Leadership teams sit through vendor demos every week. The pitch is always the same: improved efficiency, reduced clinician burden, faster workflows, better outcomes. The presentations look polished, the implementation timelines seem doable, and everyone leaves feeling like they've just previewed the future of their organization. Most of the time, those fantasies of a perfect launch don't stick around for long.

Digital health's biggest failures start when organizations deploy tools they haven't fully evaluated as clinical risk decisions. We often assume they point to flawed tech or malicious intent, but that's not the real issue. Healthcare still treats tech procurement like an enterprise software purchase, with most evaluations focusing mainly on feature lists and integration capabilities. A product demo can show you what a system does, but it can't show you what happens when it malfunctions on a busy day. It can't show what happens when workflow workarounds become fragmented across multiple platforms. Those are the unspeakable headaches of integrating new systems.

Healthcare still treats technology procurement as though it were a software purchase, when these are actually patient-safety decisions. That distinction matters more than most people realize. A famous example is Epic's former sepsis prediction algorithm. This tool was rolled out across hundreds of hospitals to identify patients at risk. Independent researchers later showed it often missed cases while also generating a high volume of false alerts. Clinicians described alert fatigue and a erosion of trust because the recommendations often contradicted what they were seeing at the bedside. They'd forced a heavy, complex algorithm into workflows already running at capacity. There was no clear accountability, no consistent way to validate whether the model was performing as expected, and no plan for what clinicians should do when the system's recommendations contradicted their clinical judgment.

Decision makers are great at asking vendors whether their technology integrates with the EHR, but far fewer ask how the tool changes clinician behavior, how accountability is assigned when a recommendation turns out wrong, what happens during system downtime, or whether the algorithm was validated on patient populations that actually resemble the communities served. A poorly governed AI system destabilizes workflows, increases cognitive burden, fragments clinical documentation, delays care, amplifies bias, and generates enough noise to derail the whole system. It's almost never a single catastrophic failure-it's a cascade. We keep assuming sophisticated technology will automatically organize our workflows, but dropping a complex algorithm into an unprepared environment only scales the risk.

Right now there's so much pressure to innovate that caution can look like resistance. But moving fast isn't the same as moving well. The strongest health systems take the time to build a foundation that's well planned and executable-bringing all key players and systems into view and anticipating potential issues-while choosing vendors who operate as true partners. The rest of this newsletter edition will highlight how to navigate this wisely.

Can you imagine meeting with a vendor, walking through the procurement cycle, and deciding to roll out a new tool across hundreds of health systems nationwide that would flag high-risk patients and connect them with intensive care management to improve outcomes and lower costs? That dream is exactly what hundreds of hospitals chased a few years ago with an Optum algorithm. The tool, though, didn't deliver as hoped. In 2019, researchers published findings in Science showing that the "magic" algorithm was systematically prioritizing healthier white patients over much sicker Black patients. How could they have gotten that so wrong?

The vendor had built the model to use healthcare spending as a proxy for clinical need. If a patient costs more, they'll be sicker, right? But that logic breaks down once you account for how people actually access care. Black patients with chronic conditions have historically used less healthcare than white patients with identical conditions, for a lot of reasons we don't have time to list here. Lower utilization meant lower costs. The algorithm read that cost difference as evidence of better health and adjusted its risk scores accordingly. Instead of a neutral, evidence-based clinical decision support tool with all the promised bells and whistles, teams across the country ended up with an algorithm that amplified decades of systemic access disparities at machine speed.

Did the vendor lie? Not exactly. But the people who were supposed to scope and vet the vendor didn't ask the right questions. The sandbox doesn't always match real patient populations, trends, and utilization. Organizations treated this like a standard software purchase rather than a governance decision with legal, reputational, and clinical consequences. The regulatory scrutiny that followed made that crystal clear. If your procurement process isn't designed to surface these questions before a contract is signed, you're not doing due diligence-and your organization could be at risk.

Digital Risk Compliance Solutions is currently accepting 2 new client engagements for Q3 2026. We work with healthcare leadership teams to risks that could lead to reputational disasters.

If your organization needs a Risk Readiness Audit or an organizational workshop , Digital Risk Compliance Solutions is here to help. Reach out here to discuss how we can support your mission here.