AI is being infused into the healthcare ecosystem from 1,000 directions at 100 miles per hour. At least, that’s what it feels like to many tasked with ensuring those injections are done with proper guardrails in place. And while the risks of drift, hallucinations, and bias are at least well appreciated (if not mastered), those related to compliance and cybersecurity need to be more deeply considered and brought—via governance—into the right discussions at the right time. In this timely webinar, we’ll speak with cyber leaders focused on acting as true partners to their operational colleagues—fostering the rollout of the AI tools everyone wants, while making sure it’s done the right way.
Speakers:

* Brian Cayer, CISO, Keck Medicine of USC
* Christopher Frenz, Experienced Health System CISO
* Steven Ramirez, VP/CISO, Renown Health
* Damian Chung, VP of Cyber Defense & CSO, Healthcare, Netskope

Healthcare IT executives are deploying technologies such as generative AI to improve front-end patient access, enable ambient clinical documentation, and streamline back-office tasks like claims submission. Yet the mid-revenue cycle often receives less attention. This broad domain—including clinical documentation integrity and physician query management, medical coding and clinical validation, and charge capture and revenue integrity—still relies on entrenched workflows in many organizations. Given the gap between current practice and what modern tools can deliver, the mid-revenue cycle is a prime target for efforts to reduce costs and capture revenue. In this webinar, we’ll speak with leaders who are looking to bring today’s best technology to these processes.
Speakers:

* Adar Palis, SVP of Clinical & Revenue Cycle Applications, Providence
* James Wellman, VP/CIO, Nathan Littauer Hospital & Nursing Home
* Nicholas Raup, SVP, AI & Automation Solutions, e4health

Nnaemeka Okafor, MD, VP, Chief Analytics and Informatics Officer, Memorial Hermann Health System, says health systems are shifting from purchasing tools to building the conditions that let them deliver results. In an extensive interview, he outlined a program that emphasizes multidisciplinary governance, deliberate training, durable data infrastructure and careful budgeting that accounts for the true cost of adoption.
As an emergency physician of 18 years who also leads both informatics and analytics, Okafor argues that organizations must design for use. The goal is to assemble clinical, operational and technology teams that stay engaged across the product life cycle—selection, go-live, measurement and iteration—so workflows evolve with system upgrades and changing practice standards. The approach reflects the scale of Memorial Hermann Health System, which spans more than a dozen hospitals, hundreds of care sites and tens of thousands of staff in the Houston region.
The central idea is that adoption improves when leadership invests as much in measurement, dissemination and training as in the tool itself. Okafor said: “we need to build those ecosystems, or I would say environments, where the technology can thrive.” He connected that to risk management, noting that consumer-grade intuitions do not translate to clinical settings, where small navigation errors can carry consequences.
Budget Beyond the Sticker Price
Many boards have learned that initial licensing underestimates what it takes to achieve durable value. He pointed to widely cited analyses that show the costs of implementation and value realization can exceed the price of the technology itself. Okafor was explicit about the scale: “the cost of implementation or actually deriving value out of the tool, maybe three times the initial cost of the technology itself.” That ratio guided Memorial Hermann Health System during its recent EHR transition, where leaders deliberately budgeted for ongoing education, optimization and at-the-elbow support.

The funding posture also improves executive alignment. Okafor emphasized that a transparent “all-in” ask—covering licensing, change management, measurement and continuous education—reduces the need to return for incremental allocations, a scenario that tends to frustrate finance leaders. He framed successful requests in return-on-investment terms: quantify the operational, clinical and financial gaps; propose the training or optimization required to close them; and estimate the timing and magnitude of the benefit. That discipline, he said, builds trust for future proposals.
Training That Is Deliberate and Ongoing
Sustainable adoption requires more than one-time classes or passive videos. He described a tiered model built on deliberate practice, where content is targeted to the workflow users must perform and delivered in formats that match how they learn—short in-workflow clips, interactive simulations for high-risk tasks, role-based labs and scheduled at-the-elbow sessions. Leaders, he added, should protect time for training and communicate that proficiency is a core expectation.
Okafor also emphasized the importance of retraining. System upgrades and workflow changes can turn yesterday’s five-click sequence into a single action; without refreshers, staff will keep doing it the old way. Effective teams keep feedback channels open, route pain points to vendors and bring enhancements back to frontline users through concise reinforcement. Governance’s role is to maintain that loop, ensuring that clinical best practices and system capabilities mature together.
Data Foundations and AI’s Role
Measuring whether technology works at the elbow requires a strong data backbone. He described building internal pipelines and dashboards that combine signals from multiple systems to track adoption, efficiency and outcomes, rather than relying solely on out-of-the-box reports.

Robbie Freeman, Chief Digital Transformation Officer, Mount Sinai Health System, is steering a consolidated digital-and-AI agenda that aims to simplify experiences for patients, clinicians, and a 48,000-person workforce, while tightening the link between experimentation and enterprise scale. In a wide-ranging discussion, he outlined a governance model that blends top-down priorities with bottom-up discovery, a disciplined approach to pilots, and an emphasis on training and workflow change to ensure real adoption.
This interview was conducted as part of our recently published Special Report on AI 
In his role, Freeman oversees digital and AI product teams responsible for the myMountSinai app, omnichannel access (phone, text, web, app), and tools supporting clinicians at the point of care, alongside a new “employee digital front door” intended to streamline routine questions and tasks. He said that the workforce front door—powered by generative interfaces—will draw answers from policies and business systems, letting staff ask not only “what is our PTO policy?” but also “what is my PTO balance?”
“We’re pulling that together to create one seamless front door just for our workforce,” he said.
In describing the system’s scope, he framed the work as three “journeys”: the patient journey (access and navigation), the care journey (clinician-facing tools such as ambient documentation), and the workforce journey (HR and work-enablement). He emphasized that each journey is prioritized using a consistent approach, with experience research (focus groups, rounding, asynchronous polling) determining the pain points most worth solving now.

Governance Meets the Front Line
At Mount Sinai, digital and AI review structures have been merged to drive faster, clearer decision-making and to align investments with enterprise goals. Freeman said the unified body evaluates requests through an “experience-led” lens and balances “moonshots” with near-term fixes. The result, he noted, is a portfolio that can flex quarterly while preserving a common operating model for safety, bias testing, and measurement.
He stressed that outcomes hinge on people and process more than technology, and that success rides on the intensity of education, support and feedback loops built into rollouts. “I like to say that our projects, this work, is just 5% technology and 95% the people, process, and change management.” To keep that people focus, the team invites ideas from any staff member and feeds them through a centralized intake, risk scoring, and guardrail process that calibrates assurance requirements to the use case—lighter for back-office productivity tasks, heavier for clinical decision support.
From Pilot to Scale
Mount Sinai runs innovation units to incubate new solutions with enhanced on-the-ground support, then moves promising tools into progressively broader environments once adoption and performance criteria are met. Freeman pointed to an internally developed AI model that flags patients at highest risk for pressure injuries, noting that it outperformed the legacy Braden score used historically by bedside teams. “We’re able to show that we could outperform that with AI,” he said. Early successes, he added, are just a starting point: the team co-designs workflows with frontline users, launches on a single unit, validates onboarding and adherence, and only then phases rollouts across sites.
He described a “silent pilot” pattern for higher-risk clinical use cases: the model runs in real time behind the scenes, its outputs are compared with clinical decisions, and equity checks and operating thresholds are tuned before any intervention reaches clinicians. In parallel, policy requirements spell out expectations for measurement, human oversight, and documentation.

Mouneer Odeh, VP, Chief Data and AI Officer, Cedars-Sinai, is positioning the organization to harness fast-maturing AI while keeping clinical workflow, governance, and scale at the center of decision-making. In a wide-ranging discussion, he traced his path from advanced analytics to enterprise AI, outlined the role of platform vendors versus best-of-breed tools and internal builds, and described how non-IT staff are being trained to co-create agents grounded in Cedars-Sinai policies.
This interview was conducted as part of our recently published Special Report on AI 
Framing data and AI as a single continuum, Odeh said the mission is to accelerate research and discovery, improve patient care, and drive operational efficiency through “data-driven intelligence.” He argued that data quality is the critical differentiator between helpful and hazardous systems, adding, “the difference between AI that behaves like a really good graduate student or a fantastic assistant, and AI that behaves like your drunk friend is quality of the data.” He also emphasized tight linkages with clinical informatics, research leadership, applications, infrastructure, and security so that models can be deployed reliably inside real workflows.
Within the C-suite, Odeh partners closely with the chief health informatics officer and the chief health AI research officer, while maintaining deep ties to applications, technology, and security leaders. He said that collaboration matters because AI is increasingly delivered through applications and agentic interfaces. In his view, bridging operations and technology—while anchoring everything in governance—keeps initiatives focused on adoption and measurable outcomes.
Platform, Best-of-Breed, and In-House: Finding the Mix
At Cedars-Sinai, the AI portfolio breaks roughly into thirds across internal development, platform-delivered capabilities (notably in the EHR), and best-of-breed solutions. Odeh said platform vendors are racing to embed agentic capabilities where clinicians already work, which can compress time to value. He pointed to the EHR’s evolving strategy and observed, “You could almost say that they’re reinventing themselves from a software company to an AI company.” He added that Cedars-Sinai expects platform share to grow as vendor offerings mature, but only where they meet clinical and operational requirements at scale.

To avoid lock-in, Odeh drew a clear line between simplification and dependency. He stressed that Cedars-Sinai will continue to pursue innovative point solutions and internal builds where they offer distinctive value, workflow fit, or earlier availability than platforms can provide. In his words, “I don’t think we’ll ever be all in on just going with the platform play.” He said that whatever the source—platform, best-of-breed, or internal—the output must flow into clinician workflows so that it “feels” native; otherwise, good models will go unused.
From Projects to Products: Governing at Scale
Across deployments, Odeh said implementation now determines impact. He pointed to the shift from one-and-done project management toward product management that sustains engagement, measures use, and iterates based on observed behavior. He argued that customer-relationship skills inside IT are becoming as important as technical depth: without trust and responsiveness, organizations lose momentum, and opportunities to expand successful pilots stall.
He described governance as a practical enabler; multidisciplinary bodies decide who sees what, what actions are expected, how results are interpreted, and when a model is “publish-ready.” He added that informaticists are essential to this work, translating between clinical reality and technical integration so models land in the right place, with the right users,

Chero Goswami, Chief Information & Digital Officer, Providence, is using front line observation, disciplined governance and renewed business-continuity planning to align technology with clinical reality across the seven-state system. In a recent interview, he outlined an approach that favors standard methods where possible, local flexibility where required, and a culture that treats reliability as a clinical imperative.
Goswami emphasizes learning healthcare by “walking the floors,” listening to clinicians and patients before prescribing fixes. He encourages leaders and staff to shadow units, using those sessions to validate how tools are understood and where they fall short. Goswami frames this as a habit rather than a mandate, noting that observations gleaned on rounds often save “50 emails a week” and surface issues that never make it to dashboards or meetings.
On why in-person context matters, he explained: “Work is practiced on the front lines, so how can we understand the value of our work (in IT) if we don’t know how the work is going to be consumed?” That perspective extends to humble problems—like a broken printer—that cause outsized disruption to discharge timing and patient flow. He argues leaders should respond empathetically while still routing fixes through standard processes so ad-hoc “workarounds by title” do not undermine reliability.
Designing for Patients’ Real Needs
Patient-facing technology, he says, should be built with human-centered design, written in plain language, and sensitive to the moments when people are most vulnerable. Goswami cautions that families and patients consume information differently and that systems must present data without overwhelming users. “You have to design the systems in a way that the layperson can understand it,” he said. Goswami also stresses the indirect patient impacts of IT reliability: when a cafeteria register fails during the lunch rush, for example, the line grows, breaks run long, and bedside coverage can thin — creating the risk for small outages to impact clinicians whose time is always at a premium.

Goswami links design choices to system-level outcomes. He urges teams to trace any proposed technology or fix back to the patient within “three hops or less.” That discipline, he argues, shifts conversations from tools to solutions and nudges teams to measure what matters. He adds that modern constraints—crowding in emergency departments and staffing pressures—require workflows and technology to coevolve, not simply graft new tools onto old processes.
Governance, Operating Model and Variations
Enterprise-level governance, Goswami notes, must clarify both what the organization will do and what it won’t. “A true ‘no’ is much better than a fake ‘yes,’” arguing that demand will always exceed capacity and that transparent choices build trust. He is standing up a two-tier structure: system-wide decisions for common processes and platforms, paired with regional governance to honor local regulations and population needs. Governance, he adds, is incomplete without an operating model that assigns ownership, timing and execution methods.
Goswami also separates three kinds of variation that complicate the EHR and its ecosystem: product variation (multiple tools doing the same job), practice variation (different ways of performing the work, sometimes for valid reasons), and performance variation (measurable differences in results). He encourages leaders to examine each type, then elevate the combinations that demonstrably improve outcomes to become the new standard. The corollary is that technology adoption often requires workflow redesign. Goswami cites a guiding maxim he keeps close: swapping modern tools into legacy methods tends to produce a more expensive version of the past unless processes are re-engineered to fit.
Resilience and Business Continuity
System availability remains a constant focus.

Rady Children’s Health is consolidating analytics and AI-enabling services on a governed cloud platform to reduce friction for clinical, operational, and financial users. Caroline Peika, Director, Integration & Analytics, said the program pairs a centralized data environment with a private retrieval-augmented generation chatbot to turn internal documents into reliable answers with citations. The approach aims to raise data quality, clarify ownership, and shorten the path from question to decision for busy hospital teams.
The modernization effort treats the cloud as a curated environment with clear intake rules, lineage, and stewardship. Peika said the operating model sets expectations for source system accountability, common definitions, and documentation so downstream consumers can work from the same reference points. “We put controls around ingestion and transformation so people can trust the outputs that land in shared spaces.” The intent is to move analysts away from duplicate extracts and local spreadsheets toward governed data products that serve multiple use cases across care delivery, finance, and operations.
As the platform scales, she said governance is embedded in routine work. Intake requests must identify owners, business purposes, and refresh patterns; cost forecasting accompanies new pipelines; and role-based access limits proliferation. The result is a single environment that prioritizes reuse, lowers redundancy, and supports rapid provisioning for analytics and data science without sacrificing oversight.
Private RAG Chatbot Surfaces Gaps
The companion initiative is a policy-aware chatbot that answers questions by citing specific passages from approved sources. Peika said the service quickly revealed a familiar challenge: outdated or conflicting policies across departments. “The moment you ask for a citation, you discover where documents are stale, inconsistent, or scattered.”  That visibility becomes a forcing function for departmental clean-up because owners must validate the very sources that power responses.

After the pilot showed value with HR, compliance, and IT policy documents, the team created a feedback loop so users can flag weak answers and request corpus updates. Department leaders now curate their own collections, retire obsolete material, and establish refresh cycles tied to policy review calendars. The chatbot, in turn, reduces email chains and ad-hoc explanations by providing a consistent, searchable record with provenance that stands up to audit.
Buy-or-Build With Continuous Ownership
Commercial platforms help accelerate deployment, yet the enterprise still needs sustained engineering and product ownership. Peika emphasized that vendors can supply components, but health systems remain responsible for validation, corpus hygiene, and upgrades. “Whether you buy or you build, there is always ongoing build.”  That includes re-indexing content as policies change, updating models, and monitoring answer quality as usage grows.
Scope discipline matters. The goal is not to chase feature parity with public assistants like ChatGPT; it is to deliver dependable, governed answers to institutional questions, accept secure file uploads, preserve conversation context within policy, and route feedback into improvement sprints. Peika added that choosing high-value use cases with clear owners increases adoption, because leaders can see fewer interrupts and faster responses for their teams.
Funding, Performance and Resilience
Cloud cost control is a design requirement, something critical with cloud initiatives. Peika said the program bakes in least-privilege access, workload quotas, and spending dashboards to prevent unmanaged experimentation and bill shock. Business partners receive estimates for data movement, storage, and compute before projects begin, aligning expectations with budgets. “Guardrails protect us technically and financially ...

Pallavi Ranade-Kharkar, PhD, Enterprise Director of Research Informatics and Genomics, Intermountain Health, laid out a disciplined approach to AI adoption that balances rising organizational pressure with patient-centered guardrails, emphasizing governance, security, and measurable value for clinicians and consumers.
Health systems are under strain to automate, improve access, and lower costs. National spending projections point upward and boards are pushing digital programs. Against that backdrop, Ranade-Kharkar described a portfolio view of AI—predictive, generative, and hybrid tools—where pilots scale only when they deliver reliable outcomes. “There is tremendous potential for AI to do more, and it’s constantly evolving,” she said, noting that many models still require tight guardrails to prevent errors and protect trust.
Technology budgets already represent a meaningful share of revenue across hospitals, with increases likely as organizations pursue digital health gains. She urged leaders to fund projects that produce tangible clinical and operational results. Overconfidence, she warned, remains a risk in this fast-moving market: “Over reliance on AI can be detrimental.” In her view, executive sponsors should embrace rapid learning cycles while insisting on independent validation and post-go-live monitoring.
Privacy and Security as Table Stakes
The obligation to protect patients and their data sets the tone for every AI conversation. She emphasized that privacy, consent, and security must be integrated into solution design, procurement, and operations. CISOs, compliance, and data leaders should be at the table early and remain involved when tools retrain on fresh data or expand to new use cases. “Data security and patient privacy is everybody’s problem,” adding that governance must clearly assign responsibility for controls, audits, and incident response.

Beyond baseline controls, she called for transparency about model training and validation. Leaders should request documentation that details the datasets used, testing methods, and known limitations, and should insist on bias assessments when deploying to new populations. Policies should require continuous quality monitoring, especially for models that write to the electronic record or influence clinical decisions. In parallel, procurement language should define access, retention, and deletion requirements for any vendor handling patient data or prompts.
Vendor Transparency and Trust
As AI features arrive embedded in routine upgrades, leaders face a new dynamic with long-time vendors. Ranade-Kharkar urged explicit notifications when AI functions are introduced, along with clear instructions for risk review, activation, and controls. She recommended a two-layer test strategy: validate vendor claims on sample datasets and then confirm performance on the health system’s own data before broad release. Trust accrues when partners show their work—how models were trained, how outputs are evaluated, how drift is detected, and how issues are remediated.
She also advocated for human oversight calibrated to the task’s risk. Ambient documentation and meeting-note summarization differ from tools that generate orders or discharge instructions. For high-impact workflows, committees should define required reviewer roles, escalation paths, and thresholds for intervention. For lower-risk automation, product owners can tune prompts, track exceptions, and iterate quickly—while still reporting outcomes and issues to governance.
Measuring Experience,
Turning on technology is not the goal; rather sustained, satisfied use is. She argued for a patient-experience lens that gives as much weight to convenience and clarity as it does to accuracy. Abandonment rates for kiosks, chatbots, and virtual check-in are a leading indicator: if patients quit, the design or flow is failing. Leaders should test these experiences personally an...

Chuck Podesta, CIO, Renown Health, is steering his organization toward an interoperability model that leans on AI “orchestration” rather than large, centralized data repositories—while pairing that shift with tougher data governance and a stronger resilience posture. The three-hospital system in Reno, Nev., which includes an 800-bed regional facility, a community hospital, a children’s hospital and a health plan, is also preparing an AI Innovation Center to accelerate workforce productivity and evaluate clinical tools.
From his vantage point, Podesta sees steady movement but not sufficient progress in connecting health data across vendors and care settings. “We’re still very far behind where we need to be, although with some of the new technologies, especially around AI, there is hope now,” he said, noting that federal rules and vendor advances—such as single-pane patient access features—are nudging the market forward.
He argues that patients’ expectations are setting the bar: they want longitudinal records that travel with them across states and providers. Against that backdrop, he views current cross-system exchange as incomplete and often brittle, even when organizations share the same core EHR. The imperative, he said, is to deliver a unified experience without forcing clinicians or consumers to assemble it themselves.
From Data Lakes to Orchestration AI
Within data strategy, Podesta describes two schools of thought. One approach consolidates information from EHR, ERP and ancillary systems into governed platforms such as data warehouses or cloud analytic environments. That method, he said, can yield trustworthy operational dashboards and support research, but it is expensive and slow to adapt.

He is increasingly focused on a second path: leaving data in place and using intelligent agents to retrieve it on demand. “Orchestration AI leaves the data where it is and uses AI to fetch it, which can be faster and cheaper—as long as governance is sound,” he said. In this model, standards and APIs still matter, but the emphasis shifts to secure access, provenance and auditability at the source, rather than repeated copying into new stores.
Governance, Talent and the Citizen Layer
At Renown, Podesta plans to launch an AI Innovation Center to review EHR-embedded capabilities, enforce data and AI governance, and promote enterprise productivity tools to the full workforce. The near-term goal, he said, is to reclaim time by automating repetitive administrative tasks across departments.
He wants employees closest to the work to help lead that change. “Look at all the mundane tasks you do and figure out how to automate those—not to replace you, but so you can do the work that only you can do,” he said. Early internal analysis showed surprisingly broad, grassroots experimentation with generative tools; thousands of staff interactions with public systems prompted Renown to pursue enterprise licensing and guardrails to protect sensitive information while channeling energy into sanctioned uses.
Podesta also points to “evangelists” already on the payroll—clinicians, analysts and operators who write effective prompts, build lightweight workflows and teach peers. By convening these practitioners inside a formal program, he expects faster diffusion of practical use cases without heavy reliance on consultants or large bespoke builds.
Resilience, Outages and Multi-Cloud Plans
As AI and ambient documentation embed deeper into everyday care, Podesta emphasizes that resilience must advance in step. He expects the industry’s security posture to tilt from detection-and-response toward proven recovery capabilities that keep clinical and business systems available under duress. Recent hyperscale interruptions underscored for him the operational risk of single-cloud concentration and the need to design for failover—between clouds and between cloud and on-premises resources.

Melek Somai, MD, MPH, VP, Chief Technology & Product Officer, Inception Health – the innovation arm of ThedaCare-Froedtert Health, argues that healthcare’s cost and access pressures cannot be solved by staffing alone; they require technology-led redesign of how care is delivered. In a wide-ranging interview, he described why his organization is putting technology at the clinical “front door,” rebuilding workflows with a product mindset, and aiming digital tools at the practical levers of access, scale, and clinician cognitive load.
“Our view is that technology is a tool and capability to drive outcomes,” he said, adding that the objective is measurably better access, quality, and cost.
Technology as the Front Door
According to Somai, the access problem must be confronted directly. Wisconsin faces a primary care retirement wave in the coming decade while patient cost-sharing continues to rise—conditions that suppress demand and strain capacity. He said simply bolting on scheduling widgets or messaging tools will not fix a supply-demand mismatch; if the earliest appointment is 18 months away, a slick interface will not help.
He outlined Inception Health’s answer: lead with digital channels and build the operational infrastructure—people, processes, and platforms—behind them. “We took a model where technology is the front door of the health care service delivery,” he said, noting this flips the traditional pattern in which IT sits behind operations providing support rather than shaping service design. The ambition is anytime, anywhere access that meets consumer expectations without compromising clinical standards.

He emphasized that technology and process cannot be designed separately. Rather than pushing tools into existing clinics, the organization embeds clinicians, clinical informaticians, engineers, and UX researchers on the same product teams to co-develop both workflows and software. Somai said this product orientation differs from time-boxed projects: the work evolves continuously based on outcomes and user feedback.
He added that the approach grew out of early virtual-care attempts that overloaded clinicians—asking them to jump between in-person visits and video or chat, juggling headphones and logins. The friction signaled a process, not a technology, failure. In the product model, care protocols, staffing models, and digital interfaces are engineered together so that the “right” behavior is the easiest one to execute.
Managing Cognitive Load and Change
Somai said sustained adoption hinges on reducing cognitive load for both clinicians and patients. One of his main operating principles is: “Make the right thing easy.” He pointed to preventive care as a test case—if a self-enrollment pathway into evidence-based digital therapy is clinically appropriate, do not require an extra visit to unlock it. Instead, design a one-click path and let the care team monitor progress.
He added that large language models are being tested as assistive layers to suggest appropriate protocols in context and then get out of the way. Early lessons reinforced that “more information” is not inherently helpful; surfacing fewer, more relevant cues can be the better safety and quality strategy. On the patient side, he said the least utilized resource in healthcare is the patient’s own time and motivation. Digital tools should empower patients to complete routine steps at home and reserve appointments for what truly requires human expertise.
According to Somai, the digital-first operating model pushes primary care beyond one-to-one relationships. The vision is a 24/7, team-based service in which technology routes each request—medication refills, preventive care tasks, acute triage—to the right professional at the right time. He said this makes access more convenient, scales scarce clinician capacity, and reduces the “gatekeeper” inefficiencies that force patients through unne...

James Case, VP/CISO, Baptist Health, frames his program around a single theme: balance. Case seeks to harden the enterprise against modern threats while protecting the speed and reliability clinicians require to deliver care. He argues that the test of any control is whether it reduces material risk without creating unnecessary friction at the bedside, in the OR, or across back-office operations.
Identity sits at the center of that balancing act, as credentials have become the preferred path for attackers. He emphasizes automation across the joiner-mover-leaver lifecycle to prevent permission creep and to react instantly when HR records change. “The bad actors are not breaking in as much as they are logging in,” he said.
Case explained that standards are tuned to clinical context rather than imposed uniformly. He pointed to operating suites and other critical areas where default lockouts and session timeouts can undermine safety. He said those settings are adjusted with clinical leaders so authentication never interrupts patient care, yet still records accountability and deters misuse. Case likewise supports risk-based step-ups for higher-sensitivity actions, reserving the strongest checks for activities that create the greatest exposure.
Calibrating MFA, Sessions, and Clinical Context
Multi-factor authentication is treated as a precision instrument. He partners with the CMIO and nursing leadership to map where frequent re-prompts would slow throughput and where stronger verification is warranted. Case measures both attack interception and caregiver experience, using alert volume, prompt frequency, and help-desk trends to recalibrate policies. He summarized the principle: “Security that blocks care is not security.”

Case also ties identity analytics to real-world shifts in duty. He links role changes to automated removals as well as additions so legacy access does not accumulate. He said the organization validates these flows routinely to close gaps created by one-off exceptions, temporary assignments, or vendor on-site work. Case’s team builds dashboards that highlight outliers—accounts with unused elevated rights or unusual access patterns—so remediation becomes a steady operational rhythm.
Consolidation, Costs, and Measured Risk
Platform overlap has become an opportunity to simplify and save. He reviews vendor portfolios regularly to eliminate duplicative features and retire aging tools, freeing funds for higher-value controls such as identity threat detection or improved email defenses. “When we add something, we have to take something away,” he said, noting that every security dollar is ultimately a patient-care dollar.
Case expects vendors to meet that responsibility with transparent pricing and credible roadmaps; in return, he consolidates capabilities where doing so decreases integration burden and sharpens visibility. He evaluates investments through a risk lens that includes patient impact, operational disruption, and measurable reduction in attack paths. Case also experiments in targeted ways—such as considering internal-only mailboxes for specific job codes that have no external correspondence needs—to remove entire categories of phishing risk without touching roles that depend on outside communication.
Governance Built on Shared Accountability
Effective controls stick when business leaders share ownership of risk. He uses formal committees to record decisions and informal conversations to preview impacts, so operational and clinical leaders can surface workflow nuances before a change hits production. Case brings recommendations, not just options, and pairs each with resource and risk implications to make tradeoffs explicit. He views that clarity as essential to keeping both security and service reliable.
Case’s governance model blends documentation with relationships. He ensures privacy, legal, audit,

Adnan Hamid, VP/Regional CIO, CommonSpirit Health, says the next phase of “transforming care through innovation” begins with financial realism: health systems must preserve access for communities while confronting persistent cost pressure. In California, he helps support nearly 30 hospitals and more than 600 clinics inside one of the nation’s largest faith-based systems serving many underserved patients, a mission that requires disciplined prioritization as technology options proliferate.
Hamid said the core challenge is: “No margin, no mission, and no mission, no margin.” He links that equation to a practical planning horizon, noting that organizations—large and rural alike—are reworking strategies to keep doors open amid cuts in aid and rising expenses. Competing priorities are constant, he said, and leaders need credible business cases that protect cash flow and safeguard care delivery.
He said the first filter for any innovation is whether it helps the organization run a steadier operation. That spans both clinical and administrative spheres, but the immediate opportunity often sits in the latter. Executives want staffing relief, predictable revenue, and fewer operational bottlenecks. Success requires clarity about trade-offs, transparent timelines, and the willingness to deliver unwelcome news when a project does not make the cut.
AI’s Near-Term Payoff: Back Office
Hamid views AI as most ready to help in back-office domains, where automation can lift throughput and free time for frontline teams. He ties that to a decade-long shift in which documentation and clicks migrated to caregivers, diluting face time with patients and driving fatigue. “We’ve shifted the technology and administrative burden on to our clinicians,” he said, arguing that early wins should remove tasks.

He added that ambient documentation can be a bridge between patient experience and revenue integrity—but only if it improves coding accuracy and supports compliant billing. That is the heart of the CFO conversation: soft benefits like happier physicians matter, but proof of better documentation and fewer missed charges cements the case. Pilots inside ambulatory clinics have drawn strong clinician interest, and inpatient teams want in; the organization is still collecting evidence before declaring a conclusive result on coding lift. The bar, he said, is balanced impact: better visits, less burnout, and measurable contribution to the bottom line.
Clinically Led, IT-Enabled Execution
Hamid maintains that governance and execution must be owned by care leadership, with IT as an enabling partner. “It shouldn’t be even considered an IT project,” he said of ambient and similar capabilities, calling for CMO and CMIO sponsorship, shared metrics, and unified messaging to finance leaders. Physician champions, he noted, are often more persuasive than technologists when stakes are high and budgets are tight.
He described the CIO’s craft as relationship management across finance, clinical, and operations. Being proactive—returning from CHIME and other forums with concise, relevant trend summaries—builds trust when priorities collide. Partnerships with medical and nursing informatics expand expertise and speed decisions. Generative-AI tools can supplement research, but credibility still rests on judgment, clear trade-offs, and the integrity to say no when resources are constrained.
Interoperability and Legacy Workflow Reality
Hamid acknowledged meaningful progress since the Meaningful Use incentive era but warned that data exchange remains uneven across platforms and even across instances of the same EHR. Health information exchanges help, yet standardization is incomplete, leaving variation that complicates quality reporting, population health, and AI training data. He is optimistic about the trajectory but expects a long journey.
He cautioned against dreaming of starting from a clean slate,

Priti Patel, MD, CMIO, John Muir Health, is steering a measured expansion of AI from long-running predictive models to newer generative tools, pairing administrative relief with cautious governance and education for clinicians and patients. Under her direction, the system has deployed ambient scribing across ambulatory practices and is extending that footprint to inpatient and emergency settings while evaluating voice agents for call centers and care navigation.
This interview was conducted as part of our recently published Special Report on AI 
Early AI investments at the Walnut Creek–based health system centered on risk prediction — clinical deterioration on inpatient units, opioid risk scoring and readmission risk — before pivoting in the last two years toward generative tools that reduce documentation burden. Patel described how ambient scribing, launched in ambulatory clinics, has cut after-hours work and improved the patient visit experience. “Now all of our physicians in the ambulatory setting are able to utilize ambient AI for their visits,” she said, noting the program is expanding to inpatient units and the ED.
As that footprint grows, she is widening the use beyond physicians. Patel is assessing opportunities for nursing, case management, nutrition services and revenue cycle teams, where drafting denial letters, appeals and prior-authorization materials consumes valuable time. She also is piloting simple automations for call-center tasks such as scheduling and medication refills, with an eye toward easing access and standardizing service levels.

Adoption, Training and Human-in-the-Loop
Securing adoption has required segmenting the medical staff and letting data do the persuading. Patel said roughly a third of clinicians embraced ambient scribing immediately, while a “middle third” responded once they saw comparative metrics on documentation time and after-hours work. To support safe use, she is embedding basic AI literacy into training — what the tools do, how they produce text, and why outputs must be reviewed. “With any technology, the end user requires the why, the support, and then the ongoing feedback on how things are going,” she said.
Chart summarization and inbox assistance are next on the roadmap. Patel expects those features to help clinicians rapidly surface relevant history and draft patient messages, though she emphasizes a human-in-the-loop standard. She and her team track tell-tale signals — such as how often physicians edit generated drafts — to ensure users remain engaged reviewers rather than passive approvers. In her telling, this is both a safety practice and a change-management tool: visible, iterative improvement builds confidence.
Pilots, Momentum and Governance
Managing the pace of experimentation has become a strategic question. She has seen how disappointing early experiences can drain momentum — especially among previously enthusiastic “champions” — and make later re-engagement difficult. Patel’s remedy is to cap the number of simultaneous pilots, reserving trials for offerings that are clearly not yet mature, while moving straight to broader rollouts for proven solutions already working in peer organizations. “Pilots are very resource-intensive, time-intensive, and require a lot of collaboration between teams,” she said, adding that too many at once can exhaust scarce clinical time and trust.
That posture aligns with John Muir Health’s identity as a community-based system willing to lead selectively. Patel will back first-mover efforts when they target high-priority problems — burnout and documentation burden drove the early ambient-scribe push — but she otherwise prefers to be a fast follower, drawing on the experiences of academic centers and innovation programs.

At Children’s Hospital of Philadelphia, Epic-integrated AI continues to do what humans rarely can at the tail end of long patient visits: captures every detail, improves coding accuracy, and eases the documentation burden. Greg Lawton, MD, EHR Medical Director – CHOP Primary Care, Children’s Hospital of Philadelphia, describes a measured path to deploying generative AI inside the EHR, emphasizing workflow fit, role-specific value, and disciplined change management.
Lawton also explains how CHOP is piloting AI-assisted portal replies and auto-generated patient summaries, with early signals of improved documentation quality and clinician experience.
First Attempts
At CHOP, a small early pilot with a third-party ambient tool proved instructive: the team concluded that sustained value would require tight EHR integration. Lawton’s group subsequently focused on Epic-embedded capabilities and met with the vendor weekly to tune behavior based on pediatric workflows and pilot feedback. “It really needs to be integrated into Epic,” he said, describing lessons from the initial test and the logic for shifting to platform-native features.

He added that the cadence and transparency of Epic’s roadmap allowed CHOP to advance without feeling behind more aggressive adopters of standalone tools. Lawton also pointed to a cultural posture at CHOP—innovative but cautious—that enabled pilots to run long enough to surface role-specific value, especially for nursing. He noted that this patience helped the team validate outputs, confirm an absence of hallucinations in production-grade features, and avoid overpromising benefits to clinicians before the evidence was in.
Pilot Design, Cohorts, and Change Management
Choosing the right early users is central to the method. As Lawton explained, pilots begin with clinicians who stress-test functionality and workflow integration.

“We tend to choose people who are enthusiastic but skeptical,” he said, explaining that the goal is rigorous feedback. He added that activation typically starts at the individual level and then moves to division-level rollouts when technical controls require it (for example, enabling across cardiology or pulmonary). Lawton described a playbook for scaling: concise how-to videos to fit into busy days; brief live Q&A sessions; and clear expectations that tools are optional when benefit varies by user.
He noted that ambient will not suit every documentation style—fast typists or heavy dictation users may see less gain—yet that is acceptable if the net effect across the network is positive. Lawton emphasized that CHOP’s informatics structure matters: specialty-aligned physician champions translate features into the nuances of each clinic’s workflow, while the primary-care organization focuses on simplifying steps across 31 sites and nearly 300 clinicians.
Measured Impact: Messages, Summaries, and Ambient
CHOP’s first at-scale win came from AI-assisted replies to patient portal messages. Lawton’s team found that nurses—often the first to triage inbound messages—saved 20 to 25 seconds per message, a cumulative gap-closer in high-volume ambulatory settings. He said the organization did not rush the feature; it validated draft quality, monitored error risks, and directed adoption first to the roles that benefitted most.
“We’ve not found hallucinations,” he said, a point he credits to the combination of measured rollout and close vendor feedback loops.
He added that patient summaries, generated “overnight” for the next day’s schedule, condensed roughly 15–16 notes into a five-to-six-sentence briefing. Lawton reported that nearly half of surveyed clinicians learned something they otherwise would not have known before entering the exam room unless they invested significant time in manual chart review. He noted the fit is best for those who pre-chart; for “knock-and-go” clinicians,

Amid an era of exuberance around AI, John Halamka, MD, President, Mayo Clinic Platform, notes that the apparent “suddenness” of its appearance masks a long arc of work. “This is a overnight revolution, 50 years in the making,” he said, noting that today’s breakthroughs rest on decades of progress in compute, storage, and tooling—combined with a sharp cultural shift that followed the debut of consumer-facing chatbots in late 2022.
This interview was conducted as part of our recently published Special Report on AI 
A 50-Year ‘Overnight’ Shift
According to Halamka, three forces made the current moment possible: technology, policy, and culture. On the technology front, cheap teraflops and near-limitless storage have turned once-exotic experimentation into routine engineering. On policy, multi-stakeholder efforts—such as industry coalitions—now offer guidance on where AI should be used, how it should be validated, and what guardrails are necessary. On culture, he pointed to the mainstreaming of AI discussions across boardrooms and clinical leadership after late 2022, which brought new investment and urgency. The practical upshot, he said, is that products are rolling out quickly not because teams are rushing, but because much of the foundation was built over decades.
Executives Want Outcomes, Not Hype
He said the ask from hospital C-suites is not “give us AI,” but “help us solve business problems.” Thin margins, staffing challenges, and clinician burnout dominate agendas; technologies are judged by their ability to relieve those pressures. “Does a single one of them tell me they need AI? No.” Instead, leaders are looking for ways to improve documentation accuracy and reimbursement, reduce administrative burden so clinicians can work at the top of their license, and extend scarce specialist expertise via model-driven augmentation. He noted that ambient listening has become table stakes in many markets; systems without a credible program risk falling behind peers that are already reducing after-hours charting and improving note quality. The unifying theme, he added, is to map AI initiatives to a health system’s declared strategic objectives rather than letting novel tools dictate the agenda.
Governance, Validation and Risk
In Halamka’s view, governance for AI must be purpose-built for the realities of statistical systems deployed in heterogeneous populations. FDA clearance (for software as a medical device) is important, but insufficient on its own. Local verification—safety, fairness, appropriateness, and effectiveness on an organization’s patients—is essential. “There has to be some validation or qualification for your local population,” he said. Clinical adoption also requires change management; physicians are rarely persuaded by novelty alone. He emphasized proving that new tools save time, improve quality, or lift patient satisfaction.

The risk discussion extends beyond cybersecurity to operational and clinical consequences of model-driven decisions. He encourages leaders to work in communities of practice—industry consortia and trusted forums—to share evaluation methods, bias assessments, and post-deployment monitoring approaches. On the technology pattern front, he differentiated predictive systems (pattern-matching over large cohorts) from generative systems (language-based outputs with variable accuracy) and from agentic orchestration (where systems can take actions). He advised calibrating autonomy to risk: allow automation for low-stakes workflows, require human-in-the-loop for higher-stakes tasks, and avoid fully autonomous control in settings like device dosing.
Designing for Flexibility—and Scaling Beyond Pilots
He advises organizations to architect with modularity so they can swap components as vendors and techniques evolve.

Kerry Bommarito, PhD, VP, Enterprise AI and Decision Intelligence, Mercy, says the health system’s AI agenda begins with the enterprise plan, not shiny tools. After the executive team sets five organization-wide OKRs each fiscal year, work streams cascade to accountable leaders; Bommarito is a trustee on a key result aimed at revenue-cycle improvements through automation and AI. Early priorities include denials, prior authorization, and the handoffs that follow patients from testing approval to billing—areas where technology can ease staff burden while improving patient experience.
This interview was conducted as part of our recently published Special Report on AI 
She emphasizes that scoping starts with problems, not platforms: define the operational objective, then assess whether analytics, workflow standardization, an EMR build, or AI is the right lever. Bommarito argues that this discipline helps avoid scattering resources across ill-fitting pilots and keeps scarce engineering time directed at material value. “AI can’t solve for everything. Obviously, there’s a lot that AI can do. But there’s a lot that it can’t,” she said, noting that even solvable problems may be better addressed via vendor partnerships rather than internal builds, depending on time-to-value and maintainability.
Data Quality and Vendor Realities
Bommarito links solution choice to data readiness. She points to the basics—consistent entry in the EMR, standardized phrases, and workflow uniformity—as determinants of how well downstream technologies can operate. In her view, vendor implementations falter when assumed data specifications collide with site-specific realities. She notes that health systems must pressure-test those assumptions up front and manage to their own data-gathering and governance norms. To that end, she recommends pairing informaticists and operational leaders with engineers throughout discovery so the team can see how documentation patterns and exception paths shape model inputs and outputs.

Governance as a Separate Track
She describes Mercy’s structure as deliberate: the enterprise data and AI office, along with AI governance, sits outside the core IT organization. Dedicated reviewers examine vendor model cards and track compliance with responsible-AI practices; Mercy also embeds AI notification requirements in contracts so suppliers cannot “flip on” new capabilities without an evaluation window. “I think AI governance, depending on how an organization is set up, it should be a standalone process,” Bommarito said. The aim, she adds, is not to block upgrades but to synchronize AI checks with security and IT change controls, ensuring transparency for clinicians and clarity on intended versus unintended uses.
Regulation, Risk, and the Human in the Loop
She draws a firm line around clinical safety. Any feature that could function as a medical device must be reviewed for FDA implications, and large language model use in clinical contexts should retain a human in the loop. Education is essential: clinicians need to know what a tool is—and is not—designed to do, how it reached a recommendation, and where limitations lie. That responsibility, she notes, cannot be outsourced to a marketing label. “It’s still your responsibility because you’re the one using the tool,” adding that health systems must validate governance posture even when a vendor asserts its product is not a regulated device.
Pilots Built for Scale
Bommarito views the word “pilot” as a signal for engineering prudence, not a license for one-offs. Internally developed efforts are architected as platforms—reusable microservices and agents—so that a successful proof of concept in one service line can expand quickly to others. Mindset prevents “throwaway” code and accelerates scale once value is ...

Michael Weiss, MD, Associate CMIO, Memorial Healthcare System; and Assistant Medical Director Pediatric Emergency Medicine Joe Dimaggio Children’s Hospital, is leading a push to curb idiosyncratic documentation that can undermine quality, compliance, and the value of emerging AI. In a wide-ranging discussion, he described a “Rogue Note” campaign that preserves clinician flexibility but insists that safety-critical information live in consistent, discrete fields that analytics and automation can actually use.
Emergency departments generate towering documentation volumes under intense time pressure. Custom note templates—often crafted by well-intentioned power users—were skipping standardized fields tied to mandatory screenings, regulatory reporting, and revenue integrity. That variability made it harder for quality teams to track performance in real time and jeopardized the data hygiene required for reliable decision support. Instead of revoking personalization outright, the initiative targets the few elements that must never be buried in free text—suicide risk screens, validated scores, time-sensitive care pathways—and anchors them directly inside the note.
Weiss has made cognitive load the design starting point. He argues that clinicians should not be asked to memorize dot phrases or manual shortcuts to ensure compliance. As he put it, “Don’t ever ask me to remember a smart phrase… Ask me to remember a dot phrase isn’t the best use of my cognitive powers.” That lens also shapes communication: rather than post-hoc audits weeks later, frontline teams see, in the moment, whether required items are present and where they belong in the chart.
Workflow-Embedded Triggers Over Memory Aids
Dynamic documentation—logic that pulls from discrete EHR signals to surface the right fields at the right time—sits at the center of the program. When a patient presents with undifferentiated chest pain and orders such as an EKG and troponin are placed, the note automatically calls for a HEART score before sign-off. That design moves compliance away from memory-dependent prompts toward data-driven nudges that appear only when clinically relevant. The result is fewer interruptive alerts, more consistent capture of critical data, and a cleaner foundation for quality reporting.

Weiss is candid about the limits of traditional alerts. Many organizations suffer low response rates because the tools fire too often or at the wrong moment. By contrast, workflow-specific prompts—surfacing inside the note and only when pertinent orders or diagnoses exist—prove far more effective. “Most health care systems are happy with 25%, 30% success rate,” he said, arguing that success requires re-engineering when and where guidance appears rather than multiplying warnings that clinicians learn to ignore. He also champions real-time routing of documentation fallouts to quality leaders, enabling at-the-elbow support within the same shift rather than retrospective remediation.
Balancing Standardization, Personalization, and AI Readiness
Ambient documentation and other AI-enabled tools are arriving quickly, but their usefulness depends on standardized, machine-readable data. That places new urgency on where information lives in the note. Personalization still matters—clinicians process information differently, and local teams should not feel boxed into a single presentation—but the backbone must be stable. Scores, mandatory assessments, time-bound tasks, and key orders need consistent, discrete capture tied to Epic Foundation wherever possible. When those anchors are in place, ambient tools and large models can generate summaries and suggestions without drifting into error-prone copy-paste workflows.
He favors vendor-integrated approaches that write natively into the chart over tools that require clinicians to shuttle text between windows. Copy-paste creates risk, including accidental placement in the wrong recor...

Health systems that have implemented ambient AI technology often face a familiar challenge: ensuring consistent adoption and maximizing its value across diverse clinical roles. This webinar will examine strategies IT leaders can use to assess, measure, and improve ambient AI utilization, from high-level workforce analytics to role-specific and individual provider engagement. Panelists will discuss methods for identifying adoption gaps, tailoring interventions for high-impact clinicians, and balancing broad educational initiatives with personalized, at-the-elbow support. The conversation will also explore approaches for onboarding new staff, refining training for existing users, and leveraging data-driven insights to sustain long-term adoption gains.
Speakers:

* Zafar Chaudry, MD, SVP – Chief Digital Officer & Chief AI and Information Officer, Seattle Children’s
* Nancy Cibotti-Granof, MD, Associate CMIO, Beth Israel Lahey Health
* Dr. Thomas Kelly, Co-Founder & CEO, Heidi Health

In a wide-ranging interview, John Lee, MD, Emergency Physician, Edward Hospital Naperville; Informaticist, & Epic Consultant, outlined a disciplined approach to getting more value from Epic while preparing for an AI-enabled future. He emphasized that health systems are still leaving significant capability untapped, urged CIOs to define firm boundaries for customization, and described how consolidating instances after mergers unlocks operational and analytics gains that are otherwise difficult to realize.
Epic Usage and the Case for Foundation
Asked how deeply health systems use Epic, Lee estimated that adoption remains limited: “Most Epic organizations are probably using somewhere less than 25% of the utility of Epic.” He tied the gap to a mix of over-customization, restrictive analytics policies and uneven data governance. Foundation—Epic’s design specification for standard build—serves as a guardrail, he said, because it preserves the underlying configuration and data structures that fuel analytics, benchmarking and new features that increasingly arrive “turnkey” only when the foundation pattern is respected. He expects the platform’s AI roadmap and Cosmos data to magnify this effect by embedding model-driven insights directly into clinical workflows; to benefit, organizations must keep their builds aligned with the structures those tools assume.
He has seen how replicating legacy workflows can make early adoption feel easier yet degrade performance later. In one example from the emergency department, duplicating a proprietary chief-complaint list made it harder to use Epic’s standard protocols and comparative analytics. The remedy, he said, is not scorched-earth standardization but a smart configuration strategy: use synonyms and behind-the-scenes mapping so clinicians can search familiar terms while the system stores and reports on foundation-aligned data. That approach lowers friction for users but protects cross-system comparability and decision support.
Mergers, Consolidation, and Data Leverage
Amid ongoing consolidation, Lee said the economics of platform value become unavoidable. “If you are trying to operate across three instances of Epic, you have basically negated a huge chunk of the value of Epic.” He described the short-term pain of rebuilding as the price of long-term integration: moving from multiple instances to one reduces transactional friction, simplifies configuration, and turns analytics into a single source of insight that can drive shared protocols and operational playbooks across the enterprise.

He noted that even “clean” foundation builds at two separate organizations tend to drift over time, complicating efforts to harmonize order sets, clinical pathways and quality measures. Foundation, moreover, is a design pattern, not a prebuilt product; teams still have to build, but the specification yields normalized data and configurations that travel well. Consolidation also streamlines the data layer: rather than reconciling separate warehouses (such as parallel Kaboodle environments) and mapping metrics post hoc, a single instance supports one model of truth for outcomes tracking and compliance monitoring.
Customization Boundaries and Governance
For customization decisions, Lee argued that leaders need a consistent rationale for when to deviate from foundation, grounded in clinical and operational benefit and mindful of technical cost. “You have to know where to fight that fight and where to try to preserve as much of the Epic foundation as possible.” He encouraged CIOs and CMIOs to pair that principle with stronger operational and clinical data governance so that configuration choices serve enterprise goals, not just local convenience.
He pointed to staffing as a leverage point: physician builders and clinically fluent analysts reduce rework by translating intent into architecture and avoiding cycles of unclear tickets and misaligned des...

Eric Poon, MD, MPH, Chief Health Information Officer, Duke University Health System, described how the organization is moving AI from scattered experiments to an operating discipline aligned with enterprise strategy. Poon outlined a single intake for technology decisions with added lifecycle oversight when AI is involved, and a bias toward evidence-based scaling. He said the approach ties investments to access, quality, and margin goals while creating room to evaluate, expand, or sunset tools based on outcomes.
This interview was conducted as part of our recently published Special Report on AI 
At Duke, AI initiatives flow through the same front door used for other technologies; once green-lit, a dedicated AI governance function sets guardrails for pilot design, risk tiering, and long-term monitoring. He positioned governance as a means to an end: an operating model that brings the right stakeholders together and resists one-off experiments that cannot survive contact with real workflows. “AI is not just exciting. It is here,” Poon said, adding that lessons from traditional IT governance apply directly to AI oversight, especially around business ownership and accountability.
He emphasized that centralized review does not preclude distributed decision-making; instead, domain teams are equipped to consult like operators, clarifying the problem to solve, success criteria, and integration points before requests advance.
Choosing the Right Problems
Use cases are filtered through enterprise priorities first—people, growth, access, quality, and operating margin—then narrowed to domains where AI can materially shift results. He highlighted two concentration areas: an inpatient innovation unit that functions as a living lab for care redesign, and a revenue-cycle track aimed at operational complexity and margin improvement.

Poon noted that these areas of focus do not fence out other proposals; rather, an innovation clearing function is being formalized to steer buy-build-partner choices as new ideas surface across service lines. He emphasized that enthusiasm alone is insufficient to proceed, and foundational diligence remains consistent no matter how a tool is introduced—whether through a net-new proposal or bundled inside a routine vendor upgrade.
Piloting at Meaningful Scale
A recent ambient documentation evaluation illustrates Duke’s playbook: crossover pilots, a sizable clinician cohort, and metrics that capture satisfaction, burnout, quality, and productivity signals. He said scale matters because credible internal evidence fosters advocacy, which in turn eases funding and change-management decisions. Poon also pointed to a disciplined test-and-learn posture: time-boxed pilots, clear hypotheses, transparent costs, and predefined go/no-go checkpoints. “You need to kiss a lot of frogs in order to find your prince or princess,” he said, framing fail-fast not as a license for ad hoc experimentation but as a commitment to evidence.
He added that technology leaders are coached to consult like operators before pilots launch: confirm the problem, assess workflow fit, identify change-management lift, and screen for security maturity. Poon emphasized that not every requestor is the right problem owner, and early conversations often surface a mismatch between a proposed tool and the realities of downstream adoption.
Building Readiness and Managing Change
Beyond tooling, Duke is weaving AI literacy into professional development and policy. He described published guidance on generative AI that emphasizes professional responsibility, known failure modes, and use of approved platforms. Poon said leaders are actively debating how to embed AI education into annual clinical training and how to detect over-reliance signals in production,