KLAS Research characterized partnership and responsiveness as key drivers of customer satisfaction
Epic Systems has bolstered its status as the dominant player among vendors of electronic health records (EHR) software, winning nearly 70% of new hospital contracts in 2024. Most, if not all, of these rollouts will include clinical laboratory data imported into the EHR system.
According to a recent market share report from KLAS Research, Epic added a net 176 acute care multispecialty hospitals in 2024, marking its largest-ever annual net gain, KLAS reported. Meanwhile, Epic’s largest rival, Oracle Health, saw a net loss of 74 hospitals during the year. Meditech, the No. 3 EHR vendor, saw a net decline of 57 hospitals.
The report, titled, “US Acute Care EHR Market Share 2025,” was based on interviews with healthcare organizations as well as data from vendors and other sources, KLAS said.
“Across all vendors, the level of partnership has emerged as a key differentiator,” KLAS stated in its report. “A vendor’s reputation for listening to customers, taking feedback, and implementing requested changes greatly impacts customer satisfaction—often translating to gains in overall market share.”
In their KLAS report, authors Bradley Hunter (left) and Paul Warburton (right) wrote, “Though still high overall, acute care EHR purchase energy slightly cooled in 2024. Health systems continued to drive most of the decisions.” Photo copyrights: KLAS Research.)
Drivers of Epic’s Success
Among large health systems—defined as those with more than 10 hospitals—KLAS noted the following market share for EHR vendors:
Epic—48%.
Oracle—27%.
Meditech—15%.
All other EHR vendors—10%.
Among all acute care hospitals, Epic’s market share is 42.3% compared with 22.9% for Oracle and 14.8% for Meditech.
Epic also dominates in terms of percentage of hospital beds, with a 54.9% market share compared with 22.1% for Oracle and 12.7% for Meditech.
Overall, acute care EHR purchases declined in 2024, as 272 hospitals bought an EHR system, compared with 319 in 2023, KLAS reported.
The report attributed Epic’s success to “the stability and interoperability capabilities of the product as well as generally high satisfaction among current customers. Beyond strictly technological considerations, Epic’s reputation for customer partnership has brought them to the forefront of most EHR considerations.”
Oracle’s Market Decline
For the first time, Oracle declined to offer a list of new contracts, KLAS reported. To arrive at its estimates for the company, KLAS said it used “publicly available resources and our standard internal research methods.”
What accounts for Oracle’s market decline? “As has been the case historically, healthcare organizations continue to cite poor partnership and a lack of follow-through on promises as some of their biggest concerns,” KLAS reported, adding, “While many Cerner customers hoped the 2022 acquisition by Oracle Health would lead to relationship improvements, the vendor’s loyalty and relationship ratings have dropped over 10 points since November 2021 (just before the announced acquisition).”
On the other hand, current and potential Oracle customers have expressed “cautious optimism” due to recent technology developments, KLAS reported, including rollouts of Clinical AI Agent, Seamless Exchange, and Oracle Cloud Infrastructure, plus announcements of a new EHR system and patient portal.
“More than one-third of customers report that over the last six months, there has been a positive change in the vendor’s execution/delivery,” KLAS reported. “This represents a notable change from the overall sentiment during the last couple of years.”
New EHR installations may require new laboratory information system upgrades and interfaces
Electronic health record (EHR) systems continue to be one of the costliest investments healthcare providers can make. And the company that holds the largest portion of the EHR market is Epic, with anywhere from 36% to 44%, according to various published reports and research briefs.
Healthcare executives remorseful about the cost of their hospital’s EHR may take solace in Becker’s Health IT’s recent list of the “most expensive” Epic EHR installations. It is common for the largest projects to cross the $1 billion mark.
Clinical laboratory leaders tasked with interfacing their hospital’s laboratory information system (LIS) with their healthcare system’s EHR may find the following information useful. The investment in time begins months before the actual EHR implementation.
One example is Lake Charles Memorial Health System (LCMHS) Lake Charles, La. In a blog post, the health system reported that it took 18 months for its physicians, clinicians, and staff to prepare for the installation of their new Epic MyChart EHR.
“There are lots of things we wish our customers would do to make sure their system runs well. Making sure every user is trained, for example. Putting in upgrades quickly. Making sure that the hardware runs fast enough,” wrote Judy Faulkner, Epic founder and CEO, in an Epic blog post.
“The LCMHS staff and physicians have championed this project from the beginning, and I have them to thank for the success of this EMR transition and look forward to seeing the positive impacts as we settle into the operational changes and new experiences Epic brings Lake Charles Memorial Health System and those we serve,” said Devon Hyde (above), President and CEO of Lake Charles Memorial Health System, about the provider’s transition to a new Epic MyChart EHR. (Photo copyright: Lake Charles Memorial Health System.)
Top 10 Most Expensive Epic EHR Installs of 2024
While Becker’s noted that the following compilation is “not an exhaustive list,” here’s its list of the top 10 most expensive Epic EHR projects based on publicly available sources.
KLAS reported that among the healthcare leaders KLAS interviewed:
27% had “an above-average EHR post-implementation” likely due to “providing technological foundation needed” at go-live, while,
40% said implementation of the EHR “had significant misses” and,
22% reported “average satisfaction with room for improvement.”
Providing staff with adequate training may smooth the way for new EHRs, according to the KLAS report. “Often, leaders wish they had invested in more training time and workflow-specific training in the context of patient care,” the authors wrote.
New EHR May Mean New LIS
Pathologists and clinical laboratory leaders may need to transition the laboratory information system (LIS) when the healthcare organization moves to a new EHR. At the very least, new interfaces will be required.
While a new EHR and LIS requires significant investments, they also provide opportunities for needed upgrades, competitive advantage, and security.
Nearly 100,000 patients submitted saliva samples to a genetic testing laboratory, providing insights into their disease risk
Researchers at Mayo Clinic have employed next-generation sequencing technology to produce a massive collection of exome data from more than 100,000 patients, offering a detailed look at genetic variants that predispose people to certain diseases. The study, known as Tapestry, was administered by doctors and scientists from the clinic’s Center for Individualized Medicine and produced the “largest-ever collection of exome data, which include genes that code for proteins—key to understanding health and disease,” according to a Mayo Clinic news release.
For our clinical laboratory professionals, this shows the keen interest that a substantial portion of the population has in using their personal genetic data to help physicians identify their risk for many diseases and types of cancer. This support by healthcare consumers is a sign that labs should be devoting attention and resources to providing these types of gene sequencing services.
As Mayo explained in the news release, the exome includes nearly 20,000 genes that code for proteins. The researchers used the dataset to analyze genes associated with higher risk of heart disease and stroke along with several types of cancer. They noted that the data, which is now available to other researchers, will likely provide insights into other diseases as well, the news release notes.
“What we’ve accomplished with the Tapestry study is a blueprint for future endeavors in medical science,” said gastroenterologist and lead researcher Konstantinos Lazaridis, MD (above), in the news story. “It demonstrates that through innovation, determination and collaboration, we can deeply advance our understanding of DNA function and eventually other bio-molecules like RNA, proteins and metabolites, turning them into novel diagnostic tools to improve health, prevent illness, and even treat disease.” Some of these newly identified genetic markers may be incorporated into new clinical laboratory assays. (Photo copyright: Mayo Clinic.)
How Mayo Conducted the Tapestry Study
One notable aspect of the study was its methodology. The study launched in July 2020 during the COVID-19 pandemic. Since many patients were quarantined, researchers conducted the study remotely, without the need for the patients to visit a Mayo facility. It ran for five years through May 31, 2024. The news release notes that it’s the largest decentralized clinical trial ever conducted by the Mayo Clinic.
The researchers identified 1.3 million patients from the main Mayo Clinic campuses in Minnesota, Arizona, and Florida who met the following eligibility criteria:
Participants had to be 18 or older,
they had to have internet and email access, and
be sufficiently proficient in speaking and reading English.
More than 114,000 patients consented to participate, but some later withdrew, resulting in a final sample of 98,222 individuals. Approximately two-thirds were women. Mean age was 57 (61.9 for men and 54.3 for women).
“It was a tremendous effort,” said Mayo Clinic gastroenterologist and lead researcher Konstantinos Lazaridis, MD, in the news release. “The engagement of such a number of participants in a relatively short time and during a pandemic showcased the trust and the dedication not only of our team but also of our patients.”
He added that the researchers “learned valuable lessons about some patients’ decisions not to participate in Tapestry, which will be the focus of future publications.”
Three Specific Genes
Enrolled patients were invited to visit a website, where they could view a video and submit an eligibility form. Once approved, they completed a digital consent agreement and received a saliva collection kit. Participants were also invited to provide information about their family history.
Helix, a clinical laboratory company headquartered in San Mateo, Calif., performed the exome sequencing.
Though Helix performed whole exome sequencing, the researchers were most interested in three specific sets of genes:
Patients received clinical results directly from Helix along with information about their ancestry. Clinical results were also transmitted to Mayo Clinic for inclusion in patients’ electronic health records (EHRs).
Among the participants, approximately 1,800 (1.9%) had what the researchers described as “actionable pathogenic or likely pathogenic variants.” About half of these were BRCA1/2.
These patients were invited to speak with a genetic counselor and encouraged to undergo additional testing to confirm the variants.
Tapestry Genomic Registry
In addition to the impact on the participants, Mayo Clinic’s now has an enormous amount of raw sequencing data stored in the Tapestry Genomic Registry, where it will be available for future research.
The database “has become a valuable resource for Mayo’s scientific community, with 118 research requests submitted,” the researchers wrote in the news release. Mayo has distribution more than a million exome datasets to other genetic researchers.
“What we’ve accomplished with the Tapestry study is a blueprint for future endeavors in medical science,” Lazaridis noted. “It demonstrates that through innovation, determination, and collaboration, we can deeply advance our understanding of DNA function and eventually other bio-molecules like RNA, proteins and metabolites, turning them into novel diagnostic tools to improve health, prevent illness, and even treat disease.”
Everything about this project is consistent with precision medicine, and the number of individuals discovered to have risk of cancers is relevant. Clinical laboratory professionals understand these ratios and the importance of early detection and early intervention.
Clinical laboratories and anatomic pathology groups should consider these cyberattacks on major healthcare entities as reminders that they should tighten their cybersecurity protections
Hackers continue to gain access to public health records—including clinical laboratory testing data—putting thousands of patients’ protected health information (PHI) at risk of being exposed. The latest important healthcare entity to become the victim of a ransomware attack is American Associated Pharmacies (AAP). According to The Register, AAP announced a ransomware operation called Embargo had stolen over 1.4 terabytes (TB) of data, encrypted those files, and demanded $1.3 million to decrypt the data.
Embargo claims that Scottsboro, Ala.-based AAP paid $1.3 million to have its systems restored. They are now demanding an additional $1.3 million to keep the stolen data private, the HIPAA Journal reported, adding, “The attack follows ransomware attacks on Memorial Hospital and Manor, an 80-bed community hospital and 107 long-term care facility in Georgia, and Weiser Memorial Hospital, a critical access hospital in Idaho.”
AAP has not publicly confirmed the ransomware attack, nor has it made an official statement regarding the breach. But it did post an “Important Notice” on its website reporting, “limited ordering capabilities for API Warehouse have been restored at APIRx.com.”
API Warehouse is a subsidiary of AAP that helps subscribers save on brand name and generic prescriptions via wholesale purchasing plans. It oversees more than 2,000 independent pharmacies across the US and has over 2,500 stock keeping units (SKUs) in its inventory.
The message further states “All user passwords associated with both APIRx.com and RxAAP.com have been reset, so existing credentials will no longer be valid to access the sites. Please click ‘forgot password’ on the log in screen and follow the prompts accordingly to reset your password.”
“Embargo seems to have international and multi-sector victims and is not focusing on a specific victim profile. They seem opportunistic,” Mike Hamilton (above), founder and chief information security officer (CISO) of cybersecurity firm Critical Insight, told HealthcareInfoSecurity. “However, as they do have multiple victims in healthcare, and their tooling to disable detection is sophisticated, they should not be discounted. If indeed they operate through affiliates, we can expect others to use their infrastructure and tools, and Embargo may emerge as a top threat to healthcare.” Since 80% of all medical records are made up of clinical laboratory testing data, laboratory patients are particularly vulnerable. (Photo copyright: Critical Insight.)
Embargo on the Hunt for PHI
Due to the large amount of data Embargo stole from the AAP servers, it’s likely the hackers were able to procure medical records and account details from all customers of the pharmacies involved in the attack.
Researchers at ESET, an internet security company, first noticed the ransomware organization known as Embargo in June of this year. In a news release, ESET stated that Embargo used an endpoint detection and response (EDR) killer toolkit to steal AAP’s data.
“Based on its modus operandi, Embargo seems to be a well-resourced group. It sets up its own infrastructure to communicate with victims. Moreover, the group pressures victims into paying by using double extortion: the operators exfiltrate victims’ sensitive data and threaten to publish it on a leak site, in addition to encrypting it,” ESET wrote in a news release.
Embargo recently attacked other organizations within the healthcare industry as well. In November, it claimed responsibility for breaching the security of Memorial Hospital and Manor in Bainbridge, Ga. The cyberattack affected Memorial’s email and electronic medical record (EHR) systems, which caused the facility to pivot to a paper-based system, The Cyber Express reported.
Embargo’s attack on Weiser Memorial Hospital in Weiser, Idaho, involved the theft of approximately 200 gigabytes (GB) of sensitive data and caused a four-week-long outage of its computer systems.
Other Cyberattacks on Healthcare Organizations
Dark Daily has covered many cyberattacks on hospital health systems in multiple ebriefs over the past few years.
Safeguarding patient data is critical, and more healthcare organizations are discovering the hard way that they are vulnerable to hackers. This situation serves as another reminder to clinical laboratory and pathology group managers that they need to be proactive and serious about protecting their information systems, and in upgrading their digital security at regular intervals.
Hackers are working hard to obtain access to protected health information, which puts patients at continuous risk of having their private records stolen.
Researchers note that many sources of errors associated with diagnostic testing involve how providers order tests and how specimens are handled
ECRI (Emergency Care Research Institute), a non-profit organization that focuses on healthcare quality and patient safety, has released results from a study which lays blame for most diagnostic errors on systemic issues that arise during clinical laboratory, radiology, and other diagnostic testing processes. These issues relate to “ordering, collecting, processing, obtaining results, or communicating results,” the organization stated in a news release.
“It’s a common misconception that if a patient has a missed or incorrect diagnosis, their doctor came up with the wrong hypothesis after having all the facts,” said ECRI President and CEO Marcus Schabacker MD, PhD, in the news release. “That does happen occasionally, but we found that was tied to less than 3% of diagnostic errors. What’s more likely to break the diagnostic process are technical, administrative, and communication-related issues. These represent system failures, where many small mistakes lead to one big mistake.”
The researchers based their analysis on reports of adverse patient safety events and “near-misses” submitted to ECRI and the Institute for Safe Medication Practices (ISMP) in 2023. Healthcare providers submitted the data from across the US, ECRI noted.
From a total of 3,014 patient safety events, ECRI determined that 1,011 were related to diagnostic errors. Then, it sorted the events based on “the appropriate step in the diagnostic process where the breakdown occurred,” according to the news release.
ECRI did not reveal how many errors were related to clinical laboratory testing as opposed to radiological or ultrasound imaging.
“The problem of diagnostic safety comes down to the lack of a systems-based approach,” said ECRI President and CEO Marcus Schabacker MD, PhD (above), in a news release. “Since there are multiple potential failure points, a single intervention is insufficient.” Diagnostic errors can also include imaging/radiology and other types of diagnostic procedures—not just clinical laboratory tests. (Photo copyright: ECRI.)
Where Errors Occur
According to ECRI’s analysis, the largest number of errors by far (nearly 70%) happened during the clinical laboratory testing process. Among these, “more than 23% were a result of a technical or processing error, like the misuse of testing equipment, a poorly processed specimen, or a clinician lacking the proper skill to conduct the test,” ECRI stated. “Another 20% of testing errors were a result of mixed-up samples, mislabeled specimens, and tests performed on the wrong patient.”
Outside the testing process, other errors occurred during monitoring and follow-up (12%) and during referral and consultation (9%).
One major factor behind diagnostic errors, ECRI noted, was miscommunication among providers and between providers and patients.
The organization also cited “productivity pressures that prevent providers from exploring all investigative options or from consulting other providers” as leading to diagnostic errors.
In some cases, providers who ordered lab tests delayed reviewing the results or the patients were not notified of the results.
“Referrals to specialists or requests for additional consultations can complicate the process, presenting more potential failure points,” ECRI noted.
Troubling Imaging Anecdotes, Previous Studies
The ECRI news release cites two de-identified patient stories, both related to imaging. One case involved a woman who “experienced abdominal pain and abnormal vaginal bleeding,” but a diagnosis of uterine cancer was delayed nearly a year. “MRIs were ordered, but not all the results were reviewed, as her symptoms worsened. Despite masses being detected on an ultrasound, a missed appointment and communication barriers delayed her diagnosis. She was finally diagnosed after severe pain led to hospitalization.”
In one “near-miss” incident, a patient did not receive an essential carotid ultrasound procedure prior to being scheduled for open-heart surgery. Staff caught the omission and canceled the surgery. A later ultrasound “revealed he would have had a catastrophic surgical outcome if the surgery had proceeded as scheduled,” ECRI stated.
Two earlier studies noted in the news release highlight the impact of diagnostic errors.
A 2017 study, published in the journal BMJ Quality Safety, estimated that diagnostic errors affect approximately 5% of US adults—a total of 12 million—each year. In that paper, the authors combined estimates from three observational studies that defined diagnostic error in similar ways.
“Based upon previous work, we estimate that about half of these errors could potentially be harmful,” the authors wrote.
And a 2024 study published in the same journal estimated that 795,000 Americans die or become permanently disabled each year due to misdiagnosis of dangerous diseases. “Just 15 diseases account for about half of all serious harms, so the problem may be more tractable than previously imagined,” the authors wrote.
Recommendations for Providers, Labs
ECRI advised that healthcare providers should adopt a “total systems safety approach and human-factors engineering” to reduce diagnostic errors. This is good advice for clinical laboratories as well.
Specific steps should include “integrating EHR workflows, optimizing testing processes, tracking results, and establishing multidisciplinary diagnostic management teams to analyze safety events,” the news release states.
Schabacker also advised patients to “ask questions to understand why their doctor is ordering tests, and are those tests urgent,” he said. “Schedule your appointments and tests quickly and follow up with your provider if you’re awaiting results. If possible, ask a family member or friend to join you in important appointments, to help ask questions and take notes.”
Clinical laboratory managers have been alerted to the involvement of lab testing in incidents of medical errors. This report by ECRI is more evidence of the gaps in care delivery that often contribute to medical error. Medical lab professionals may want to review the ECRI report to learn more about what the authors identify as the specific breakdowns in care processes that contribute to medical errors.
