Readers Write: Modernizing Healthcare’s Third-Party Risk Approach

Modernizing Healthcare’s Third-Party Risk Approach
By Ryan Redman, JD

Ryan Redman, JD is product manager of marketing at Onspring.

Oracle Health’s announcement of its second data cyber incident in March of this year shocked healthcare providers and customers. Even more alarming was the specific data was impacted that is housed in its legacy cloud infrastructure.

According to publicly available information, approximately 6 million records containing protected health information (PHI) were likely compromised despite Oracle’s attempts to downplay the severity of the potential compromise. The repercussions left hospitals struggling to identify exposed data as the incident reminded compliance officers of the challenge of considering all data outside of centralized oversight, including legacy infrastructures, when accounting for third-party risk.

Many of these healthcare compliance professionals must rely on third-party risk strategies with limited visibility into the many networks of contractors, partners, and hosted environments that they are tasked with managing. Beyond compromising legacy infrastructure data, Oracle’s cyber incidents exposed the damaging compliance gap in how healthcare organizations manage third-party relationships. Healthcare compliance teams must adopt real-time, integrated GRC tools that boost visibility, reduce manual work, and enable proactive risk response to close this gap and protect their data.

The Hidden Dangers of Legacy Infrastructure and Outdated Third-Party Risk Strategies

It’s easy for legacy systems to fall by the wayside within healthcare’s intricate network of active systems that span internal platforms, external platforms, and cloud-hosted data. Using third parties only heightens critical risks. In Oracle’s case, the servers had not yet fully migrated to the company’s new environment, leading attackers to exploit compromised credentials to access those systems. Teams overlooked what appeared to be outdated, dormant infrastructures. Bad actors accessed sensitive data, and traditional assessment methods were unable to detect this risk.

Healthcare organizations face serious compliance consequences when third parties fail to safeguard patient data, whether due to misconfigured access, missed vulnerabilities, or neglected systems. In 2024, the healthcare sector emerged as the most targeted industry for data breaches, proving that third-party risk assessments are not cutting it. Often only conducted periodically and involving emailed surveys, spreadsheets, and disconnected records, these assessments result in hours of manual work and provide a limited, static view of risk. Outdated methods fail to catch emerging vulnerabilities in legacy systems over time. Risks often materialize by the time the next scheduled compliance review comes, meaning sensitive data has already been exposed.

Five Essential Steps to Improve Compliance Oversight

Healthcare organizations must take action to strengthen their third-party risk posture, and the following actions can help turn policy into practice.

• Create a single source of truth for evidence and documentation. A secure, centralized repository ensures that materials that are relevant to organizational compliance are version-controlled and always accessible.
• Track and classify third-party integrations and engagements. Different use cases with the same third parties can carry varying levels of risk. A clear inventory with engagement-level context supports more accurate classification and visibility.
• Automate risk scoring and review cycles. Configurable scoring models based on regulatory frameworks allow compliance professionals to consistently assess third-party risk without manual intake processes.
• Move from periodic reviews to continuous oversight. Periodic reviews leave critical gaps in risk oversight. Real-time alerts through continuous monitoring flag when risk scores increase with new findings.
• Develop response plans for third-party risk. Organizations must regularly test even the most comprehensive risk programs through tabletop exercises or simulations.

Ultimately, maintaining trust is vital to compliance, and losing it comes at too high a cost.

Readers Write: Beyond Self-Scheduling: Analysis Shines Spotlight on The Future of Patient-Driven Access

Beyond Self-Scheduling: Analysis Shines Spotlight on The Future of Patient-Driven Access
By David Dyke

David Dyke is chief product officer at Relatient.

“Access to care” has become a central theme in healthcare leadership discussions. While the term “access” can mean many different things in healthcare, it begins with the patient.

A new nationwide analysis of self-scheduling tool usage underscores a shift occurring in the industry that provider organizations must acknowledge and act on to stay relevant: patient-driven access. Findings across more than 150 million patient bookings reveal a 30% year-over-year uptick in patients who booked appointments through digital self-scheduling options from 2023 to 2024.

Patient interest in self-scheduling is likewise driving adoption from healthcare organizations. The analysis further revealed a 53% increase in implementations of self-scheduling tools across a wide variety of healthcare organizations and specialties.

Self-scheduling has evolved into an essential access tool for today’s practices that are striving to meet rising patient expectations. The key is making the right investments upfront to ensure that organizations reap the full benefits of patient-driven access. Early adopters stand to not only delight patients, but also to realize significant operational value and bottom-line impact – such as 24/7 patient access and new patient acquisition — faster.

Understanding Increased Adoption of Self-Scheduling

Patients increasingly prefer digital self-scheduling options, with an overwhelming desire for improved digital self-service. As the first touchpoint in the patient journey, scheduling has a critical impact on overall patient experience.

Consumerism trends point to the need for greater convenience and empowerment. This means manual processes that require having to call multiple times or wait on the phone to schedule an appointment are quickly being replaced with digital solutions by today’s healthcare organizations.

Healthcare leaders value the patient experience advantages of self-scheduling. They also gain operational efficiencies and greater revenue opportunities. Data uncovered from the analysis revealed:

• A 50% decrease in no-show rates for self-scheduled appointments.
• A 21% reduction in cancellations when self-scheduling is used. The reduction was 30% for established patients.
• Two-thirds of appointments that are booked through online self-scheduling are for new patients.

These numbers significantly highlight ongoing industry opportunities to improve no-show rates and appointment cancellations.

Expanding the Impact of Self-Scheduling

Putting patients in the driver’s seat is a start, but the future of self-scheduling optimization relies on more intelligence and integration across the entire patient journey. Organizations can expand the impact of these tools by:

• Integrating full-service scheduling APIs to meet patients where they are. These open scheduling APIs provide flexibility for healthcare organizations to scale access points across diverse channels, automating key scheduling functions across a variety of new and existing patient touchpoints, including virtual agents, AI-assisted chatbots, third-party apps, financial clearance processes, and virtual care platforms. By supporting a self-service, multi-touch model, these tools empower patients to take control of their care journey. Many organizations struggle to deliver this model due to disconnected systems, but tightly linked, multi-channel functionality allows patients to bypass long phone queues and enjoy a more seamless experience, while providers gain better system interoperability and operational efficiency.
• Transforming staff and patient experiences by automating common appointment management tasks with AI-driven voice solutions. New Voice AI tools integrate seamlessly with existing scheduling systems, taking on repetitive, high-volume inquiries, such as appointment rescheduling and cancellations, so that staff can focus on more complex patient needs. By deflecting calls and reducing hold times, these tools not only ease operational strain, but also enhance the patient experience with immediate, conversational support that is available 24/7.
• Driving action and education with integrated scheduling across the patient journey. Digital patient communication should not only inform —  it should drive action. By embedding scheduling functionality into key communication touchpoints, such as appointment reminders, referral activation, and rescheduling workflows, organizations can support patients with timely next steps. This creates a more seamless and scalable access model.

Whether booking a single primary care visit or managing ongoing specialty care, patients benefit from convenience and autonomy, while providers see increased appointment adherence and streamlined operations. Consequently, providers should think beyond traditional scheduling within the call center by embracing self-scheduling and the scalable infrastructures that are needed to support success for the long-term.

As the future of patient access continues to unfold, with more and more power placed in hands of the patient, a single self-service touchpoint won’t be enough. Savvy patients will come to expect a seamless, interconnected experience at every step of the way.

Expanding patient self-service functionality now allows organizations not just to keep up, but to actively fulfill the future of patient access, leading the pack in both patient access performance and operational efficiency.

Readers Write: “The Illusion of Thinking”: Implications for Healthcare

“The Illusion of Thinking”: Implications for Healthcare
By Vikas Chowdhry

Vikas Chowdhry, MS, MBA is founder and CEO of TraumaCare.ai.

If you are even moderately interested in AI, I am sure you have by now at least seen various comments and responses in social media to Apple’s paper titled “The Illusion of Thinking.” But in case you have been under the AI rock, here’s a brief summary.

In this paper, the authors show that today’s large reasoning models (LRMs such as OpenAI o3-mini, DeepSeek-R1, Claude 3.7 Sonnet-Thinking) — systems that explicitly generate long chains-of-thought — really do think more, but not necessarily better. On carefully designed puzzle tasks, they beat ordinary LLMs only in a narrow middle band of difficulty and then collapse outright as problems grow harder.

As expected, the comments span the gamut, from “the sky is falling” to “not a big deal, they will figure out a way to overcome or fix this.” While I am not in the “sky is falling” camp, I do think that this paper raises some important questions with special implications for healthcare. Any healthcare organization (or vendor) that is using or developing a product that is based on LLMs/LRMs will need to think deeply about these issues and have a strategy to run their own similar evaluations and hopefully share them publicly.

Here are four key findings from the paper and my take on the implication of each finding for healthcare.

#1. Impact of complexity on reasoning performance

The authors identify three performance regimes as problem complexity rises:

• Low complexity: standard LLMs are more accurate and efficient than LRMs.
• Medium complexity: LRMs pull ahead.
• High complexity: both collapse to zero.

Performance of LRMs (solid lines) and LLMs (dotted lines) across low, medium and high complexity puzzles (figure from the Apple paper).

Healthcare implications:

• How will you define complexity thresholds in your workflow?
• Does your system dynamically choose between an LLM and an LRM based on a case’s difficulty?
• Can it detect when a case crosses a threshold and alert the clinician instead of forging ahead with low-quality output?

#2. Token-effort collapse

LRMs spend more tokens as tasks get more complex until a critical point, after which, they give up and begin to reduce their reasoning effort despite increasing problem difficulty. This behavior suggests a fundamental scaling limitation in the thinking capabilities of current reasoning models relative to problem complexity.

Healthcare implications:

Let’s say your product helps detect malignant tumors, or, transcribes ambient conversations using LLMs/LRMs.

• In operational mode, does it have mechanisms to detect that the case has crossed a complexity threshold and that it is giving up, and that at that point, humans need to stop using it for that case?
• What happens if the AI product was sold as a tool to make your apps take on more primary care responsibilities, and now that the product has given up, what’s your recommendation for the NP who was relying on your product?
• What if your product doesn’t even have the awareness that it has given up and the NP continues to rely on its output? Who owns the risk for a misdiagnosis?

#3. Over-thinking & self-correction limits

For simpler problems, reasoning models often find the correct solution early in thinking, but then continue exploring incorrect solutions (overthinking). As problems become moderately more complex, this trend reverses: correct answers appear only late. For hard tasks they never appear (“collapse” as discussed earlier).

Healthcare implications:

• Over-thinking wastes compute and drives up cost.
• Yet aggressively pruning the chain of thought might remove the only path to a correct answer on tougher cases.
• Your system therefore needs complexity-aware throttling, not a one-size-fits-all token limit.

#4. No benefit from explicit algorithms

Prompting with a known algorithm to solve the problem does not improve the performance. This indicates weaknesses in faithfully executing step-by-step logic, not just in discovering it.

Healthcare implications:

A healthcare organization may have explicit clinical guidelines for certain use cases and would want the AI product to follow them when those guidelines are met. However, the results of this paper show that an LLM/LRM based on AI product may not be able to execute an algorithm based on those guidelines even when explicitly programmed into the system.

• Embedding clinical guidelines verbatim is not enough.
• You must verify that the model can faithfully execute those step-by-step protocols under real-world complexity.

Final Thoughts

AI progress is breathtaking, yet deploying it in high-risk domains like healthcare demands transparent, domain-specific safety testing. This paper is a timely reminder that such work takes time, expertise, and openness. Sharing evaluation results will accelerate safe adoption for the entire industry.

Readers Write: The Future of Member Support: How Intelligent Search Can Transform VAB Delivery

The Future of Member Support: How Intelligent Search Can Transform VAB Delivery
By  Andi Gillentine

Andi Gillentine, MS is VP of national accounts at Findhelp.

Value-added benefits (VABs) are services that are offered by Medicaid managed care plans above and beyond required Medicaid state plan services. They are extremely popular –  Medicaid plans in at least 48 states offer VABs — and historically poorly promoted and utilized.

How do we ensure improved utilization of VABs, which have the power to impact quality measures, quality of care, and overall health? By maximizing intelligent searching via closed-loop referral systems to surface the right programs to the right person at the right time, for both care managers navigating on a member’s behalf and members who are self-navigating.

About VABs 

While VABs are typically non-medical, they are often related to member wellbeing. Examples of VABs are car seats and bike helmets for children, extended dental and vision services, over-the-counter medication funding, and carpet cleaning. More and more commonly, these services are used to address health-related social needs (HRSNs).

In Ohio, for example, VABs are allowed for dental, vision, transportation, health and wellness programs (includes housing supports and medical meals), incentives to strengthen health and wellbeing (includes rewards for seeking preventative care), prenatal and postpartum incentives, application services, telehealth, and 24-hour medical advice lines. Each of the seven Medicaid plans in Ohio offers at least 30 VABs, with one plan offering nearly 50.

This wealth of benefits can help Medicaid members achieve improved health outcomes and quality of care that is measurable in HEDIS and other health quality measures, if the members are aware of the benefit and know how to access it, and if administering it is easy on the health plan. Unfortunately, this is often not the case.

Improving VABs Access and Awareness

Today, in most states, a Medicaid member seeking support would have to spend hours researching their health plan website or reading their plan’s member handbook. As any health plan member can attest, this is a challenging, time-consuming task, frequently made more challenging by engaging solely through a smart phone. Accessing VABs usually requires a call to a customer service representative, with potentially long wait times, and then a waiting period to receive the goods or services.

This high administrative effort to find and access benefits results in high costs for health plans. Many Medicaid members miss important preventive care appointments due to transportation issues, use the ED for non-emergent needs because they can’t afford medications, or lose housing or utilities. VABs can provide the resources and support to prevent these occurrences, but it’s not enough for support to just be available. Members need relevant recommendations and easy access.

In an ideal world, a Medicaid member would be able to go to one place, validate their insurance coverage, search for services that address their needs, and receive intelligent results that provide resources tailored to their specific situation, with the ability to self-refer to access these goods and services. This intelligent search needs to include all available resources from their community, county, state, and health plan’s VABs. No more hunting through multiple sites or staying on the phone for long periods of time just to put food on the table, get a ride to an appointment, or find a car seat.

Intelligent Search is the Answer

There are no technological hurdles to solving this problem. We have already solved it. We simply need to integrate these workflows at the right time and in the right place for navigators and Medicaid members, using interoperable social care platforms with intelligent search capabilities. Where a patient can walk in the doors of a safety net hospital and, because of the integrated social care information in their medical chart, tailored recommendations, including VABs, are automatically presented to  care teams. The care team may refer or recommend some of these resources to the patient and encourage the patient to self-navigate for additional benefits and support. Or where a health plan care manager, engaging with a chronically-ill, dual-eligible member, can assess need and eligibility for VABs and other integrated social care support and, with consent, directly refer the member to services.

One personalized, intelligent search for all services, in easy-to-access workflows for navigators and members. The future is already here. Let’s make the most of it.

Readers Write: The End of “Good Enough”: A Personal Journey to Better Healthcare IT Application Support

The End of “Good Enough”: A Personal Journey to Better Healthcare IT Application Support
By Jody Buchman

Jody Buchman, MBA is SVP of continuous services at Healthcare IT Leaders.

I never imagined that my most powerful lesson in healthcare IT application support would come from a hospital bed.

During my third pregnancy, I was given only a 30% chance of carrying to term. It was a high-risk situation that kept me on bed rest, working remotely for Cerner Corporation from a hospital room while continuing to support clients. For the first time, I was experiencing the healthcare system not just as a professional, but as a patient. And in that moment, I saw the real impact of the Women’s Health Solution we were implementing. Not on a screen, but in the care I was receiving when every decision mattered.

My son Jake was born early, just four pounds. But thanks to an incredible team of clinicians and the systems that empowered them, he went home just three days later. Today, he’s a healthy high school baseball player and a daily reminder of why this work matters so deeply to me.

That experience shaped everything about the way I lead today. Lying in that hospital bed, experiencing the system not as a technologist but as a mother, I came to understand what excellence in healthcare IT truly means. Behind every system alert and resolved ticket is a human story, a moment where things either go right … or don’t.

It’s why I’ve dedicated my career to building support organizations that are more than just reactive help desks. The traditional managed services model — transactional, after-the-fact, and satisfied with “good enough” — simply isn’t good enough. Not when every delay, every overlooked alert, every closed-but-not-solved ticket can directly impact care. I’ve seen the fallout firsthand: burned-out IT teams, clinicians wrestling with tools instead of treating patients, and families caught in the middle.

Healthcare doesn’t stop after hours, and neither can we.

Why the Old Way of Application Support No Longer Works

When you’ve managed global application support at scale, with thousands of clients and millions of incidents a year, you start to notice patterns. For too long, we tolerated a model that measured success by closed tickets, not real solutions.

I’ve seen the consequences: the physician who can’t get help after hours, the nurse who hesitates to open a ticket because it rarely leads to resolution, the IT manager who knows what’s broken but lacks the resources to fix it.

In healthcare, where time, accuracy, and availability are non-negotiable, that model simply doesn’t hold up.

What a Continuous Services Model Looks Like

Healthcare runs around the clock and technology continues to evolve. It’s time our application support models did, too.

What’s needed now is a continuous services approach, one that’s proactive, connected, and designed to prevent problems before they impact care.

Here’s what that means in practice.

First, real-time system monitoring should be the norm. Just as clinicians monitor patient vitals, IT support teams should track system health in real time. Application performance lags, interface errors, error pop-up messages, and failed jobs should be spotted early and addressed before users ever notice.

Second, automation needs to take on more of the routine work. Routine fixes like restarting ops job, failed interface transactions, or real-time data cleansing don’t have to require manual effort or have time constraints. Smart automation can handle these tasks, freeing up IT resources for higher-value work and providing an always-on and available resource around the clock.

Third, the tools and teams supporting the system need to be connected. Too often, monitoring tools don’t talk to ticketing platforms. Analysts don’t have access to context or history. A continuous model links everything together so that support is both faster and more informed.

Fourth, expertise matters. In a continuous services model, clinical and technical support analysts are experts empowered to do more than respond to tickets. They understand clinical workflows, governance and IT business processes to work as an extension of the IT team solving problems at the root.

Finally, the model has to scale. As organizations grow, the support structure should adapt with them. Intelligent automation makes that possible by creating a flexible operations model that evolves as needs change without drastically impacting cost.

What We Gain When Support Gets Smarter

The benefits go well beyond reducing tickets. Internal IT teams finally get room to focus on long-term projects instead of reacting to daily disruptions. Clinicians spend more time on care and less time wrestling with technology. Most importantly, patients receive care backed by systems that are reliable and responsive.

A Final Thought

After a career in healthcare IT support, I’ve learned that service excellence isn’t about heroics, it’s about making a difference. It’s about providing world-class support designed to ensure the technology is no longer a barrier for clinicians to provide quality care.

Status quo isn’t an option when lives are on the line like Jake’s. The real heroes are the nurses and caregivers. Our job is to make sure the systems behind them are just as ready and dependable.

That’s the kind of continuous support healthcare needs now. One that runs quietly in the background, and when it works well, it saves lives. It is entirely within reach.

Readers Write: Access to Care Isn’t Just Technology, It’s Human Connection

Access to Care Isn’t Just Technology, It’s Human Connection
By Cheryl Dalton-Norman

Cheryl Dalton-Norman, RN, MBA is president and co-founder of Conduit Health Partners.

Every year, a new priority dominates conversations among hospital C-suites. The current buzz phrase is “access to care.” It’s certainly a priority that all stakeholders can rally around. While technology will be front and center as a critical enabler of better access, it must be paired with something just as critical: real human connection.

As healthcare leaders, we don’t just shape patient care, we experience it ourselves. I was reminded of this all too clearly during a recent family medical crisis.

It was a Saturday at 3 p.m. My father-in-law was in pain. His wound looked worse, and a rash had developed. None of these issues were new, but my mother-in-law was exhausted, my husband was worried, and our only option was an emergency room visit, one that would drain my father-in-law even further and send us down an all-too-familiar path. The cycle was grueling: hospital, rehab, ER, hospital, assisted living, ER, hospital, skilled nursing, assisted living, ER. Again and again.

Many healthcare organizations are making significant strides in using technology to improve access. That’s important. But at that moment, what I needed wasn’t just technology. I needed someone to talk to me. Someone who could listen, review my father-in-law’s medical record, understand where we were in the process, and help determine the best next step. That resource wasn’t available, so the cycle of fear, fatigue, and poor outcomes continued.

I’ve spent my entire career in healthcare, from bedside nursing to administrative leadership. Yet even with my experience, my own family struggled to navigate a system that too often leaves patients and caregivers feeling lost.

Access means different things to different people. For me, it’s knowing that when someone reaches out for help, whether at 3 p.m. on a Saturday or 2 a.m. on a Tuesday, they aren’t met with barriers, but with immediate connection.

This is why nurse triage is a vital first touch point for ensuring timely, appropriate patient access. The reality is that all healthcare settings are ripe for after-hours nurse triage services that can be used as a backend and backup clinical resource. These models work by ensuring 24/7 access to a registered nurse who listens, assesses the situation, and provides guidance using best-practice protocols. This way, patients avoid unnecessary ER visits while still ensuring they get the right care. More than that, that human touch point provides peace of mind, continuity, and true access to care.

While some healthcare work is easy to quantify, some is mission driven. It has value for communities, but might be difficult to define in dollars and cents. It’s one thing to do the math on a value proposition for healthcare revenue cycle. For example, “Here’s how much we collect on average. Here’s our rate of point-of-service collections year over year.” 

How do you measure the value of building trust and connection with patients? How do you capture improved access to care for underserved or rural populations from a telephone call after hours? These are new ways of looking at value, and the value proposition of nurse triage to the patient and clinician experience is just as important as the number of avoided ED visits. 

Additionally, the clinician mass exodus from healthcare continues at alarming rates. From nursing teams to ED staff and emergency medical services workers, health care professionals are overburdened and overextended. Alleviating even some of this burden would make a difference, especially when it comes to 24/7, 365-day coverage.

Health systems, FQHCs, medical groups, and payers need solutions, not buzzwords. We must commit to better patient outcomes while supporting caregivers and ensuring no one has to navigate the system alone.

Readers Write: Happy Customers Don’t Just Pay Their Bills!

Happy Customers Don’t Just Pay Their Bills!
By Dean Kaufman

Dean Kaufman, MS is founder and CEO of Healthcare Service Consultants of Millburn, NJ.

“The purpose of a business is to create a customer who creates customers.” Those are the words of Shiv Singh, chief executive officer at Savvy Matters, a business growth consulting firm, and author of “Savvy: Navigating Fake Companies, Fake Leaders and Fake News in the Post-Trust Era.”

The problem is that many company leaders are short-sighted when it comes to customer relationships and don’t make the most of satisfied customers in the long term. Singh’s sentiments, however, ring especially true in the healthcare IT and health tech markets, where ongoing customer success and relationship building are ultimately critical to long-term business success.

Indeed, this long-game approach is an absolute must-have for continued growth. This rings even more true for cloud-based SaaS companies since turning off the spigot is as easy as turning it on.

As such, healthcare IT company leaders must remember that happy customers can do more than simply pay their bills. They can evolve into strategic assets that fuel business growth in more ways than one might think.

The unfortunate reality, however, is that early stage healthcare IT companies are often pressured to focus on near-term customer acquisition and rapid top line revenue growth. This is often necessary to show investors they can solve a pressing problem and acquire paying customers. Company leaders, however, must look beyond these immediate concerns and realize that enduring success requires a people-first approach that nurtures trust and long-term customer relationships that extend beyond the initial sale and out-of-the-gates technology implementation.

Customer Success as a Product Commercialization Strategy

Concentrating on these relationships is crucial, because healthcare IT buyers at provider organizations typically are risk-averse and make fact-based buying decisions. For this reason, acquiring new customers hinges on the company’s ability to substantiate the accuracy of product claims. The best way to accomplish this is to provide quantified evidence via existing customers. This is why successfully nurturing long-term customer relationships is so incredibly important.

Happy customers are not “just” satisfied when a vendor solves their pressing problem. These customers will often vouch for the benefits their organization has realized by using the company’s products. Optimally, they will eventually see beyond their unique clinical or operational workflows and understand how a technology company’s solution can be applied broadly across the market.

If done well, a delighted customer will not only buy more from the company. They will become sales agents as well. By evangelizing the problems solved and benefits realized by healthcare IT products, happy customers attract others with similar needs. This creates new leads and leapfrogs these new prospects further along the sales process as interest and credibility are already established.

Happy Customers Drive Sales

Unfortunately, most early-stage companies are under pressure to complete an implementation as quickly as possible and move on to the next one so revenue recognition can begin. As a result, when an IT company walks away after implementation, the company is likely to miss a growth opportunity.

Truly successful companies are those that continue to satisfy customers’ needs while seeking new ones. Ensuring existing customers are taken care of by solving their problems as they arise, taking an interest in their ongoing needs, and identifying legitimate opportunities to sell more to them are three successful sales strategies. This ongoing relationship-nurturing process is especially important in healthcare, where continuous customer and technical support is required.

A happy customer is more likely to be willing to:

• Contribute to case studies, webinars, and other forms of thought leadership content.
• Provide favorable verbal and written testimonials.
• Support reference calls, site visits, trade shows and introductions to others.

Such evidence-based product marketing content is invaluable for building confidence and eliminating the fear, uncertainty, and doubt necessary to drive the business forward.

Relationship Building Starts at the Top

The role of company leadership, particularly the CEO, is pivotal in fostering a culture focused on long-term customer success. CEOs who focus too much on technology or near-term revenue generation risk overlooking the importance of long-term personal relationships. After all, people buy from people, even in this day and age. No matter how sexy the technology, trust that another human will do what they say and solve a problem they say they can solve is the foundation for business success, not just in health tech and IT.

When company leadership is people-focused, other teams follow suit and are more likely to build customer trust through meaningful interactions that foster a richer understanding of the client’s business challenges and pain points. This benefits sales and support, leading to better products and a deeper understanding of market needs.

Customer Success as a Strategic Philosophy

Satisfied and engaged customers are a competitive advantage and a prerequisite for long-term business growth. Unfortunately, not every CEO gets the memo. There are plenty of companies that seem to care little about their customers and erroneously believe that “if we build it, they will come.”

When company leaders stay informed about customer journeys and optimize processes that ensure ongoing success, customers are apt to become fantastic allies. Remember, the reverse is also true. Unhappy customers are not always able to stop paying and switch vendors, even if they want to. When this happens, they can expose the soft underbelly of a company or product in unexpected ways, such as around interfacing and workflow issues that may not be a core expertise. They can hurt a technology company’s reputation through direct conversation, social media, and the rumor mill. As such, these customers might be doing just the opposite of what company leaders want them to do: Creating customers for competitors.

Readers Write: The End of “Good Enough”: A Personal Journey to Better Healthcare IT Application Support

The End of “Good Enough:” A Personal Journey to Better Healthcare IT Application Support
By Jody Buchman

Jody Buchman, MBA is SVP of continuous services at Healthcare IT Leaders.

I never imagined that my most powerful lesson in healthcare IT application support would come from a hospital bed.

During my third pregnancy, I was given only a 30% chance of carrying to term. It was a high-risk situation that kept me on bed rest. I worked remotely for Cerner from a hospital room while continuing to support clients. For the first time, I experienced the healthcare system not just as a professional, but as a patient. And in that moment, I saw the real impact of the women’s health solution we were implementing – not on a screen, but in the care I was receiving when every decision mattered.

My son Jake was born early, just four pounds. But thanks to an incredible team of clinicians and the systems that empowered them, he went home just three days later. Today, he’s a healthy high school baseball player and a daily reminder of why this work matters so deeply to me.

That experience shaped everything about the way I lead today. Lying in that hospital bed and experiencing the system not as a technologist, but as a mother, I came to understand what excellence in healthcare IT truly means. Behind every system alert and resolved ticket is a human story, a moment where things either go right … or don’t.

It’s why I’ve dedicated my career to building support organizations that are more than just reactive help desks. The traditional Managed Services model – transactional, after-the-fact, and satisfied with “good enough”- simply isn’t good enough. Not when every delay, every overlooked alert, every closed-but-not-solved ticket can directly impact care. I’ve seen the fallout firsthand: burned-out IT teams, clinicians wrestling with tools instead of treating patients, and families caught in the middle.

Healthcare doesn’t stop after hours, and neither can we.

Why the Old Way of Application Support No Longer Works

When you’ve managed global application support at scale, with thousands of customers and millions of incidents a year, you start to notice patterns. For too long, we tolerated a model that measured success by closed tickets, not real solutions.

I’ve seen the consequences: the physician who can’t get help after hours, the nurse who hesitates to open a ticket because it rarely leads to resolution, the IT manager who knows what’s broken but lacks the resources to fix it.

In healthcare, where time, accuracy, and availability are non-negotiable, that model simply doesn’t hold up.

What a Continuous Services Model Looks Like

Healthcare runs around the clock and technology continues to evolve. It’s time our application support models did, too.

What’s needed now is a continuous services approach, one that’s proactive, connected, and designed to prevent problems before they impact care.

Here’s what that means in practice:

First, real-time system monitoring should be the norm. Just as clinicians monitor patient vitals, IT support teams should track system health in real time. Application performance lags, interface errors, error pop-up messages, and failed jobs should be spotted early and addressed before users ever notice.

Second, automation needs to take on more of the routine work. Routine fixes like restarting ops job, failed interface transactions, or real-time data cleansing don’t have to require manual effort or have time constraints. Smart automation can handle these tasks, freeing up IT resources for higher-value work and providing an always-on and available resource around the clock.

Third, the tools and teams supporting the system need to be connected. Too often, monitoring tools don’t talk to ticketing platforms. Analysts don’t have access to context or history. A continuous model links everything together so that support is both faster and more informed.

Fourth, expertise matters. In a continuous services model, clinical and technical support analysts are experts empowered to do more than respond to tickets. They understand clinical workflows, governance, and IT business processes to work as an extension of the IT team solving problems at the root.

Finally, the model has to scale. As organizations grow, the support structure should adapt with them. Intelligent automation makes that possible, creating a flexible operations model that evolves as needs change without drastically impacting cost.

What We Gain When Support Gets Smarter

The benefits go well beyond reducing tickets. Internal IT teams finally get room to focus on long-term projects instead of reacting to daily disruptions. Clinicians spend more time on care and less time wrestling with technology. And most importantly, patients receive care backed by systems that are reliable and responsive.

A Final Thought

After a career in healthcare IT support, I’ve learned that service excellence isn’t about heroics, it’s about making a difference. It’s about providing world-class support designed to ensure the technology is no longer a barrier for clinicians to provide quality care.

Status quo isn’t an option when lives like Jake’s are on the line. The real heroes are the nurses and caregivers. Our job is to make sure the systems behind them are just as ready and dependable.

That’s the kind of continuous support healthcare needs now. One that runs quietly in the background, and when it works well, it saves lives. And it’s entirely within reach.

Readers Write: Healthcare Cyber Resilience in 2025: Why “Good” Isn’t Good Enough

Healthcare Cyber Resilience in 2025: Why “Good” Isn’t Good Enough
By Chad Alessi

Chad Alessi, MS, MBA is managing director of cybersecurity at CTG.

Ninety-two percent of healthcare organizations have experienced at least one cyberattack in the past year. More than half saw disruptions to patient care, and nearly a third reported increased mortality rates as a result. These aren’t just statistics, they’re a wake-up call for the entire industry. The healthcare sector is under siege, and the stakes are nothing less than patient safety, operational continuity, and public trust.

Yet despite the relentless barrage of ransomware, phishing, and supply chain attacks, many healthcare leaders still describe their organizations’ cyber resilience as merely “good” or “average.” An April 2025 CHIME Executive Member Survey, representing 42 healthcare organizations across the US, reveals a sector that is investing more and learning fast. But they are still struggling to keep pace with increasingly sophisticated adversaries who continuously adapt and exploit new vulnerabilities.

While healthcare organizations are dedicating more resources to cybersecurity than ever before, increased spending does not always translate to greater protection. The data shows a sector that is reactive, not proactive, with stronger confidence in threat detection than vital capabilities in response and recovery.

Key findings from the CHIME survey include:

• Most organizations consider their cyber resilience as “good,” but few report achieving excellence. A significant minority still self-identify as average or below average, especially in recovery capabilities.
• Confidence is highest in IT teams’ 24×7 threat detection but drops sharply for non-IT staff and business leaders. This gap is critical when rapid, cross-functional response is needed.
• Investment priorities are clear — AI-driven threat detection, incident response playbooks, modern Security Operations Centers (SOCs), employee training, and supply chain risk management.

Technology alone is not enough to secure healthcare’s digital front lines. The survey highlights how internal barriers, most notably persistent budget constraints, continue to hinder progress, even as the cost of cyber incidents rises.

Executive support and understanding of cybersecurity are often lacking, making it difficult to establish the governance and strategic direction that are needed for resilience. Many organizations also face a shortage of skilled cybersecurity professionals, and legacy IT infrastructure further complicates efforts to modernize defenses.

The complexity of healthcare systems and associated data adds another layer of difficulty, as organizations try to keep up with a rapidly evolving threat landscape. Ultimately, these human and organizational factors can be just as critical as any technical vulnerability.

The future impact of these human vulnerabilities is impossible to assess as bad actors continue to evolve their attacks and new technologies create new opportunities for disruption. This uncertainty was top-of-mind for survey respondents who pointed to a new breed of threats that are rapidly gaining ground.

AI-powered cyberattacks — including deepfakes, generative phishing, and sophisticated social engineering — have emerged as top concerns, as attackers use artificial intelligence to automate and personalize their tactics. Supply chain vulnerabilities are also front and center, with organizations increasingly dependent on third-party vendors that may not have robust security measures in place.

Ransomware continues to be a major concern, especially as attackers shift to encryption-less tactics that threaten to expose sensitive data rather than simply lock it down. Meanwhile, advanced phishing attacks that are capable of bypassing even multi-factor authentication are making it harder than ever to protect critical systems and patient information.

The consequences of these attacks are not confined to the IT department. When hospital systems go down, the effects ripple through every aspect of care delivery. Delays in procedures and tests become common, and critical patient information can become inaccessible at the worst possible moment. The survey and supporting research show just how serious these impacts can be:

• 69% of affect organizations reported disruption to patient care.
• More than 50% saw delays in procedures and tests, while 25% linked attacks to increased patient mortality.
• Supply chain attacks were most likely to disrupt care, with 82% of those affected reporting direct patient impact.

These results underscore the dire need for healthcare organizations to conduct more training to prepare all staff, not just IT, in the event of a disruption. While many organizations deliver basic training or tabletop exercises, few extend these programs beyond IT staff. This is a missed opportunity, as rapid, coordinated response across all departments is essential for minimizing the impact of attacks on patient care.

The survey also found ample opportunity to improve communications during disruptions, which also has a direct impact on restoring patient care. Confidence in incident response communications, both for staff and patients, is mixed, with many organizations expressing uncertainty about whether their plans are up to date, comprehensive, tested, and validated under real-world conditions.

What should healthcare leaders prioritize when it comes to addressing the potential impact of cyber disruptions on patient care?

• Elevate cyber resilience to a board-level priority. Executive leaders must drive strategy, governance, and response readiness across the organization.
• Invest in both technology and talent. AI-driven defenses and modern SOCs are critical, but so are skilled personnel and a culture of cyber awareness.
• Expand training and incident response exercises to all staff, not just IT. Everyone has a role to play in defending patient safety.

Healthcare’s cyber battle will continue to escalate. While the sector is making progress, “good” is no longer good enough. To safeguard patients, protect data, and ensure operational continuity, organizations must adopt a proactive mindset and prioritize both technical innovation and human expertise to create truly resilient operations.

Readers Write: Virtual CISOs Bring New Hope to Orgs Without Dedicated Cybersecurity Officials

Virtual CISOs Bring New Hope to Orgs Without Dedicated Cybersecurity Officials
By Ryan Finlay

Ryan Finlay is principal chief information security officer, advisory services, at CereCore.

Healthcare CIOs are grappling with tight budgets, leading 71% of them to report their intent to seek alternative labor solutions for top priorities such as cybersecurity services. Virtual chief information security officers (VCISOs) offer a pragmatic solution for organizations that are seeking to enhance their cybersecurity resilience strategy.

VCISOs provide organizations with access to high-level cybersecurity expertise without the need to add a full-time executive to the payroll. This fractional leadership model is particularly beneficial for healthcare organizations that often struggle with limited resources and can also be leveraged in an advisory capacity to extend the resources of healthcare IT leaders. A VCISO brings specialized knowledge and strategic direction, helping to assess current security programs, define improvement strategies, and build resilience against cyber threats.

Organizations that lack a full-time dedicated security official could have growing cybersecurity concerns based on limited internal expertise and governance directed by a leadership team with competing priorities. Engaging a VCISO on a part-time basis introduces collaboration with various internal teams, such as a security council and IT security committee, to assess cybersecurity posture and develop a strategic plan for improvement.

A VCISO can help evaluate the effectiveness of existing security protocols, advising on compliance with HIPAA security rules, and implementing resilience-building measures. By leveraging VCISO expertise, organizations can enhance their cybersecurity posture, mitigate risks, and ensure ongoing readiness for future threats.

The value of VCISOs is further underscored by recent survey results of CHIME (College of Health Information Executives) CIOs. The survey highlights cybersecurity as the top IT priority for healthcare CIOs, with 30% of respondents identifying it as their primary focus. This consistent emphasis on cybersecurity reflects the growing recognition of the importance of robust security measures in protecting sensitive data and maintaining operational integrity.

Additionally, the survey revealed a trend towards adopting fractional and virtual strategies for IT leadership. With tight budgets and limited resources, many CIOs are turning to partnerships and outsourcing to address staffing challenges and enhance cybersecurity capabilities. This approach allows organizations to access specialized skills and expertise without the financial burden of full-time hires.

VCISOs can strengthen cybersecurity resilience and bring new confidence to cyber strategies with these best practices:

• Conduct regular security assessments. Regularly evaluate the effectiveness of current security measures, identify areas for improvement and options for addressing them.
  Develop comprehensive security programs. Create detailed action plans that address identified gaps and align with industry standards and regulatory requirements.
• Foster collaboration. Encourage collaboration between VCISOs and internal teams to ensure a cohesive approach to cybersecurity.
• Stay informed on threat trends. Keep abreast of the latest cybersecurity threats and trends to proactively address emerging risks.
• Implement continuous improvement. Regularly update and refine security protocols to adapt to the evolving threat landscape.
• Assist during recovery efforts. In the event of an incident, healthcare leaders can need extra hands to prioritize what needs to be done and make informed recovery decisions.

By providing strategic direction, expertise, and capacity, VCISOs can enable organizations to navigate the complexities of cybersecurity without the need for a full-time executive.

Readers Write: The New Reality of Ransomware: Why Your Epic Environment Needs an Isolated Recovery Plan

The New Reality of Ransomware: Why Your Epic Environment Needs an Isolated Recovery Plan
By Bill Smith

Bill Smith is director of Epic practice at Cordea Consulting.

In early 2024, one of the nation’s largest healthcare payment and revenue cycle platforms was hit by one of the most disruptive cyberattacks in US healthcare history. For weeks, the industry watched as claims processing, pharmacy operations, and revenue cycle management were paralyzed. Providers couldn’t get paid. Patients couldn’t fill prescriptions. Some health systems resorted to writing down billing info on sticky notes while scrambling to find workarounds.

This attack was a wake-up call, not just for rev cycle teams, but for every CIO, CISO, and CTO who is responsible for keeping clinical systems online. If ransomware can take down a national clearinghouse for weeks, what could it do to your Epic environment?

“We Have DR,” They Said. “It’ll Be Fine,” They Said.

In 2024, over 180 confirmed ransomware attacks targeted healthcare providers, compromising more than 25 million records. Backups are encrypted. Disaster recovery (DR) plans fall apart. IT teams scramble for answers. The clock ticks, and patient care suffers. Hospitals and health systems limp through outages for weeks, rebuilding from scratch. We’ve seen it happen too many times.

For healthcare IT leaders, the stakes are higher than ever. When an attack disrupts access to Epic on prem, clinicians lose access to patient records, and operations grind to a halt. The organization also loses patient trust and revenue  to the tune of $1.9 million for every day of downtime, on average.

The truth is, traditional DR wasn’t built for ransomware, and it can’t guarantee Epic will come back online quickly or at all. It was designed for hardware failures, natural disasters, and short-term interruptions, not for sophisticated cyberattacks that can quietly compromise your environment, your production systems and backups, over weeks or months before detonating.

We’re long past the point where traditional backup and DR strategies are sufficient. This isn’t about fear, it’s about preparation. The rules of disaster recovery have changed, and the most resilient healthcare organizations are already adapting by setting up isolated recovery environments (IREs) that can keep them running when everything else grinds to a halt.

Enter the Isolated Recovery Environment

Think of an IRE as an Epic safety vault, completely separated from the turmoil outside. It’s encrypted, dormant until you need it, and updated in near real time with mirrored Epic data. When activated, it gives your organization rapid access to Epic Hyperspace via a public URL to enable basic electronic documentation. With standalone deployments of Interconnect and managed services like Kuiper all segregated in the IRE, this version of Epic is protected from the attack.

An IRE isn’t just another backup system. It’s a fully functional, secure replica of your Epic environment that’s cut off from production and the broader network, purpose-built to remain untouched during a ransomware attack. When (not if) ransomware hits, you can keep delivering patient care, even when your production environment is down.

Why AWS: The Business Case Beyond IT

Many organizations are turning to AWS as the platform of choice for Epic IRE, and with good reason. This isn’t just an infrastructure upgrade, it’s a strategic investment in business continuity and patient safety. For Epic on-prem systems, here’s how an IRE on AWS changes the game:

• Rapid recovery. Switch over to a functional Epic environment in minutes, not days.
• Real-time access to Epic. Clinicians retain access to schedules, notes, and secure chat, even mid-incident.
• Immutable data protection. Advanced network isolation capabilities with air-gapped, encrypted backups shielded from tampering or deletion.
• Operational continuity. Maintain patient care workflows and reduce revenue loss.
• Limited read/write access. Secure logging of patient data even during an attack
• Lower risk profile. A stronger recovery plan can lead to lower cyber insurance premiums.

You also get a cloud-native architecture that scales without breaking your budget, along with AWS’ unmatched security and compliance (146+ HIPAA-eligible services and HITRUST CSF-certified environments). Pay-as-you-go pricing minimizes upfront costs, and deployment is fast (you can go from zero to IRE in as little as 10 weeks)

An IRE on AWS doesn’t just protect data. It safeguards continuity of care. It provides your team with confidence and a sense of stability during a period of chaos when peace of mind is hard to find.

If your recovery strategy still relies on assumptions that backups will be accessible and that downtime will be minimal, it’s time to rethink that strategy. IREs aren’t the future, they’re what forward-thinking healthcare organizations are implementing right now because they’re tired of rolling the dice.

If ransomware’s coming for you (and it is), meet it with a tested, isolated copy of Epic in a fortified cloud bunker. An Epic IRE on AWS offers a proven, practical way to build ransomware resilience into your core IT operations. Because in today’s threat landscape, continuity isn’t just about recovering systems, it’s about preserving trust, safety, and care delivery under pressure.

Readers Write: Early Innovation Matters: What I Learned Building a Glucose Sensor in High School

Early Innovation Matters: What I Learned Building a Glucose Sensor in High School
By Max Kopp

Max Kopp is a high school researcher who is focused on biomedical engineering and non-invasive sensing systems. He is also the founder and CEO of VitaSense.

Diabetes is one of the most widespread chronic diseases in the world. But continuous glucose monitoring remains inaccessible to many patients due to pain, cost, and complexity. While various needle-based solutions exist, they present a barrier to consistent use and adherence, particularly for people with type 2 diabetes who are less likely to be prescribed real-time monitors.

In high school, I began exploring whether a painless and affordable alternative could be possible using light and advanced nanomaterials. What started as a science fair project evolved into a deep investigation into photoplethysmography (PPG) and the semiconductor properties of Germanium Selenide (GeSe) as a potential medium for glucose sensing.

This work eventually became the foundation of a novel approach to non-invasive glucose monitoring that combines flexible, inkjet-printable electronics with wavelength-specific light analysis to estimate glucose concentration in the interstitial fluid beneath the skin. Because the design avoids the need for subdermal sensors or adhesives, it offers potential for broader, long-term adoption.

During the process, I encountered a range of challenges, both scientific and practical. Signal noise, calibration variability, and the need for robust motion filtering were early hurdles. Overcoming them required collaboration with academic mentors, iterative prototyping, and long nights debugging sensor arrays that were built on flexible polymers.

The research was eventually peer-reviewed and published in a scientific journal. It has also earned recognition from national youth science competitions that are focused on applied physics and health innovation. More importantly, it showed that with the right support, young researchers can meaningfully contribute to solving real healthcare problems.

This experience reinforced something critical: the innovation pipeline needs to start much earlier. Most efforts in health technology originate in universities or corporate R&D labs. But students, when given access to tools and mentorship, can identify overlooked patient needs and generate fresh ideas with remarkable speed.

Healthcare leaders should consider how to foster those early-stage ideas. Partnering with student-led projects or offering access to clinical mentors, sensor labs, or data modeling tools can help cultivate innovation from new angles. The barriers to entry are high in regulated health environments, but creating more low-risk educational bridges could lead to high-reward outcomes.

Innovation in chronic disease care will only accelerate if the ecosystem welcomes bold questions from unexpected places. Investing in curiosity, even from classrooms, might help us solve the next billion-dollar problem before it costs patients another dollar.

Readers Write: AI to the Rescue: Revolutionizing Efficiency in Healthcare Workflows

AI to the Rescue: Revolutionizing Efficiency in Healthcare Workflows
By Caleb Manscill

Caleb Manscill, MBA is president of Vyne Medical.

The healthcare industry is at a tipping point. With rising demands for high-quality care, increasing financial pressures, and widespread staffing shortages, healthcare providers face an uphill battle to maintain efficiency while meeting patient needs.

Operational bottlenecks and administrative burdens have long weighed down progress, but a game-changing shift is underway: the rise of AI and machine learning. These cutting-edge technologies are not just tools. They are a jumping point for innovation, set to change healthcare workflows, optimize decision-making, and deliver better care outcomes.

The Role of AI and Machine Learning

The adoption of automation technologies in clinical and administrative workflows is accelerating at a fast pace. By 2029, the global workflow automation market is projected to surge to $34 billion, up from $21 billion in 2024, reflecting the pivotal role these technologies play in healthcare transformation. At the heart of this revolution, AI and machine learning are taking on the most pressing inefficiencies, reshaping operations to unlock productivity, accuracy, and cost savings.

Impact on Administrative Workflows and Resource Optimization

AI-powered solutions address some of healthcare’s most persistent challenges by automating time-intensive administrative tasks, allowing staff to focus on higher-value activities. For example, data transcription, a necessary yet manual process, can now be completed in just 30 seconds with over 90% accuracy, compared to the five minutes it once required. These gains drastically reduce errors and boost productivity without sacrificing quality.

Though the front-end processes are critical to getting things right, they’re only half the story. Beyond administrative tasks, AI also optimizes documentation, scheduling, and claims processing to ensure that back-end operations run smoothly. By streamlining these processes, organizations can eliminate redundancies, reduce operational overhead, and achieve greater financial stability. AI further enables leaders to strategically allocate resources, improving patient flow and enhancing revenue cycle management. Together, these improvements drive measurable efficiency and cost-effectiveness.

Enhancing Decision-Making and Clinical Workflows

AI also enhances clinical workflows by enabling smarter, data-driven decision-making. Through advanced algorithms, AI analyzes patient data to identify patterns, predict outcomes, and recommend treatment options, supporting clinicians in providing more personalized care. Process automation helps streamline clinical workflows by reducing manual processes, allowing care teams to spend more time with patients and less on administrative tasks.

For example, AI can prioritize urgent tasks, reduce delays in patient care, and foster collaboration across departments. The impact of these efficiencies includes improved patient experiences, reduced clinician burnout, and better overall care delivery.

Take a surgery order workflow as an example. When a hospital system receives a surgery order, teams traditionally need to extract key details manually and link them to the patient’s electronic medical record (EMR). By using AI and machine learning, much of this process is now automated. AI extracts data from the order, indexes it to the appropriate patient record, and forwards it seamlessly to the EMR system.

However, the next step, leveraging Generative AI, takes this automation to a higher level. Gen AI can resolve more complex challenges, such as identifying and associating the correct patient record when multiple entries exist in the EMR. Traditionally, humans spend significant time verifying patient information, such as matching dates, MRNs, or account numbers, across hundreds of transactions daily. Gen AI can take over this decision-making process for straightforward cases, sending the data directly to the EMR.

By tackling inefficiencies, reducing administrative burdens, and empowering smarter decision-making, this technology is setting a new standard for operational excellence. As healthcare systems continue to navigate workforce pressures and resource limitations, the integration of AI is no longer a luxury — it is an urgent necessity. With its potential to streamline workflows, enhance outcomes, and drive sustainability, AI is the key to building a more resilient and efficient healthcare ecosystem.

Readers Write: CMS TEAM: What Hospitals Need to Know to Succeed

CMS TEAM: What Hospitals Need to Know to Succeed
By Mary Sirois

Mary Sirois. MBA is managing director of clinical transformation with Nordic

Healthcare reimbursement is undergoing a significant transformation, with the Centers for Medicare & Medicaid Services (CMS) spearheading a decisive shift towards value-based care, cost reductions, and confidence in care quality. At the forefront of this evolution is Transforming Episode Accountability Model (TEAM), a mandatory, episode-based, alternative payment program that is designed to improve the patient experience from surgery through recovery.

With the January 1, 2026 launch date quickly approaching, I strongly encourage healthcare leaders to prioritize understanding and proactively preparing for TEAM now. Without a strategic and well-executed plan that addresses topics such as EHR integration, clinical and operational workflows across the continuum of care, data infrastructure, change management, governance, and more, organizations risk compromised patient outcomes, competitive disadvantage, and financial instability.

Patient-centered care and financial sustainability: Unlocking TEAM’s potential

TEAM will advance the CMS Innovation Center’s prior work on episode-based alternative payment models, including the Bundled Payments for Care Improvement Advanced and Comprehensive Care for Joint Replacement Models. TEAM is designed to improve care coordination and outcomes for Medicare beneficiaries undergoing any of the following five episodes of care, which begin with the “event” (admission or surgery), extend throughout 30 days, and include both hospital and ambulatory care:

• Lower extremity joint replacement.
• Surgical hip femur fracture treatment.
• Spinal fusion.
• Coronary artery bypass graft.
• Major bowel procedure.

The assessment and payment structure under TEAM is based on a retrospective analysis of the total cost of care for each episode. CMS sets target prices based on historical data and benchmarks, and providers are accountable for managing costs within these targets. If the actual cost of an episode is below the target, providers may share in the savings.

Conversely, if costs exceed the target, providers may face financial penalties. This risk-sharing arrangement incentivizes providers to optimize care pathways, reduce unnecessary services, and improve patient outcomes. Key opportunities for healthcare organizations include:

• Leveraging Intersocietal Accreditation Commission data.
• Mitigating financial penalties.
• Aligning with ongoing population health/value-based care work.
• Improving care coordination across the continuum of care and partnerships.
• Reducing unnecessary readmissions.

Navigating CMS TEAM: Assessment, collaboration, monitoring, and strategic partnership

To effectively prepare for CMS TEAM and strive under the program, healthcare leaders should focus on three core areas:

1. Comprehensive assessment and playbook development. Begin with a thorough current state assessment, evaluating financial projections, risk stratification, care setting optimization, provider alignment, discharge planning, care coordination, outcomes management, quality measures, and model readiness. This assessment will inform the development of a strategic playbook, outlining specific strategies to improve performance and ensure compliance with TEAM requirements.

2. Strategic collaboration and technology integration. Foster collaborations with providers across the continuum of care (many of whom are not directly aligned to the healthcare system, such as post-acute, skilled nursing facilities, and home care) and payers. Evaluate and implement technology solutions that enhance data sharing and care coordination. Prioritize patient engagement and education, empowering them within the episode-based care model.

3. Continuous monitoring and adaptation. Establish a robust monitoring system, tracking performance against key indicators and implementing continuous quality improvement initiatives. Proactively adapt to evolving CMS guidelines and industry best practices. Create alerts for early identification of and response to care pathway deviations.

Given the complexities of TEAM and the critical need for urgency, hospitals and health system leaders can benefit from partnering with experienced, healthcare-focused consultants who can help identify potential challenges and areas for improvements. Through high-level performance reviews, strategic recommendations, and implementation considerations, partnership enables hospitals and health systems to take a strategic and clinically driven approach to TEAM compliance that harnesses the power of data and technology to enhance patient and clinician journeys and optimize performance.

CMS TEAM: Seizing this pivotal moment for healthcare excellence

As our industry stands on the cusp of the TEAM launch, I see this as a pivotal shift towards a more efficient, cost effective, data-driven, and patient-centered healthcare system. By embracing the principles of value-based care, taking proactive steps to prepare, and engaging in meaningful partnerships, healthcare leaders can ensure their organizations comply with TEAM requirements, deliver the highest quality care, and thrive in the evolving healthcare landscape.

Readers Write: Payment Cost and Confusion Continue to Frustrate Patients. Why Is Healthcare So Late to the Game?

Payment Cost and Confusion Continue to Frustrate Patients. Why Is Healthcare So Late to the Game?
By Tom Furr

Tom Furr is founder and CEO of PatientPay.

More than two years after a Kaiser Family Foundation survey found that 100 million American adults wrestle with medical debt, cost and affordability of care remain top concerns for consumers. Half of adults say that it’s difficult to afford care, a 2024 KFF poll found, and one in four have skipped or delayed care due to cost concerns.

Could 2025 be the year when the healthcare industry takes bigger, bolder steps toward easing these concerns by running a more automated and patient-friendly operation? In a year when medical costs are expected to rise about 8% and commercial healthcare spending could rise to its highest level in 13 years, according to a PwC analysis, one would argue that it should be.

According to a recent William Blair report, Consumer-Centric Healthcare: 2025 Update, US healthcare spending continues to outpace that of comparable countries with $12,555 in healthcare spending per person, “$4,000 greater than any other high-income nation, yet the nation falls behind most developed countries when it comes to health outcomes. And while this spending gap continues to widen, we’re not seeing better outcomes for the money spent.

“If federal health spending accounted for the same share of GDP that it did in 1973, the budget would be balanced,” the report states. “If it were the same as in 2000, the deficit would be 2.5% of GDP, less than both the 1946-2023 and 1962-2023 averages.” I would be shocked if this fact were not on DOGE’s radar, since Elon Musk was the first to ask why the government uses “cost-plus contracts” for military and space projects. I guess the space challenge between SpaceX and Boeing shows that having more capabilities with less expense ultimately wins the race.

Yet even as federal requirements for hospital price transparency continue to be put into play, the types of information patients want most — their out-of-pocket costs after insurance and their options for payment — remain challenging to determine at some organizations. It’s an area where digital tools that offer automation plus reduced cost for patient billing and collection to help reduce administrative expenses. One organization that currently devotes eight people to payment processing found that it could reduce manpower for this task to one person with an automated solution.

A New Era for the Patient Financial Experience

The proportion of self-pay patients has risen sharply since the end of Medicaid continuous enrollment, including for emergency visits among patients in all age groups. Meanwhile, as healthcare costs increase, employee pay raises have slowed. These are signs that healthcare organizations should reexamine their approach to automation, in particular for the patient financial billing and payment process.

A Deloitte survey of healthcare leaders suggests some organizations are poised to do so. Most leaders surveyed believe automation will help with cost and affordability for the healthcare industry this year, with 53% saying their organization will focus on improving the consumer experience, engagement, and trust while reducing the cost to achieve efficiencies and increase productivity.

To truly make an impact, patient financial services teams should look to automation to communicate financial responsibility, resources, and payment options in ways that meet patients where they are. This means sharing information in ways that can be easily understood regardless of a person’s education level or their native language. It also means making sure information is available in a variety of formats, including via mobile phone, given that 98% of American adults own a mobile phone. One company only allows patient payments to be set up after a call is made, even though most patients want to set up their payment online while reviewing their bill. Limiting patients’ options is a dissatisfier in an era of consumer-driven convenience.

Making the Right Connections to Ease Payment Concerns

In the quest to cure payment confusion and strengthen consumer trust, how can healthcare revenue cycle teams most effectively communicate financial information to patients? There are three things healthcare revenue cycle teams should consider.

1. Broadly communicate options for patient financial assistance.

This includes one-to-one conversations at the point of registration, via a widely publicized toll-free number, through posters and brochures in patient waiting rooms, on the provider’s website, and via secure text. It may also consist of discussions at the point of care, so long as the patient has been stabilized and consents. Discussions around financial assistance options should take place as early in the patient encounter as possible, according to guidance from the Healthcare Financial Management Association. It should also incorporate language the patient can readily understand, both verbally and in written form. Some organizations suggest that print and digital communications be written at a fifth-grade level and available in more than one language. When written communications are not available in the patient’s native language, seek a translator or translator service to ensure clarity.

2. Explore mechanisms for digital communication and payment.

Leading healthcare organizations leverage the device most consumers own, their mobile phone, to send payment notifications via secure text. It’s an option consumers gravitate toward: A 2024 J.P. Morgan survey reveals 75% of consumers want to pay their medical bills online. Yet 71% of healthcare providers most often collect payment from consumers via paper and manual processes, the survey found. “The trends reveal a deep disconnect between the healthcare industry and consumers,” according to the analysis.

Keys to successfully rolling out a text-to-pay model that collects more payments while reducing cost, such as the number of paper statements sent: Use patient payment behavior to determine which patients are most likely to respond to this approach. Give digital communications time to breathe, typically, one week, before following up. While some individuals will pay within minutes or hours of receiving a text notification, some may wait longer, although typically not more than a week.

3. Integrate EOBs with digital payment.

Providing access to the patient’s explanation of benefits (EOB) statement with their bill offers an opportunity to clear up questions around the out-of-pocket amount that is due from the start of the patient financial encounter. It gives patients a chance to review how much their insurance company has paid and how the amount due was calculated. By providing consumers a mechanism for verifying the amount that is due at the point of payment, this increases the likelihood of payment.

As healthcare leaders express a desire to strengthen the patient financial experience while also reducing their cost to accomplish better collection results, they should deploy a thoughtful approach to automation around financial communications and payment remittance before being pushed to do so by outside sources.

Readers Write: A Revenue Cycle Disruptor Perspective and the Future of Healthcare Finance

A Revenue Cycle Disruptor Perspective and the Future of Healthcare Finance
By Heather Dunn

Heather Dunn, MBA is chief revenue officer of Novant Health.

I recently moderated a panel discussion at the HFMA Western Symposium with an amazing group of healthcare leaders and “disruptors” in the revenue cycle industry. We talked about what it takes to innovate in a very regulated environment, how to break out of the mold in revenue cycle, and how to succeed while facing great internal constraints. The lessons that we shared from this conversation have shaped my thinking of what it means to be a disruptor in any setting.

The healthcare finance landscape is evolving rapidly, and innovation is at the heart of this transformation. From the introduction of AI-driven tools to the resurgence of RPA (robotic process automation) and the focus on predictive analytics that help reduce costs and make revenue cycles more efficient, we are witnessing a fundamental shift in how healthcare finance operates.

But innovation isn’t just about adopting new technologies; it’s about rethinking our challenges and reimagining what’s possible. We’ve seen industry disruptors challenge the status quo and bring forward new solutions that fundamentally change how we manage claims processing, denial prevention, and payment integrity.

Game-Changing Innovations

Healthcare finance has long been weighed down by inefficiencies, whether it’s cumbersome claims processes, endless back-and-forth with payers, or the sheer administrative burden of staying compliant. But recent innovations are flipping the script:

• AI-powered claims analysis. Custom machine-learning technology is helping hospitals and providers analyze medical claims and remittance data to pinpoint the root causes of denials and underpayments. Instead of playing defense, healthcare organizations can now predict and prevent revenue loss before it happens.
• Rethinking cybersecurity preparedness. With cybersecurity threats on the rise, new solutions are stepping in to ensure that financial operations remain uninterrupted even during an outage. Given how interconnected revenue cycle management is with IT infrastructure, having a fail-safe plan in place is no longer optional, it’s essential.
• National payer scorecard. Transparency has always been a challenge in healthcare finance. With the creation of a national payer scorecard, organizations can now access critical insights into payer performance, helping them make more informed financial decisions.
• Business partner relationships. These relationships can help health systems keep up with how the industry is changing. Health systems should challenge their business partners to bring them solutions that will make them more efficient and effective.

Lessons from the Trenches

As exciting as these innovations are, they don’t come without challenges. Healthcare is notoriously slow to adopt new technology, often for good reason. The complexity of regulations, interoperability hurdles, and the ever-present concern over cybersecurity risks mean that even the best ideas can face roadblocks.

• Regulatory hurdles. States are introducing laws to regulate AI in healthcare. For example, California recently passed landmark legislation prohibiting health insurance companies from using AI to deny coverage. While AI holds immense promise, organizations must tread carefully and ensure compliance with emerging state and federal policies.
• Cross-industry inspiration. Unlike industries such as retail or finance, healthcare has been slow to embrace automation. But we don’t have to reinvent the wheel. Looking at how other sectors have successfully leveraged AI and automation can provide valuable lessons in accelerating our adoption curve.
• Balancing AI’s promise with reality. AI isn’t a magic wand. It requires the right data, ongoing monitoring, and a human-in-the-loop approach to be truly effective. The real question isn’t can we use AI, but how should we use it in a way that’s ethical, effective, and sustainable?

Actionable Takeaways

What can healthcare finance professionals do today to future-proof their revenue cycle strategies?

• Start small, scale smart. If AI or automation seems overwhelming, begin with pilot projects that address your most pressing pain points, whether it’s reducing denials, improving payment integrity, or streamlining workflows.
• Stay informed on legislation. The AI regulatory landscape is shifting quickly. Keeping up with state and federal guidelines will be critical in ensuring compliance and mitigating risk.
• Invest in cybersecurity resilience. Cyber threats aren’t a matter of if, but when. Having a solid financial continuity plan in place is just as important as preventing breaches in the first place.
• Look beyond healthcare for inspiration. Retail, banking, and even logistics have mastered AI-driven efficiencies. What lessons can healthcare borrow to accelerate adoption without falling into common pitfalls?

The Future is Now

The revenue cycle is no longer just about processing claims and getting paid. It’s about leveraging technology to create a smarter, more resilient, and ultimately more efficient system. Health systems rarely challenge the status quo. There is just a lot happening in their world every day. They need help to think about how tech and the future can change their revenue cycles work. The disruptors in this space are showing us that innovation isn’t just about new tech; it’s about new ways of thinking.

The real question isn’t whether the revenue cycle will evolve. It’s whether we will lead that change or struggle to keep up.

In every organization I’ve served, I’ve taken the approach of being a disruptor who is willing to embrace change. As I make my own career transition back to a patient care delivery organization, I am energized by the opportunities to be a disruptor yet again, to innovate, and to make a difference in the lives of patients and employees.

Readers Write: Why Healthcare Providers Need AI That Thinks, Not Just Repeats

Why Healthcare Providers Need AI That Thinks, Not Just Repeats
By Jaideep Tandon

Jaideep Tandon, MS is CEO of Infinx.

For years, automation has been the go-to fix for revenue cycle inefficiencies. Healthcare providers rolled out robotic process automation (RPA) to handle tedious tasks like eligibility checks, claim submissions, and payment posting. It was a game-changer — until it wasn’t.

RPA works like a hyper-efficient intern. It’s great at following instructions, but completely lost when something unexpected happens. Need to reprocess a claim after a payer changes the rules? Sorry, that’s not in the bot’s programming.

With payer guidelines constantly shifting, denials on the rise, and administrative burdens growing, healthcare providers need more than automation. They need intelligence.

Why Traditional Automation Falls Short

RPA has its place, but it’s not built for the complexity of modern revenue cycle management (RCM). Its biggest weaknesses?

• Zero adaptability. If a payer updates claim submission requirements, RPA bots don’t adjust — they just fail.
• No contextual awareness. RPA doesn’t know why a claim was denied or what’s likely to happen next. It just moves data from one place to another.
• No learning curve. AI improves over time, but RPA remains frozen in time unless someone reprograms it.
• Can’t problem-solve. RPA won’t notice payer trends, optimize claim prioritization, or proactively prevent denials.

In short, RPA does what it’s told. AI figures out what needs to be done.

AI, the Next Step in Revenue Cycle Management

AI takes automation a step further. It doesn’t just complete tasks, it makes smarter decisions. Here’s how AI is reshaping revenue cycle management:

• Accurate patient demographics. Patient name, date of birth, and insurance details must be correct from the start to prevent denials. AI-powered document capture extracts and validates this data automatically, reducing errors and ensuring that claims are submitted with accurate information.
• Smarter prior authorizations. Prior auth delays are the worst. RPA can submit requests faster, but it can’t anticipate what payers need or adjust to shifting criteria. AI detects patterns, flags missing information in advance, and even suggests the best way to avoid follow-ups.
• AI-powered coding audits. Billing rules are a moving target. AI-driven audits ensure claims are coded correctly the first time, preventing costly denials and compliance issues.
• Intelligent A/R prioritization. Most revenue cycle teams treat all outstanding claims equally or assign rules arbitrarily, but not all claims have the same likelihood of getting paid. AI predicts which claims should be prioritized based on payer behavior, patient payment history, and contract terms, helping providers maximize revenue with less effort.
• Denial prevention: catch issues before they happen. Instead of reacting to denials, AI predicts them. By analyzing payer trends and historical data, AI can flag risky claims before submission, reducing rework and accelerating reimbursements.

What Healthcare IT Leaders Should Consider

AI is only as good as its implementation. Before rolling out AI-powered RCM, healthcare CIOs should focus on:

• Seamless integration. AI should complement, not replace, existing EHR and RCM systems.
• Meaningful success metrics. AI’s impact should be measured by claim accuracy, denial reductions, and A/R improvements, not just automation rates.
• AI + human collaboration. AI isn’t here to replace revenue cycle teams. It’s here to free them from repetitive tasks so they can focus on complex problem-solving.

Final Thought: The Future is AI (But Not the AI You’re Thinking Of)

Healthcare doesn’t need AI that just automates. It needs AI that thinks.

The future of revenue cycle management won’t be about simply working faster. It will be about working smarter. AI-powered decision-making will reshape how healthcare providers manage revenue, shifting from reactive firefighting to proactive optimization.

The question isn’t whether AI will transform RCM. The question is,: will you be ahead of the curve, or struggling to catch up?