependencies across cloud, SaaS, and legacy systems are not fully understood. In a hospital, resilience is not just uptime. It is the ability to support patient care when systems are under stress.

Good governance in that environment does not mean a large policy binder sitting on a shelf. It means a small number of clear, enforceable standards.

Hospitals need defined ownership for subscriptions, accounts, and services. They need baseline guardrails that prevent unsafe defaults. They need identity governance that prioritizes least privilege, manages non-human identities, and reviews exceptions regularly. They need enough centralized logging and alerting to see meaningful changes in the environment and act on them.

Most importantly, governance has to work in a 24/7 clinical setting. That means building models that support urgent care delivery without abandoning accountability. Exceptions may be necessary, but they should be time-bound, documented, owned, and reviewed.

The cloud is not the problem by itself. Unmanaged cloud is.

For healthcare leaders, one of the most useful next steps is a practical reality check. Inventory the tenants, subscriptions, service accounts, and privileged identities that are already in use. Confirm ownership. Review standing administrative access. Identify where visibility into cloud activity is missing. In most organizations, the attack surface has expanded gradually enough that no single decision created the problem. That is exactly why it deserves attention now.

In healthcare, the fundamentals still apply. Know your environment. Govern identity and access. Maintain visibility into critical systems and data flows.

The cloud becomes dangerous when organizations stop treating it as infrastructure and start assuming it will govern itself.

Healthcare AI News 3/18/26

News

Mount Sinai Health System will use Midstream Health’s financial AI platform to identify supply chain cost-saving opportunities.

A Trilliant Health analysis finds that hospitals that adopt AI-enabled medical scribing tools subsequently code more outpatient visits at higher complexity. The authors say that the change could reflect more complete documentation rather than upcoding, but the data cannot determine whether the shift represents improved accuracy or a change in billing behavior. They note, however, that all parties have access to data that could identify the reasons for the coding changes.

A Doximity report finds that 95% of physicians are interested in using AI, and one-third are already using it daily or more often in practice. The most common use is for literature search, while voice-based documentation increased significantly. Three-fourths of physicians say that AI reduces administrative workload and improves job satisfaction, while two-thirds believe that it has improved patient care and outcomes.

Business

VSee launches an autonomous telehealth AI robot for hospitals that uses LiDAR navigation to allow remote clinicians to send it to a patient’s bedside. The system can be autonomously dispatched for telestroke and rapid response and can perform patient check-in, supply delivery, and patient identification.

Heartio, which offers an AI-powered tool for detecting coronary artery disease from standard ECGs, raises $4.25 million in funding.

West Virginia University Health System deploys Brainomix’s AI imaging stroke diagnosis solution across all of its 25 sites.

Research

Mount Sinai researchers find that clinical AI systems perform more accurately and efficiently when tasks are distributed among multiple specialized AI agents that are coordinated by an orchestrator, rather than being handled by a single general-purpose agent.

Other

OpenAI’s mental health experts express unanimous concern about the company’s plan to allow erotic conversations in ChatGPT, warning that it could foster unhealthy emotional dependence in users and give minors access to sex chats. The company delayed its planned Q1 release of the capability but says that it will eventually make it available. OpenAI has reportedly struggled to implement guardrails that can filter conversations about nonconsensual behavior and sexual abuse. It will also restrict ChatGPT’s ability to generate erotic images, voice, or video.

Contacts

Mr. H, Lorre, Jenn, Dr. Jayne.
Get HIStalk updates.
Send news or rumors.
Follow on X, Bluesky, and LinkedIn.
Sponsorship information.
Contact us.

Morning Headlines 3/18/26

Turquoise Health Announces $40 Million Series C to Become the Operating System for Healthcare Contracts and Payments

Healthcare pricing and payment platform vendor Turquoise Health raises a $40 million Series C funding round.

Knowtion Health Acquires Revly

RCM company Knowtion Health acquires revenue cycle services and consulting firm Revly.

OpenAI preps for IPO by end of year, tells employees ChatGPT must be ‘productivity tool’

ChatGPT parent company OpenAI renews its focus on enterprise business as it prepares to go public by the end of this year.

News 3/18/26

Top News

Healthcare pricing and payment platform vendor Turquoise Health raises a $40 million Series C funding round.

Reader Comments

From ExecPhysicianCalifornia: “Re: wrongful death complaint filed against Epic. The case is Fischman v. Epic Systems Corporation, Case No. 3:26‑cv‑00770‑D, was filed on March 10, 2026.” Thanks for those details, which allowed me to download the filing. Summary:

• The lawsuit was filed by Gallit Fischman, whose father died after his transplant-related drug was switched at UT Southwestern.
• She previously filed a personal injury malpractice lawsuit against UT Southwestern, alleging that the organization prioritized clinical studies over patient needs. She withdrew that suit before filing this one against Epic.
• In her lawsuit against Epic, which she filed without attorney representation, she cites wrongful death, product liability, and related claims. Her complaint says, “Epic-generated medical record did not permit reconstruction of a coherent medication timeline, identification of active versus discontinued medications, or reliable differentiation between current and historical clinical information.”
• The lawsuit claims that medications can continue to display in Epic after being discontinued and that medication reconciliation does not require specific clinician action, allowing outdated entries to persist. She argues that hospitals cannot change Epic’s architecture.
• She repeatedly argues that the fault lies with Epic, not with the clinician or hospital, and that her claims do not require reviewing physician treatment decisions or standards of care as would be required in a malpractice case.
• Her claims appear to rely largely on her own review of the Epic-generated medical record, in which she says that she could not reconstruct the medication timeline.
• A possible motivation is that she may have concluded from the UT Southwestern lawsuit that malpractice claims are difficult to pursue, since they require expert testimony and proof of a clinical mistake. Texas is generally considered a clinician-friendly state for malpractice litigation.
• Her case against Epic instead hinges on Texas product liability law, which courts do not always apply consistently to software. The question is whether an EHR is considered a product or a service. The claim is easier to assert than malpractice and could also give her access to UT Southwestern records without meeting malpractice lawsuit requirements, which would be useful if her malpractice lawsuit is revived.
• The plaintiff’s chances of winning, or even surviving Epic’s likely motion to dismiss, appear low. Epic will likely argue that it has no duty to the patient, that an EHR is not a product under Texas law, that hospitals control configuration choices, that clinicians still exercise independent judgment, and that any claim of causation is speculative.
• Epic will likely move to dismiss, which may clarify whether courts view EHR software as a regulated product or simply a tool used by clinicians.

From Dr. Nick: “Re: ‘Scrubs.’ The relaunch covers the pit stop analogy, where we are forced into RVUs and timed interactions that demand speed over safety or compassion, amongst other things.” Trivia: the original was filmed in North Hollywood Medical Center, which was closed in 1998, torn down in 2011, and replaced with apartments. Patients kept showing up in the lobby because they saw prop ambulances parked outside.

Sponsored Events and Resources

None scheduled soon. Contact Lorre to have your resource listed.

Acquisitions, Funding, Business, and Stock

Sutter Health will acquire Allina Health, with the California-only system pledging to invest $2 billion in Allina and allowing it to continue using the Allina Health name. The combined organization will have $26 billion in revenue, 39 hospitals, 88,000 employees, and 400 care sites. I believe they both use Epic.

Sales

• West Cancer Center & Research Institute selects the Unified Digital Patient Experience Platform from Willowglade Technologies.
• Summit Health will deploy Navina’s AI-powered system for value-based care.

Announcements and Implementations

Google removes the “What People Suggest” feature from its search, which provided AI-generated summaries of crowdsourced medical advice.

Google says that it will invest $10 million to fund organizations that incorporate AI in clinician education. The company also will add an “Ask” button to health videos on YouTube so that users can request AI explanations, add a connection to continuous glucose monitors in Health Connect, and link to medical records in the Fitbit app.

Philips announces a cloud-enabled version of its IntelliSite Pathology Solution on HealthSuite.

Southeast Georgia Health System will implement digital billing software from RevSpring later this month.

West Virginia University Medicine expands its pilot of Abridge’s AI-based clinical documentation software to 1,200 clinicians.

In Colorado, Heart of the Rockies Regional Medical Center will implement Epic through a Community Connect arrangement with Aspen Valley Health.

Censinet announces GA of GRC AI, an automated governance, risk, and compliance platform; and additional enhancements to its healthcare cybersecurity risk-management solutions.

Azara Healthcare will integrate its population health and value-based care solutions with Meditech Expanse.

Privacy and Security

Vanderbilt University Medical Center (TN) attributes its brief EHR downtime early Monday morning to an Epic-related outage. Epic noted that it was “aware of one healthcare organization experiencing technical issues.”

Other

Perelman School of Medicine researchers determine that telemedicine visits at Penn Medicine are less expensive than in-person visits after analyzing EHR and billing data from 160,000 visits conducted over four months. They found that initial virtual visits were charged $96 versus $509 for the in-person visit. Telemedicine patients had one fewer follow-up visits within 30 days of their first appointment than did in-person patients.

Sponsor Updates

• AdvancedMD wins Software Finder’s Excellence Award for its data-driven medical office software performance.
• Black Book Research releases a new report titled “United Kingdom: State of Acute Care EHR and Digital Healthcare 2026.”
• Arcadia offers a “PY27 ACO Roster Building Checklist.”
• Bizmatics will exhibit at ASIPP 2026 March 19-21 in New Orleans.
• Divurgent congratulates customer Riverview Health (IN) on its recent Epic go-live.

Blog Posts

• Assessing and Transforming Utilization Review Documentation Culture (AGS Health)
• How Lung Nodule Tracking Software Supports Nurse Navigators (Qure.ai)
• HIMSS26 hot takes: AI, Data, and the Next Decade of Healthcare (Arcadia)
• Inside the CIO Playbook: Strategies Fueling Health IT Growth (CereCore)
• The hidden complexity of MLM management (Altera Digital Health)
• How UHS Partnered with Artera to Close Gaps in Diabetes Care (Artera)
• Reflections with CEO Tom Niehaus: Celebrating CTG’s 60th Year in Business (CTG)

Contacts

Mr. H, Lorre, Jenn, Dr. Jayne.
Get HIStalk updates.
Send news or rumors.
Follow on X, Bluesky, and LinkedIn.
Sponsorship information.
Contact us.

Morning Headlines 3/17/26

Nadia Care Raises $12 Million to Expand Community-Centered Maternal Care Model Across the US

Payer-focused, hybrid maternal healthcare company Nadia Care announces $12 million in funding.

Understood Care Raises $8.4M to Scale AI-Native Infrastructure Layer for Patient Advocacy

Understood Care, which offers Medicare patients virtual patient advocacy and care navigation services, announces $8.4 million in funding.

Access to patient records restored after brief outage at Vanderbilt University Medical Center

Vanderbilt University Medical Center (TN) attributes its brief EHR downtime early Monday morning to an Epic-related outage.

Curbside Consult with Dr. Jayne 3/16/26

Mr. H recently mentioned the ECRI “Top 10 Patient Safety Concerns” list. It highlights this year’s 10 “most critical patient safety challenges anticipated to impact the healthcare industry.”

I appreciated one of the particular call to action paragraphs in the report:

For decades, safety advocates have made the case for patient safety on moral grounds. That foundation remains unshakable, but there’s an equally compelling financial argument that’s impossible to ignore. Unsafe care isn’t just dangerous; it’s expensive.

The report goes on to highlight the $17 billion annual cost of preventable adverse events in US hospitals. More than 12% of health-related spending in high-income countries involves managing the downstream effects of safety issues.

I’ve tried to make that point to organizational leaders countless times over the last two decades. Sometimes it’s difficult to convince them that the math works. Despite growing financial penalties for quality mishaps, organizations still put themselves at risk because they can’t find the budget to do more than pay lip service to risk mitigation.

Not all remedies are expensive. Some are as straightforward as revisiting roles and responsibilities documents to make sure that processes are clearly assigned and managed. It could also involve taking advantage of new technology features that the organization is paying for but hasn’t yet implemented, resulting in waste. It’s foolish as well as dangerous to fail to embrace revenue-neutral process changes.

The report notes that patient safety concerns are systemic, and that addressing them requires work in four categories: culture, leadership and governance; patient and family caregiver engagement; workforce safety and wellbeing; and learning systems.

Topics nominated for the list were reviewed by experts in medicine, nursing, pharmacy, human factors engineering, quality, risk management, patient safety, and technology. They were ranked by severity, frequency, breadth of patient impact, insidiousness, and visibility. The report notes that organizations can’t address every concern, but should use available tools to identify their risk scores and perform a gap analysis against the recommendations.

Concerns with AI-powered diagnostic tools made the top of the list. One that caught my eye was that some models are more accurate when prompts are created using textbook-style descriptions instead of being formulated based on conversations with standardized patients.

The authors noted challenges with AI detection of certain types of cancers or rare diseases, even in areas where AI has a long track record of helpfulness, such as supporting diagnostic radiology.

Those of us working on AI projects deal every day with bias, lack of transparency, challenges with users being able to identify hallucinations, and erosion of clinicians’ critical thinking skills.

Solid action recommendations include AI usage policies, governance, appropriate training, documentation of when and where AI is being used, disclosure of such to patients, usage of human factors assessments and engineering tools, processes to document concerns, and ensuring that critical thinking skills are emphasized in staff training.

These are processes that organizations typically have in their toolkit for other technologies or interventions. Leaders shouldn’t have to reinvent the wheel to begin to take action just because it’s a new technology.

Number two on the list is increasing health risks and disparities caused by reduced access to rural healthcare. Rural hospitals have been at risk of closure for years, and more and more patients are finding themselves living in healthcare deserts. Private equity firms swooped in to buy hospitals and then saddled them with debt, sometimes destroying the community’s healthcare ecosystem.

Rural hospitals can’t achieve the economies of scale that larger organizations might, which increases the cost of care. Rural areas also may have higher percentages of Medicare and Medicaid patients, which tips the equation even more to the negative.

The report calls for expanding telehealth and telepharmacy services, creating mobile health clinics for primary care and preventive services, and partnering with community organizations to educate patients. It also recommends looking at transportation programs to improve patient access and partnering with educational and government organizations to improve recruitment and retention of rural health workers. There are certainly costs for programs like those, which will make this issue challenging to solve. 

I wasn’t surprised by the third item on the list, the increasing rates of diseases that are preventable, especially those for which effective vaccines exist. I never thought that I would see myself practicing in the middle of a measles epidemic, especially since until last year I was one of few clinicians in my area who had actually seen the disease.  I wish that club was still exclusive, but now many of my colleagues have seen the disease in the community. The report also calls out pertussis (whooping cough) as well as dysentery as re-emerging diseases in the US. 

Item number four is the impact on healthcare operations and patient safety of federal funding cuts to Medicaid, Medicare, and grants to educational and care delivery organizations. 

Item five is the lack of recognition and reporting of harm events. That surprises me given the push for reporting in organizations that I’ve worked in. It saddens me to think of institutions that don’t have a strong safety culture, but based on some of the lawsuits that I see filed, they are out there.

Sixth on the list is inequitable pain management that is received by women due to implicit bias and inconsistent guidelines. The report notes the frequency with which women’s pain is thought to be psychological or hormonal rather than being driven physical causes. Evidence also exists that women of color are more likely to have their reports of pain underestimated or dismissed compared to white patients. I’ve certainly seen this in practice more than I would like, so I’m glad it made the list.

Number seven should be no surprise to anyone: workforce shortages with resulting staff burden and decreased access to care.

Eighth on the list is the negative impact of a “culture of blame” on learning and system improvement, which is also not shocking.

The contribution of emergency department boarding to worse patient outcomes made the list at number nine. I’ve worked in a busy emergency department and had to manage patients well outside my scope of practice. Let me tell you that can be terrifying, especially if you are in a community or rural facility with no backup. I did that kind of work in the days before telemedicine, which supposedly that helps to some degree, but it’s still ultimately on the shoulders of the physician in the room. I hope that the boarding problem continues to receive attention.

Rounding out the list at number 10: medication safety issues due to gaps in manufacturer packaging and labeling design. I’m familiar with medication-related confusion with patients, but those of us outside the inpatient realm might not think about clinician confusion involving injectable medications and infusions. The report notes that confusion is most common when manufacturer package branding makes medications look similar when they are in fact quite different.

The report notes that barcode scanning could be helpful, and I agree, although I had my own medication safety issue during a hospital stay when the nurse scanned the package after she had already administered it. Needless to say, a sternly worded letter was crafted, and I hope the situation was addressed.

I encourage readers, even those who aren’t in a patient safety-related role, to download the report and take a look. Most of us are patients to some degree, and all of us will be patients at some time in the future. It’s important to understand these risks so you can have a plan if you or a loved one has to seek care, particularly in a hospital or emergency department.

What patient safety risks didn’t make the list? Would you have ranked them differently? Leave a comment or email me.

Email Dr. Jayne.

Morning Headlines 3/16/26

Defendant GuardDog Telehealth Admits to Providing Patient Records to Law Firms

GuardDog Telehealth agrees to a judgment and injunction in Epic’s lawsuit against it, noting that its plans to build a chronic care management and remote patient monitoring business fizzled, so it pivoted to selling patient medical records to law firms.

CareCloud, Inc. (CCLD) Q4 Earnings Match Estimates

CareCloud reports Q4 results: revenue up 22%, adjusted EPS $0.11 versus $0.23, beating expectations for revenue and matching those for earnings.

UPMC Notified of National Medical Exchange Concern

Epic notifies UPMC that Health Gorilla and participants in its health network allegedly accessed medical records for non-treatment purposes, leading UPMC to notify affected patients.

Monday Morning Update 3/16/26

Top News

GuardDog Telehealth agrees to a judgment and injunction in Epic’s lawsuit against it. GuardDog says that its plans to build a chronic care management and remote patient monitoring business fizzled, so it pivoted to selling patient medical records to law firms.

GuardDog acknowledges that it told Carequality that it was requesting records through Health Gorilla for treatment purposes and says that Health Gorilla was aware of its business model.

If approved by the court, the agreement would bar GuardDog from accessing records through TEFCA and Carequality. The company’s website, social media accounts, and LinkedIn profile have been removed.

The judgment does not directly affect Epic’s lawsuit against Health Gorilla, but it strengthens Epic’s claim that some Health Gorilla customers requested patient records for law firms while representing the requests as treatment-related.

Reader Comments

From Secure Itty: “Re: Stryker. They should either have moved from their private Microsoft cloud to Azure or committed hundreds of millions of shareowner profits to match what Microsoft spends to thwart this kind of attack. IMO, it was inevitable and irresponsible.” The attack is interesting because the hackers apparently didn’t bother to install malware, they hacked into Stryker’s Microsoft Intune mobile device management software and security policy enforcement tool, then used system administrator privileges to reset 200,000 devices, including any personal or BYOD devices that were connected. According to analysis by Shieldworkz:

This is the detail that should be keeping every CISO awake right now: the attackers no longer need any custom tool or deploy a wiper. They just need to reach the administrative layer of a platform the potential victim is already paying for and trusting implicitly. Once they had that access, traditional endpoint detection was blind to it. A remote wipe command issued through Intune looks identical to a legitimate IT administration move. No malware signature, no anomalous process and no alert … Enterprises deploy MDM to secure their devices, then fail to secure the MDM itself. The tool designed to protect turns into the very a mechanism of destruction. In security, we call this a single point of catastrophic failure — and enterprises have been building them into their Microsoft environments for years without recognizing it.

HIStalk Announcements and Requests

Patients on both sides of the pond say that they are uneasy about giving Palantir and similar analytics companies access to their medical data. The debate is particularly heated in England, where the NHS hired Palantir to build a national health data sharing network. Poll respondent comments are worth a read.

New poll to your right or here: How will Amazon’s healthcare ambitions play out?

Pondering: if medical practices really care about patient health and access, why are their offices closed 75% of the time? Pharmacies, veterinarian clinics, therapy clinics, and dentists don’t just operate 8 until 5 on weekdays only. Is it adequate that patients can seek after-hours help from urgent care centers, hospital EDs, and telehealth providers?

Your Monday morning cheer-up comes from Ms. M in Missouri, who wanted to tell HIStalk readers about the impact of the STEM kits that her elementary school students are using, which were provided by reader donations and matching funds (thanks, Anonymous Vendor Executive) that funded her Donors Choose teacher grant request. She reports:

The new resources have transformed our classroom from a space of simple instruction into a space of hands-on exploration and discovery. We are currently using the materials during our STEM block for a unit on measurement and plant growth. Instead of just reading about how plants grow, students are actively measuring their plants using nonstandard and standard units, recording data, and creating graphs to track growth over time. One special moment that truly stood out was when a student noticed that her plant had grown two whole centimeters in just a few days. She excitedly called her classmates over and said, “It’s really working!” That spark of ownership and pride is exactly what authentic learning looks like.

Several students said it felt like we had turned our classroom into a “science lab.” The excitement was genuine and contagious. Even students who are typically hesitant to participate were eager to measure, observe, and share their findings. Because of your support, students are not just completing assignments, they are thinking like scientists and mathematicians. They are collaborating, problem-solving, and explaining their reasoning with confidence. Thank you for giving my students opportunities they will remember. Your generosity is not just providing materials, it is building confidence, curiosity, and a love of learning that will last far beyond our classroom walls.

Sponsored Events and Resources

None scheduled soon. Contact Lorre to have your resource listed.

Acquisitions, Funding, Business, and Stock

Stryker says in an SEC filing that an Iran-linked cyberattack that the company disclosed last week continues to disrupt its systems, affecting order processing, manufacturing, and shipping. The company says that patient-related services and connected products such as Vocera and Care.ai were not affected.

CareCloud reports Q4 results: revenue up 22%, adjusted EPS $0.11 versus $0.23, beating expectations for revenue and matching those for earnings.

Sales

• In England, Somerset and Dorset NHS trusts choose Epic for a unified patient records system in a $294 million, 10-year contract.

Announcements and Implementations

A small study of ambulatory practice patients finds that conversational AI (Google AMIE) can successfully conduct pre-visit medical histories and generate accurate diagnoses and treatment plans, but is best used as a clinical assistant rather than as a standalone diagnostic tool.

Privacy and Security

Epic notifies UPMC that Health Gorilla and participants in its health network allegedly accessed medical records for non-treatment purposes, leading UPMC to notify affected patients.

Other

I didn’t spot an EHR screen in SNL’s MAHAspital sketch, but maybe you can.

Sponsor Updates

• Netsmart hosts educators from a local school district in Kansas to discuss the AI and technology skills that students will need to work in healthcare technology.
• Health Data Movers releases a new episode of its “Quick HITs” podcast titled “Bryan Dechairo on Genomics, Rare Disease Diagnosis, and the Future of Precision Care.”
• VisiQuate pairs its intelligence suite, including its AI-driven authorization prediction model, data engine, analytic insights, robotic process automation and revenue cycle workflows; with Ethermed’s automated prior authorization engine.
• Nominations are now open for PerfectServe’s sixth annual Nurses of Note Awards Program.
• ReferWell will exhibit at the California Primary Care Association’s Quality & Technology Conference March 17-18 in Orange County.
• The Utah Business Daily names Waystar CEO Matt Hawkins as its CEO of the year.
• Visage Imaging renews contracts with MedStar Health and Zwanger Pesiri (NY).
• Zen Healthcare IT achieves its third full HITRUST r2 certification.
• AGS Health, FinThrive, Infinx, Nym, TruBridge, VisiQuate, and Waystar will exhibit at the HFMA Revenue Cycle Conference March 18–20 in Arlington, TX.

Blog Posts

• 9 Leading chronic care management software picks of 2026 (Arcadia)
• Why trust is the foundation of national health data exchange — and why we need to protect it (Meditech)
• How Service Desk Analytics Improve Health IT ROI (Med Tech Solutions)
• Why Utilization Management Is Critical to Value-Based Care and Revenue Performance in Human Services (Netsmart)
• The Invisible Majority: Using AI to Detect Lung Cancer Early in Non-Smokers (Qure.ai)
• Rapid Deployment: How SlicedHealth Onboards Hospitals with Minimal IT Investment (SlicedHealth)
• Break the Bottleneck on Medication Prior Authorization (Surescripts)
• Prostatectomy Coding: Understanding ICD-10-PCS Changes and CPT® Differences for 2026 (TruBridge)
• Elevating patient education and collaboration in the AI era (Wolters Kluwer Health)

Contacts

Mr. H, Lorre, Jenn, Dr. Jayne.
Get HIStalk updates.
Send news or rumors.
Follow on X, Bluesky, and LinkedIn.
Sponsorship information.
Contact us.

Morning Headlines 3/13/26

Iran-linked group says it hacked US company in retaliation for Minab school bombing

An Iran-linked hacker group claims in a statement that it disrupted the systems of medical device maker Stryker, saying that the attack was retaliation for the bombing of an Iranian school that killed 168 children and 14 teachers.

Top 10 Patient Safety Concerns 2026

ECRI publishes its list of “Top 10 Patient Safety Concerns for 2026,” with potential AI-generated diagnostic errors taking the top spot.

Grant Avenue preps Ovation Healthcare for sale

Axios reports that Grant Avenue Capital is looking to put Ovation Healthcare, which offers RCM, technology, contracting, and supply chain services, up for sale.

Malama Health Raises $9.2M to Scale Doula-Led Maternal Care for Women insured by Medicaid Nationwide

Tech-enabled maternal care company Malama Health announces $9.2 million in seed funding.

News 3/13/26

Top News

An Iran-linked hacker group claims in a statement that it disrupted the systems of medical device maker Stryker, saying that the attack was retaliation for the bombing of an Iranian school that killed 168 children and 14 teachers.

The group claims that it wiped 200,000 of the company’s servers and other devices. It also says that it exfiltrated 50 terabytes of Stryker data, including product details, hospital purchasing contracts, clinical trials data, and internal communications, and is threatening to post the information publicly.

Security experts warn that the attack could serve as a test case for further attacks against large US corporations.

Reader Comments

From ExecPhysicianCalifornia: “Re: Epic. A new wrongful death lawsuit alleges architectural defects in the company’s EHR design, including the inability to reconstruct medication timelines or distinguish between active versus discontinued medications. Do other see this as an isolated case or part of a larger pattern emerging around Epic’s market position and legal exposure?” I haven’t seen this lawsuit, which I would assume involves a provider given the wrongful death aspect. Details?

From Associate Meets Door: “Re: NextGen. Laid off about 100 people on Thursday, including some who have been with the company for 20+ years.” Unverified. The company is owned by two private equity firms, so I wouldn’t be shocked.

Sponsored Events and Resources

None scheduled soon. Contact Lorre to have your resource listed.

Acquisitions, Funding, Business, and Stock

Medical practice AI agent vendor Nitra raises $50 million in Series B funding.

Amigo AI, which builds patient-facing AI agents for clinical use cases, raises an $11 million Series A round.

Healthcare finance AI platform vendor Translucent AI raises $27 million in Series A funding.

Oracle CTO and chairman Larry Ellison said this in Tuesday’s earnings call:

In healthcare, Epic automates … primarily acute care hospitals. We automate acute care hospitals. We automate clinics. We automate laboratories. We automate the payers, the people who actually pay the bills. We automate the insurance companies. We automate the HCM system that trains their nurses, that schedules their radiologists to get the right radiologist when an MRI is given, that automates the hospital’s financials, that also automates the FDA and the regulators that approve the latest drugs, that deals with the pharmaceutical companies. That is the healthcare ecosystem. It is enormous. And thank God we have these coding tools now that allow us to build a comprehensive set of software, agent-based software, to automate an ecosystem like healthcare or financial services. That is what we are doing at Oracle Corporation. That is why we think we are a disruptor. That is why we think the SaaS apocalypse applies to others, but not to us.

Sales

• WVU Health System will implement Hellocare.ai’s virtual care technology.
• Ardent Health will deploy Hellocare.ai technology in 2,000 hospital rooms.

Announcements and Implementations

Amazon expands access to its Health AI assistant to US users of its website and app, allowing them to receive health guidance, schedule One Medical virtual visits, and manage prescriptions.

Epic says that 85% of its customers are using its AI tools.

Zen Healthcare IT announces that its Stargate API supports identity tokens from CLEAR and ID.me to verify patients for TEFCA Individual Access Services.

ECRI publishes its list of “Top 10 Patient Safety Concerns for 2026,” with potential AI-generated diagnostic errors taking the top spot. 

Stryker launches SmartHospital Platform, which includes connected infrastructure, clinical communication, a workflow engine, virtual care, and ambient sensor.

Microsoft introduces Copilot Health, a Copilot application that collects and summarizes user medical records. The product appears to be a revamp of Copilot for Health, which was announced in October 2025 as a non-personalized information chatbot. The new data capabilities are provided in partnership with records retrieval platform vendor HealthEx, which says that its free service retrieves information using direct connections, TEFCA, CareQuality, and CommonWell.

An AMA survey finds that 80% of physicians are using AI for work, double the share that was reported in 2023. Documentation and summarization are the most common uses, but use is growing fast for summaries of research and standards of care. More than 75% of respondents say that AI gives them an advantage in patient care, with the greatest benefits in diagnosis and work efficiency. Ninety percent worry about skill loss, especially among early-career physicians.

Government and Politics

A study finds that US healthcare affordability continues to deteriorate, even before this year’s expiration of ACA subsidies and Medicaid enrollment cuts. Americans report cutting back on driving and meals to pay for healthcare or medications, while also deferring treatments and stretching prescriptions.

Sponsor Updates

• Five9 launches Five9 Fusion, a new partner program that spans product integrations, independent software vendors, and embedded technology partners.
• Healthcare Growth Partners advises Medisolv in its acquisition of Lilac Software.
• Optimum Healthcare IT posts a new episode of its “Visionary Voices” podcast featuring Inova Health EVP/CIDO Matt Kull.
• Health Data Movers names Richard Walter account manager and Taylor Seagraves health IT recruiter.
• Impact Advisors Mexico celebrates hiring its 300th employee.
• TruBridge opens a Global Capability Center in Chennai, India.

Blog Posts

• Healthcare data warehouse benefits, features, and use cases (Arcadia)
• Time Saved: Achieving Efficiency and Revenue With Surgical Block Utilization (LiveData)
• New! Call Center Functionality: Transform Navigator Workflows (Findhelp)
• Understanding AI-as-a-Service (AIaaS) for Contact Centers: What It Means for Contact Centers (Five9)
• CISO Brief, March 2026: Geopolitical Tensions and Cyber Vigilance (Fortified Health Security)
• Let’s Break Down ASTP’s New Radiology RFI (HealthMark Group)
• What is a copay? Understanding copayments in health insurance (Inbox Health)
• Beyond data: Meditech reveals smarter path to connected care at ViVE 26 (Meditech)
• CHIME C-Suite Focus Group Recap: How to Maximize Your EHR Investment with Agile IT Support (Med Tech Solutions)

Contacts

Mr. H, Lorre, Jenn, Dr. Jayne.
Get HIStalk updates.
Send news or rumors.
Follow on X, Bluesky, and LinkedIn.
Sponsorship information.
Contact us.