< + > Epic Shares Details for First ERP Application in EpicOps

One of the biggest announcements at last year’s Epic UGM was Epic’s decision to develop a fully native ERP application as part of the Epic software suite.  Epic has now taken the next step and shared information on the Teamwork Staff Scheduling application that has been rolled out in the EpicOps ERP solution.

To learn more about Epic’s efforts in the ERP space, Healthcare IT Today chatted with Aparna Sridhar, VP of EpicOps at Epic.  Check out our interview below to learn more.

Why did Epic decide to start creating ERP software that’s on the same system as the Epic EHR?

Aparna: Customers asked us to! Back in 2023, when I was a developer for patient scheduling, I was helping automate provider clinic schedules. Customers always asked, “What about providers who have clinic time, and round in the hospital, and do surgery?” For academics, that also includes accounting for training and research time. With workforce shortages, creating these schedules was a huge administrative burden—filling tens of thousands of shifts every staffing cycle and manually balancing department rules and clinician preferences. Additionally, customers needed several systems to be able to schedule different types of staff—like providers, nurses, and support staff—but none of those systems could integrate with their Epic assignment workflows.

So we created Teamwork to help organizations automate their staff scheduling in one place, using clinical data that already exists in Epic. In addition to staff, Teamwork can also handle scheduling for space, like exam rooms. We released that in November 2024 just as supply shortages, huge spikes in supply costs, and Medicaid cuts took hold; health system operating margins were running very thin, and our customers needed our help to run a lean and efficient operation.

We bring a focus on healthcare and deep integration across the health system that’s unique in the ERP market. So to help our customers, we’re moving forward to create EpicOps—a complete ERP suite built for healthcare.

You’ve rolled Teamwork Staff Scheduling as the first application in the EpicOps ERP, what are some of the main features and functions in Teamwork?

Aparna: Schedulers can use Teamwork’s Staffing Board to build a schedule, or they can let the Auto Assign feature generate a draft automatically—one that accounts for scheduling rules, staff capacity, and shift targets. Depending on the size and complexity of a schedule, that can save hours or even days of work per cycle.

Staff members can use the Shift Marketplace to check their schedule and swap or fill open shifts on the same device they’re already using for their other workflows in Epic. Nurses can self-schedule by signing up for shifts directly, and Teamwork also integrates with patient assignments, cross-unit staffing, float pool management, and census and workload predictions, so organizations can move nurses to where they’re needed at any given time. All that shift data feeds into other Epic workflows in real time—syncing with physicians’ Cadence scheduling templates, populating the On-Call Finder, updating statuses in Secure Chat, and keeping Urgent Care wait time predictions accurate.

Another major component of Teamwork is the Room Tracker, which helps schedulers monitor exam room schedules and track how room plans compare to actual utilization, so they can allocate space and time more efficiently.

Describe some of the benefits of having the EpicOps ERP solution in the same system as the EHR and other related functionality in Epic.

Aparna: Three things stand out:

4. • Faster care coordination with lower administrative effort—updating the on-call schedule for clinicians in real time is better for patient care because it improves care coordination, and clinicians love the ease of use.
   • Fully integrated supply chain—forecasting future needs based on upcoming case history takes the guesswork out of ordering, so health systems don’t end up wasting supplies or delaying patient care due to inventory gaps.
   • Financial data and clinical data all in one place. Health systems can consider cost within the context of clinical outcomes for better operational decision making.

Here’s another big advantage of a fully integrated supply chain: With a fully unified Item Catalog across the entire healthcare organization, recalls flagged at one site instantly reach other sites, alerting surgical staff and protecting patients while making it easier to replace the recalled items with approved substitutes.

Healthcare organizations continue to face tight operating margins and workforce and supply shortages. Operating more efficiently is more important than ever. That’s what EpicOps is all about.

What have been some of the results of having Teamwork for those healthcare organizations that are already using it?

Aparna: We’ve heard from early adopters that Teamwork helps them handle administrative overhead more efficiently and give clinicians more time to focus on patients. Building provider schedules is significantly faster. On-call updates that might have taken nearly an hour now happen right away. One organization was considering constructing more space, and with Teamwork they realized that they could continue serving their patient population by finding and using empty exam rooms more easily.

What’s the rollout plan for Teamwork for other Epic organizations that may be interested in it? 

Aparna: Our first five organizations are live and 11 others are actively installing, and so far, those installs have all gone smoothly—they’ve consistently finished on time and under budget, so we’re confident in expanding at a steady pace.

Teamwork already has a global footprint, and we’re expanding that with groups in the United Kingdom. When we implement Teamwork, we do so in waves of health system staff roles. The first roles usually go live in 3-4 months, and all roles are live in about 6-12 months.

What are the next areas of ERP that Epic plans to tackle after Teamwork?  What’s the future ERP roadmap look like? 

Aparna: The next EpicOps module, Time and Attendance, helps manage how staff hours are recorded, verified, and paid. The first organizations to use it will begin installing this fall and plan to go live in 2027. We expect it’ll reduce manual work on both ends of the payroll process. It creates staff timecards populated with scheduled shift information and adapts to changing situations: if a nurse floats to a different department, the right cost center is assigned automatically. And when a nurse steps away for a break, we can route coverage to another nurse and track time accordingly. Managers will be able to review and approve time logs with confidence that the data is already accurate.

In early 2027, we plan to release Credentialing and Cost Accounting. Credentialing will reduce the time it takes to onboard new providers and maintain credentials on an ongoing basis. Cost Accounting will connect operational spending to clinical outcomes, giving leaders a clearer idea of what procedures cost and how those costs correspond to patient outcomes.

Later in 2027, EpicOps will expand support for supply chain management—including inventory, procurement, and vendor management—alongside additional financial functionality: general ledger, budgeting, and accounts payable. Our plan is for EpicOps to ultimately bring workforce, supply chain, and financial management into a single healthcare-focused platform.

Does Epic plan to build out all of the ERP functions so a healthcare organization can replace their ERP or are there areas that Epic doesn’t plan to do that an organization will still need the ERP?

Aparna: EpicOps is made up of six applications: Teamwork, Credentialing, Cost Accounting, Supply Chain, Financials and Workforce (HR & Payroll).

Teamwork, Credentialing, and Cost Accounting can be installed as add-ons that can work alongside both their Epic system and their existing ERP. For example, Teamwork can send time and attendance data to a health system payroll system.

Supply Chain, Financials, and Workforce are designed to give health systems end-to-end ERP support with a healthcare focus and native Epic integration—these are meant to replace, rather than supplement, a general-purpose ERP.

Some scenarios will be supported over time, but not in the initial release. Health systems that share an ERP infrastructure with a university, for example, will need additional functionality like support for academic program management. Similarly, ERP support for standalone health plans, diagnostics, pharmacy, and other allied healthcare areas is part of our longer-term vision.

< + > What to Look For in Revenue Cycle Management Solutions for Radiology Practices

The following is a guest article by Healthare Administrative Partners

Radiology practices face mounting financial pressure from declining reimbursement rates, rising claim denials and increasingly complex billing regulations. These challenges require specialized billing expertise. Selecting the right revenue cycle management (RCM) partner can make the difference between stability and operational strain.

Why Specialized RCM Is Critical for Modern Radiology Practices

Radiology billing demands expertise that generic RCM services lack. The specialty involves complex imaging-specific coding, payer policies unique to diagnostic procedures and frequent regulatory changes affecting reimbursement.

Radiology practices commonly face several pain points that specialized RCM directly addresses:

• Declining reimbursement rates: Payer policies continue to tighten, reducing payment amounts for common imaging procedures.
• High claim denial rates: Complex coding requirements and prior authorization rules result in frequent rejections.
• Complex coding for radiology procedures: CPT codes for imaging studies require modifiers and documentation that generalist billers often mishandle.
• Administrative burden of in-house billing: Managing billing staff, staying current with regulations and handling appeals consumes valuable time and resources.
• Lack of visibility into financial performance: Without proper reporting systems, practices cannot identify revenue leaks or denial patterns.
• Keeping up with changing regulations: Compliance requirements shift constantly, creating legal and financial risk for practices that fall behind.

While some companies use software to navigate these challenges, others will use services.

Key Criteria for Evaluating Radiology RCM Vendors

When comparing potential partners, practice administrators should focus on certain capabilities that directly impact outcomes and operational efficiency.

Maximizing Financial Performance and Reimbursement

A quality partner should demonstrate proven ability to increase collections and reduce revenue leakage. Look for those who emphasize denial reduction strategies, aggressive AR follow-up and systematic claim scrubbing before submission.

The best providers track metrics like clean claim rates and collection timelines, using this data to continuously improve performance. Ask potential partners for examples of how they have increased collections for similar organizations.

Ensuring Coding Accuracy and Regulatory Compliance

Expertise in radiology-specific procedures is nonnegotiable. Your partner should employ certified coders who specialize in imaging and stay current with CPT, ICD-10 and modifier requirements.

Compliance knowledge protects your organization from audits, penalties and demands for overpayment recovery. Verify that the company has established quality assurance processes, regular audits and ongoing staff education programs to maintain accuracy as regulations evolve.

Evaluating Technology and Workflow Integration

Strong reporting and analytics capabilities provide the visibility you need to understand performance, identify denial trends and make informed decisions.

Evaluate how well the partner’s processes and technology integrate with your current workflow while maintaining operational continuity and minimizing staff retraining needs. Seamless integration with your existing practice management and radiology information systems ensures smooth operations.

Prioritizing Client Support and Partnership

The ideal partner acts as a strategic collaborator invested in your financial performance. Look for dedicated account management, responsive support teams and transparent communication about your results.

A collaborative relationship means the company proactively identifies issues and adapts its approach to your specific needs. Client references and satisfaction scores can reveal how well a company delivers on its promises.

The Best Radiology Billing Companies for 2026

The following radiology revenue cycle management vendors comparison review offers a starting point for your research. These companies have established strong reputations for serving imaging organizations.

1. Healthcare Administrative Partners

Healthcare Administrative Partners specializes in radiology and medical imaging, offering comprehensive RCM through physician practice coding and billing services, compliance-driven processes and consulting. Its partnership approach earned the team a 98.6% client score for professionalism. This reflects the company’s commitment to high-touch service and collaborative relationships that help maximize revenue while maintaining regulatory adherence.

Key features:

• Radiology-exclusive focus
• Compliance-driven process
• Partner-centric support

2. Hawthorn Physician Services

Hawthorn Physician Services provides revenue cycle management across multiple specialties, including radiology groups seeking comprehensive billing support. Its service model combines operational expertise with financial consulting to help healthcare providers optimize collections and streamline operations. The company’s multi-specialty approach allows it to serve organizations with diverse service lines beyond imaging.

Key features:

• Multi-specialty expertise
• Practice management
• Financial consulting

3. Acclaim Radiology Management

Acclaim Radiology Management specializes in diagnostic imaging centers and radiology groups, delivering billing services tailored to imaging facilities. Its offerings include credentialing support and MIPS reporting assistance, helping organizations navigate quality payment programs. The company serves both hospital-based and independent diagnostic facilities with specialized billing knowledge.

Key features:

• Imaging center billing
• Credentialing services
• MIPS reporting

Frequently Asked Questions

Below are some common questions to consider when researching revenue cycle management solutions.

What is the difference between RCM software and an RCM service provider?

Revenue cycle management software provides tools for your internal team to use for billing and claims processing. An RCM service provider handles the entire billing cycle, assuming responsibility for outcomes with the company’s experienced personnel.

How long does it take to switch RCM vendors?

Most changes take 60 to 90 days to complete. An RCM vendor can make this transition smooth by following best practices and keeping up-to-date documentation for further changes.

What KPIs should you track for the revenue cycle?

Essential metrics include days in accounts receivable, clean claim rate, denial rate and collection rate. These KPIs help identify problems before they impact your cash flow.

Choosing the Right Financial Partner for Your Practice

Selecting a revenue cycle management partner represents a strategic decision that affects your financial health for years to come. Use these evaluation criteria to assess potential vendors based on their ability to address radiology-specific challenges. Take time to thoroughly examine each candidate’s expertise, technology capabilities and commitment to partnership before making this important choice.

Healthcare Administrative Partners is a proud sponsor of Healthcare Scene.

< + > This Week’s Health IT Jobs – June 24, 2026

It can be very overwhelming scrolling through job board after job board in search of a position that fits your wants and needs. Let us take that stress away by finding a mix of great health IT jobs for you! We hope you enjoy this look at some of the health IT jobs we saw healthcare organizations trying to fill this week.

Here’s a quick look at some of the health IT jobs we found:

• Health Admin Services Analyst – Accenture
• Chief Information Officer – CONMED Corporation
• Patient Financial Representative Senior – Patient Financial Services – CHRISTUS Health
• VP IS Business Operations – Children’s Health
• ROI Medical Records Specialist – MRO
• Patient Advocate Data Entry I – Myriad Genetics
• Medical Revenue Specialist – Preston Hollow Psychiatry Group
• Privacy Analyst I – R1 RCM
• Community Health Worker (NCOR) – Arkansas Children’s
• Patient Care Representative – Sentara Health
• Implementation Specialist – CuraLinc Healthcare
• Epic Analyst – Revenue Cycle – HTC Global Services
• Community Health Worker – Hackensack Meridian Health
• VP, Data Sciences – Waystar
• Patient Service Representative – Tenet Healthcare
• Population Health Specialist I – Network Health WI
• Regional Director, Healthcare Technology Management – Community Health Systems
• Medical Records Specialist – Genpact
• Virtual Chief Information Officer (vCIO) – Healthcare – Meriplex
• Director – Information Systems Analytics & Reporting – Woman’s Hospital

If none of these jobs fit your needs, be sure to check out our previous health IT job listings.

Do you have an open health IT position that you are looking to fill? Contact us here with a link to the open position and we’ll be happy to feature it in next week’s article at no charge!

*Note: These jobs are listed by Healthcare IT Today as a free service to the community. Healthcare IT Today does not endorse or vouch for the company or the job posting. We encourage anyone applying to these jobs to do their own due diligence.

< + > How Healthcare Analytics Dashboards Lose Operational Clarity: The Hidden Cost of Metric Inflation

The following is a guest article by Tanya Amar, Senior BI & Insights Analyst at eHealth

Picture this: you’re a data analyst leading a dashboard project for a major healthcare organization. The goal is straightforward: build a dashboard that tracks operational KPIs such as patient satisfaction, appointment utilization, patient access trends, and operational efficiency.

You build the first version and walk a few operational stakeholders through it. At first, the conversation goes exactly as expected. Stakeholders provide feedback and suggest adjustments.

Then the requests start growing.

One stakeholder asks for appointment utilization to be broken down further by region. Another wants patient access metrics segmented by service line to better understand scheduling bottlenecks. Someone else asks whether referral trends can be layered into the dashboard to better connect operational performance with patient intake patterns.

Then marketing joins the discussion. They want visibility into outreach campaign performance, referral source trends, and patient acquisition patterns alongside the existing operational metrics. Additional filters are suggested. New dashboard views are proposed.

Eventually, the dashboard starts drifting from its original purpose.

If you work in analytics or regularly rely on dashboards within a healthcare organization, this probably sounds familiar.

Over time, dashboards can become crowded with competing metrics, filters, and conflicting priorities. The result is often the opposite of what the dashboard was originally designed to achieve: operational clarity.

Over time, healthcare analytics dashboards can gradually become overloaded as new metrics, filters, breakdowns, and stakeholder requests continue accumulating.

When Dashboard Clutter Starts Affecting Decisions

Operational dashboards are expected to support fast and focused decision-making. As dashboards become increasingly crowded, teams can spend more time interpreting information than responding to it.

In healthcare environments, where speed and accuracy directly influence operational outcomes, that loss of clarity can become especially problematic.

The issue is not simply visual clutter. Over time, metric inflation can affect how organizations interpret priorities and respond operationally.

Why Well-Intentioned Dashboards Become Overcrowded

Part of the challenge is that dashboards rarely become overcrowded because of poor intent. In many cases, the opposite is true. The requests driving expansion are often thoughtful, relevant, and operationally useful.

Most of the requests being made are not unreasonable. The problem is usually created collaboratively through a series of well-intentioned additions that accumulate over time.

Every new metric feels valuable, and teams naturally want dashboards to answer more operational questions.

Once a KPI is added, organizations rarely want to remove visibility into it. Additional drilldowns and filters are introduced in an effort to extract more insight from the same report.

Over time, dashboards gradually evolve into catch-all reporting spaces.

Different stakeholders want visibility into the metrics most relevant to them. As more perspectives are added, dashboards can slowly lose the focal clarity that originally made them effective.

Overcrowded dashboards are often the result of expanding visibility without clear prioritization.

Designing for Operational Clarity

Avoiding dashboard overload is often less about tracking fewer metrics and more about how operational dashboards are structured, prioritized, and used.

In my experience, three principles can help maintain clarity while still supporting meaningful operational insight.

Anchor Metrics to Decisions

Every metric on an operational dashboard should answer a simple question: what decision is this helping someone make?

That is very different from asking whether a metric would simply be interesting to track.

Operational dashboards are designed to support timely, focused decision-making rather than display every measurable data point.

Separate Exploratory Analytics from Operational Reporting

Stakeholders naturally want to investigate why certain KPIs are changing through additional segmentation or filters.

Exploratory analysis remains valuable, but not all of that work belongs inside a frontline operational dashboard.

Operational dashboards provide quick visibility into priorities and performance, while exploratory analytics support deeper investigation. Combining both into a single reporting environment can gradually reduce clarity and usability.

Use Visual Hierarchy Intentionally

Not every metric within a dashboard should carry equal visual prominence. In operational reporting environments, dashboards are often used to support fast and accurate decision-making, which means users need clear visual focal points that help direct attention toward the indicators that matter most.

Critical metrics should stand out clearly, while supporting metrics remain secondary.

Without visual prioritization, dashboards can begin presenting every metric as equally urgent, making it harder for teams to identify where attention is actually needed.

Visual hierarchy also affects usability. As dashboards expand with additional filters, calculations, and supporting tables, reporting environments can become slower and more difficult to navigate.

Maintaining Clarity Over Time

Principles alone are not enough. Maintaining clarity over time also requires governance, alignment, and ongoing operational discipline.

Part of that starts with metric ownership. Clear ownership around KPIs and reporting structures makes it easier to evaluate why metrics are being added and whether they continue to support operational goals.

Stakeholder alignment matters as well. Without shared expectations around dashboard purpose and decision context, reporting environments can gradually expand in conflicting directions.

Review processes and periodic KPI reassessments can help too. As reporting needs evolve, they allow organizations to stay focused. Like operational products, dashboards require prioritization and occasional simplification to remain effective.

Without that level of governance and prioritization, dashboards can gradually expand faster than organizations can meaningfully interpret the information being presented.

More Information is Not the Same as More Insight

Healthcare environments are inherently complex, and dashboards can play an important role in supporting operational decisions when they remain clear, focused, and actionable.

That requires thoughtful simplification, intentional prioritization, and a willingness to resist continuous expansion simply because more data is available.

More data does not automatically create more insight. In many cases, it creates more confusion, slower interpretation, and additional operational friction.

If healthcare organizations want teams to respond quickly and confidently in high-pressure environments, dashboards should reflect organizational priorities rather than compete for attention.

The most effective dashboards are often the ones that preserve clarity as complexity grows around them.

About Tanaya Amar

Tanaya Amar is a data and analytics professional with experience building enterprise analytics infrastructure and AI-driven decision systems across healthcare, insurance and technology organizations, including eHealth, Align Technology and CVS Health. Her work focuses on strengthening trust, governance, and transparency in data-driven decision-making.

< + > Kivira Raises $1.8M in Pre-Seed Funding | Kin Health Raises $9M

Check out today’s featured companies who have recently raised a round of funding, and be sure to check out the full list of past healthcare IT fundings.

---

How Kivira is Using AI to Solve Mental Health Misdiagnoses

Personal Experience Inspired Maria Carmona’s AI-Powered Company to Revolutionize Mental Health Diagnosis

From her earliest days growing up in Venezuela, Maria Carmona, MBA ’25 (XP-94), knew that a close family member was suffering from mental health issues, with unstable moods that could flare up at any time.

“As an example, my parents were remarried and divorced three times,” Carmona says. Despite traveling to the US several times to take her family member to some of the nation’s best hospitals, nothing seemed to work. “The diagnoses ranged from panic attacks all the way up to schizophrenia. They were just based on whatever the clinician knew at the time.”

Finally, when Carmona was 15, clinicians at NYU Langone Health diagnosed her family member with bipolar disorder. With the right treatment, they got better in a matter of months. “All of our lives dramatically changed,” Carmona says.

Over a decade later, that harrowing experience inspired Carmona to create the mental health startup Kivira while studying in Booth’s Sokolov Executive MBA Program. The company’s app supports mental health diagnosis using AI and structured assessments that patients can complete in a primary care physician’s office.

In the last year, Carmona has been on a whirlwind journey. After winning the Global New Venture Challenge (GNVC) at Booth, she raised $1.8 million in pre-seed funding from Wellstar Health System. In May 2026, Kivira is expected to begin a pilot project with UChicago Medicine, building on early validation work and formal clinical workflows…

Full release here, originally announced May 18th, 2026.

---

Kin Health Raises $9M to Build an AI Notetaker for Patients

The market for AI notetaking devices has exploded in the U.S., with the category generating over $600 million in revenue last year, according to a Menlo Ventures report. And as startups like Heidi Health and Freed have shown, there’s decent demand for this tech in healthcare, where doctors and clinics see the potential for an AI assistant that can help them keep track of patient conversations, surface health records, and lower their administrative burdens.

But those apps don’t do much for patients, which is why Kin Health is building a notetaker that can transcribe your visits to doctors, parse medical advice, and surface next steps when required. To that end, the startup has raised $9 million in a seed funding round led by Maveron.

The app is similar to a meeting notetaker: You can record doctor visits, and it will return an AI summary of the meeting, with the next steps, all of which you share with family and friends if you want to. It also lets you write down questions that you might want to ask during your next visit.

Kin Health says it encrypts all patient data and that summaries are kept private by default. The tool is not HIPAA-certified, as it is a patient-facing one, but it adheres to the same privacy standards, the company said.

The free app is built by physicians Arpan and Amit Parikh, along with Kyle Alwyn, who previously built online prescription service HeyDoctor and sold it to health platform GoodRx. Doug Hirsch and Trevor Bezdek, Co-Founders of GoodRx, are founding partners and executive chairmen at the company…

Full release here, originally announced May 18th, 2026.

< + > Healthcare IT Failures – Healthcare IT Today Podcast Episode 195

For the 195th episode of the Healthcare IT Today Podcast, we are taking a look at healthcare IT failures! We kick this episode off by debating what we think has been the biggest health IT policy failure. Next, we share our thoughts on the biggest healthcare technology failure. Then, we take a look at the healthcare system to see what its biggest structural failure is. We then end this episode by sharing a personal failure we experienced or were a part of in health IT.

Here’s a preview of the topics and questions we discuss in this episode:

• What’s been the biggest health IT policy failure?
• What’s been the biggest healthcare technology failure?
• What is the biggest failure, structurally speaking, of the healthcare system?
• What’s a personal failure you have experienced or been part of in health IT?

Now, without further ado, we’re excited to share with you the next episode of the Healthcare IT Today podcast.

We publish a new Healthcare IT Today podcast every ~2 weeks. Thanks to our friends at Healthcare Now Radio, you’ll be able to listen to the latest episodes of Healthcare IT Today on their radio station for the first two weeks. Then, we’ll be publishing each episode as a podcast and YouTube video here after it finishes on the radio.

You can also subscribe to the Healthcare IT Today podcast on any of the following platforms:

• Apple Podcasts
• Google Podcasts
• Stitcher Podcast Radio
• TuneIn
• Spotify
• iHeartRadio
• Pandora

Thanks for listening to Healthcare IT Today and if you enjoy the content we’re sharing, please rate the podcast on your favorite podcasting platform.

Along with the popular podcasting platforms above, you can Subscribe to Healthcare IT Today on YouTube. Plus, all of the audio and video versions will be made available to stream on HealthcareITToday.com.

If you work in Healthcare IT, we’d love to hear where you agree and/or disagree with the perspectives we shared. Feel free to share your thoughts and perspectives in the comments of this post, in the YouTube comments, with @Colin_Hung or @techguy on Twitter, or privately on our Contact Us page. Let us know what you think of the podcast and if you have any ideas for future episodes.

Thanks so much for listening!

Listen to Our Latest Episodes:

< + > Why Healthcare AI Governance Breaks Down After Deployment

The following is a guest article by Pooja Walia and Rajat Rawal

Most health systems we work with have passed the pilot stage for AI. Ambient documentation tools are in exam rooms. Revenue cycle models are running against live claims. Clinical decision support is nudging diagnoses across specialties. The tools are in the building.

What we keep seeing is that the governance that looked solid before go-live starts to slip a few months after. The policies are still on the shelf. The risk assessment was signed. The oversight committee met. But the AI that is running today is not quite the AI that was reviewed, and the people meant to govern it have no easy way to tell.

This matters more than it did a year ago, because the regulatory picture has changed. The proposed HIPAA Security Rule overhaul, expected to be finalized in 2026, removes the “addressable” safeguard loophole and brings AI systems that handle electronic protected health information explicitly into scope. The FDA’s revised Clinical Decision Support Software guidance, published in January 2026, narrows the exemptions many AI tools have been operating under. Texas, California, Colorado, and a growing list of states are adding disclosure and governance requirements for AI in clinical decisions. The NIST AI Risk Management Framework, which the federal government increasingly treats as the reference standard, expects ongoing oversight, not a single point-in-time review.

The common thread is that these rules assume health systems know what AI is running, who is accountable for each tool, and whether the governance is still accurate months after go-live. For many organizations, those assumptions do not yet match reality.

Here is where governance tends to break down, and what tends to help.

The Review was a Snapshot, The Tool is a Movie

Most AI governance work is front-loaded. Before go-live, the model gets tested. Bias is checked. Data flows are mapped. A risk assessment is written. On day one, the tool is genuinely well-governed.

Then it runs. Patient populations shift. Vendors push model updates on their own schedule. Clinicians use the tool in ways that were not part of the original design. Edge cases show up that never appeared in the test set.

The risk assessment still describes the system as it existed at launch. The system no longer exists that way. The gap widens quietly, and usually no one notices until something visible goes wrong.

The proposed HIPAA rule expects annual risk assessments that reflect the current state of the system, not the state at deployment. The NIST AI RMF’s MEASURE function expects continuous monitoring for the life of the deployment. Both point to the same practical need.

What helps: set a monitoring baseline at go-live and review it on a schedule. Performance. Drift. Override rates. Vendor update logs. Monthly for routine tools, more often for anything touching clinical decisions. This is not a new committee. It is a standing 30-minute review.

The Workflow on Paper is Not the Workflow in Practice

Governance documents describe how the AI is supposed to be used. A clinician is supposed to review each output. The AI is supposed to be one input among several. The recommendation is supposed to be advisory.

The real workflow often looks different. Busy clinicians rely on the tool more than the design assumed. A suggestion meant to be one data point becomes the anchor. Advisory outputs become the default because the reviewer does not have time to second-guess them.

None of this is negligence. It is what happens when thoughtful design meets an overloaded schedule. But if governance is only looking at the intended workflow, it misses what is actually happening.

This gap has compliance consequences now. The FDA’s updated CDS guidance looks at how the tool is used in practice, not just how it was designed. State laws like California’s AB 3030 require disclosure when AI meaningfully contributes to a clinical decision, which means the organization has to know when that threshold is crossed in the live workflow.

What helps: look at usage data. Which outputs are clinicians accepting without edits? Which are they overriding? Which are they clicking past? The answers tell you how the tool is really being used and where governance assumptions no longer match reality.

Escalation Paths Exist on Paper, Clinicians Cannot Find Them

A pattern we see often: a clinician notices something off about an AI tool. An output looks different. Confidence scores shifted. Results feel inconsistent with what the tool was producing last month. The clinician has a gut sense that something is wrong, and no idea who to tell.

Compare this to how other clinical technologies work. If a medication is wrong, there is a reporting process everyone knows. If an imaging machine misbehaves, biomedical engineering is a phone call away. When an AI tool drifts, the path is usually unclear. Is this an IT ticket? A vendor issue? A safety event? Who owns this?

Under the proposed HIPAA rule, incident response is a formal requirement, and it has to be operational, not just documented. ONC’s algorithm transparency rules expect certified health IT to support similar accountability.

What helps: every AI tool gets a named owner. Clinicians know who to contact. The process does not have to be elaborate. It has to be clear, and people have to know it exists. Treat AI systems the way you already treat other clinical technologies, and most of this gap closes.

Human-in-the-Loop Only Counts if the Human can Actually Review

This is the phrase we hear most often in healthcare AI, and it is also the one most likely to be a formality. Having a clinician click “approve” is not the same as having the clinician meaningfully review the output. If the workflow pushes them to approve twenty outputs in a minute, they are not reviewing. They are rubber-stamping.

Governance that assumes careful review, when the workflow makes careful review impossible, creates a gap between documentation and reality. The record will say a human reviewed each case. The reality will be different. Several state AI laws now explicitly require meaningful human oversight, not just nominal review, which means this gap is increasingly a legal exposure, not just a clinical one.

What helps: design the workflow so that real review is possible in the time clinicians actually have. If a real review is not possible, face that directly. Either invest in the time and structure to do it properly, or pull back on how much the AI is trusted to do on its own. Do not let the phrase carry weight it does not earn.

The Feedback Loop is Usually Missing

The better AI programs we have seen treat what happens after deployment as part of the system, not an afterthought. Clinicians can flag outputs. Overrides are logged. Patterns get aggregated and fed back to vendors or internal teams. Changes to the model or the workflow trigger a review instead of just happening quietly.

Most programs do not have this yet. It is the piece that turns governance from a document into a practice, and it is where the NIST AI RMF’s MANAGE function expects organizations to operate. Without it, the organization is flying on instruments that were calibrated at takeoff and never checked again.

Where this Leaves Us

AI in healthcare is past the stage where governance can stop at the point of deployment. The regulations are catching up fast, and they are catching up in the same direction: continuous oversight, named accountability, meaningful human review, and a feedback loop that captures what the system is actually doing in production.

The organizations that will hold up are the ones that treat post-deployment governance as part of the job. A monitoring baseline. A named owner for every tool. An escalation path that works in practice. A workflow that supports real clinician review. A feedback loop that learns from the live system.

None of this requires a new framework. It requires treating AI the way healthcare already treats everything else that affects patient care, which is as something that needs ongoing attention, not a one-time sign-off.

That is the work now.

About the Authors

Pooja Walia

Pooja Walia is a seasoned IT professional who works with healthcare organizations to design and operationalize secure, scalable, and compliant AI systems in regulated environments. Her work focuses on translating AI innovation into reliable, real-world systems.

Rajat Rawal

 

 

Rajat Rawal is a technology leader who supports healthcare organizations with implementing cloud and AI solutions, with a focus on operational scalability, system reliability, and navigating critical deployment challenges.

The views expressed in this article are the authors’ own and do not reflect the views of their employer.