Comment by athenot

You're being downvoted but yes, this is about risk mitigation. The IT department at a health care organization has to balance matching the requirements of payers, admins and clinical staff, do so in a way that fits inside the allocated budget, and de-risk the unknowns as much as possible.

Even if the vendors are only half accurate about the solution they offer, by being paid suppliers, they are on the hook (to varying degrees). These systems are highly customized and serious headaches arise from interoperability and security. If some of that can be shifted to a vendor, it's a net positive insofar as the IT department and the compliance departments are concerned.

Some healthcare organization have invested in the technology side and become leaders in innovation but those are the exception.