Blog
← Back to Blog
September 10, 2023 general

Twelve Years: AI Arrives in Healthcare IT

Twelve year anniversary with AI arriving in healthcare IT

Twelve years. September 10, 2023. Robell Technologies anniversary comes in a year dominated by artificial intelligence tools entering mainstream healthcare and professional services.

ChatGPT launched November 2022. By September 2023, AI tools are everywhere. Here's what year twelve taught us about AI in healthcare IT.

AI Tools Went Mainstream

2023 was the year AI stopped being experimental and became practical tools practices actually use:

Documentation and Summarization

AI tools that summarize patient encounters, draft clinical notes, and extract key information from documents. These save time but require human review.

Patient Communication

AI-powered chatbots for appointment scheduling, answering common questions, pre-visit screening. Effective for routine interactions.

Legal Research and Discovery

AI tools for legal research, document review, and e-discovery analysis. Faster than manual review but requiring lawyer oversight.

Administrative Automation

AI for insurance verification, billing code suggestion, scheduling optimization. Reduces administrative burden when implemented carefully.

AI Created New Security Challenges

Data Privacy Concerns

Many AI tools send data to cloud services for processing. Patient data going to third-party AI services creates HIPAA compliance questions.

We helped practices evaluate which AI tools have proper Business Associate Agreements and data handling.

Hallucination Problem

AI tools sometimes generate plausible-sounding but incorrect information. In healthcare and legal contexts, this is dangerous.

Human review of AI output is essential, not optional.

Prompt Injection Risks

If AI tools are integrated into practice workflows, they can become attack vectors through carefully crafted prompts designed to extract information or cause problems.

Cloud Adoption Continued

The trend toward cloud services continued in year twelve:

Cloud-Native Practices

New practices starting in 2023 are often entirely cloud-based from day one. No local servers, no on-premise infrastructure.

Legacy Migration

Established practices continued migrating from on-premise to cloud, though some kept hybrid approaches for specialized systems.

Multi-Cloud Complexity

Practices now use services from multiple cloud providers. Office 365, AWS, cloud backup services, specialized healthcare SaaS platforms.

Managing identity, security, and integration across multiple clouds is challenging.

Cybersecurity Threats Evolved

AI-Powered Attacks

Attackers use AI too. Phishing emails generated by AI are more convincing. Voice cloning for phone scams sounds real.

This requires better security awareness training focusing on verification procedures, not just recognizing "bad" emails.

Supply Chain Attacks

Attacks targeting vendors and software supply chains increased. One compromised vendor affects dozens of practices.

Ransomware Industrialization

Ransomware operations now run like professional businesses: customer service, negotiation teams, data leak sites.

This makes prevention and preparation more important than ever.

Compliance Requirements Expanded

State Privacy Laws

More states enacted comprehensive privacy laws following California's lead. Practices operating across state lines face complex compliance requirements.

AI-Specific Regulations

Early regulatory guidance on AI use in healthcare emerged. More will come, but practices using AI now need to think about documentation, oversight, and ethical use.

Cyber Insurance Hardening

Cyber insurance policies require more security controls: MFA mandatory, EDR tools required, security awareness training documented, incident response plans tested.

Practices without these controls can't get affordable coverage.

What We Implemented

AI Tool Vetting

We developed processes for evaluating AI tools practices want to use: HIPAA compliance, data handling, Business Associate Agreements, security architecture.

Enhanced Monitoring

More sophisticated security monitoring using AI-powered threat detection. Catching anomalies faster than rule-based systems.

Zero Trust Architecture

Moving clients toward zero-trust security models: verify everything, trust nothing by default, limit access continuously.

What's Working

Proactive Security

Practices with proactive security monitoring, regular updates, and security awareness training avoided successful attacks even when targeted.

Cloud Flexibility

Cloud-based practices adapted to changes faster than those dependent on on-premise infrastructure.

Documented Processes

Practices with documented IT processes, security policies, and incident response plans handled challenges better than those improvising.

What's Challenging

Keeping Current

Technology changes faster than ever. AI tools evolve monthly. Security threats adapt continuously. Staying current requires ongoing education and attention.

Vendor Complexity

Practices now depend on dozens of cloud services and SaaS vendors. Managing relationships, security, and integration is increasingly complex.

Staff Capability Gaps

Technology evolves faster than staff training. Bridging the gap between new capabilities and staff ability to use them effectively is ongoing challenge.

Looking Ahead

Year thirteen will likely bring:

We're preparing by developing AI expertise, expanding security capabilities, and staying current on emerging regulations.

Thank You

Twelve years of serving Arizona healthcare and professional practices. Some clients have been with us the entire journey. Others joined along the way. All make this work meaningful.

To our clients: thank you for trusting us to navigate technology changes, security challenges, and emerging tools like AI alongside you.

To practices considering working with us: we specialize in healthcare and professional services IT with deep expertise in HIPAA, security, and the specific workflows of your industry.

Here's to year thirteen and whatever new technologies it brings.