Every year, ViVE brings together thousands of healthcare technology leaders: health system executives, digital health startups, payers, and technology vendors, for three days of sessions, demos, and conversations that cut straight to where the industry is heading.
This year's edition brought us back to Los Angeles. The floor covered everything from AI-powered clinical tools to data infrastructure platforms and cybersecurity solutions, and the conversations we had reinforced patterns we've been seeing for months: the bar for data, security, and compliance is rising fast across every health system we work with.
Let’s dive into some of the insights that stood out most at ViVE 2026.
Data Infrastructure has moved to the Top of the Agenda
If there was a single thread connecting virtually every conversation at ViVE, it was data maturity.
Hospital data warehouse integrations came up repeatedly. So did interoperability between EHRs, payers, and third-party platforms. Health systems are building toward unified data architectures, and they're asking vendors harder questions about how they fit into those architectures, or whether they create new friction points.
- Real-time analytics and predictive modeling gaining serious traction across health systems.
- AI initiatives consistently described as "blocked" by poor data quality or fragmented pipelines.
- Data governance frameworks becoming more sophisticated and harder to bypass.
- Unified data platforms becoming a strategic investment, not just an IT project.
What made this year different is that the conversation wasn't aspirational. Health systems aren't planning unified data architectures, they're building them, and they're bringing vendors into that process earlier than ever.
The implication for vendors: if your solution can't plug cleanly into a modern data stack and answer tough questions about governance from day one, you'll lose deals earlier than you expect. It's not just about having the right integrations, it's about being able to explain them clearly to a room that increasingly includes both clinical and technical stakeholders at the same time.
Security is a business priority
One of the clearest shifts at ViVE 2026 was how security conversations have evolved. It's still an IT responsibility, but it's no longer confined to technical evaluations. Security has become part of executive strategy, with healthcare organizations treating it as a company-wide risk framework, not just an infrastructure concern.
One moment that stuck with us came from the session "2026 Healthcare Cybersecurity: A Leadership Agenda." Nate Couture, CISO at University of Vermont Health Network, shared lessons from a ransomware attack that took their IT systems offline for weeks. His takeaway: as health systems adopt new technology, resilience planning has to be built in from the start, not retrofitted after an incident.
The certifications buyers are asking about have expanded significantly:
SOC 2 | HITRUST | ISO 27001 | Cloud Security Posture | IAM | Endpoint Protection
Vendor risk management is getting stricter. Technical security questions are showing up earlier in the sales process, and they're being asked by people who know what they're looking for. Clinical record protection, endpoint security, cloud posture, and identity management all came up repeatedly as evaluation criteria, not afterthoughts.
The vendors that stood out weren't just claiming security, they were demonstrating governance. There's a real difference, and buyers are starting to know how to tell them apart.
HIPAA Compliance is just the starting point
HIPAA came up in nearly every conversation at ViVE. But its role has shifted. It's increasingly treated as a baseline expectation rather than a differentiator, and what buyers want to understand now goes beyond certification: it's about how compliance is built into the product architecture from the start.
The shift is also happening earlier in vendor relationships. Health systems are increasingly expecting compliance readiness before the sales process even begins as a signal of how seriously a partner takes the space.
What that looks like in practice:
- Auditability: can you show a complete, traceable record of data access and changes?
- Documentation: do you have the paper trail that survives an enterprise security review?
- Secure data handling processes embedded in the product, not applied after the fact
- Compliance posture that anticipates enterprise requirements, not just minimum standards
We're also seeing startups and growth-stage vendors beginning to prepare for enterprise-level compliance requirements earlier than ever. The companies that stood out were the ones who had already done this work before a client asked for it.
AI is everywhere, but the hype has matured
AI tools were all over the show floor at ViVE 2026. But the conversation has shifted. The energy around AI was more grounded, more practical, and notably more tied to real constraints than in previous years.
The AI use cases that resonated weren't abstract, they were specific, and they were tied to data quality, privacy, and regulatory fit:
The pattern was consistent: the most credible AI conversations were grounded in data infrastructure. AI is only as good as the data it runs on, and in healthcare, that data needs to be clean, governed, and compliant before any model touches it. The organizations making real progress on AI had done the foundational data work first.
The question stopped being "do you have AI?" and became "does your data actually support it?" That shift in framing was everywhere , and it's a healthy one.
Dr. Nolan Chang, EVP of Strategy at The Permanente Federation, put it well during a panel discussion: the real opportunity isn't using AI to solve existing problems more efficiently, it's using it to address the foundational issues driving utilization and outcomes. The organizations making real progress were the ones asking harder questions from the start.
The bigger pattern: Buyers have changed
ViVE 2026 confirmed something we've been observing in our own conversations with health system buyers for a while now: the evaluation process has fundamentally shifted.
The market is maturing, and that's good news. The risk of not adopting technology is starting to feel higher than the risk of adopting it, especially for health systems navigating staff shortages, rising costs, and growing patient complexity. The relationships being built on substance right now are the ones that will last.
Buyers are more technically sophisticated. And the bar for what counts as a credible partner keeps rising. At Devlane, that's the standard we've been building toward, security, compliance, and data expertise aren't selling points, they're the foundation of how we work, and the reason our clients in healthcare trust us to build and scale their most critical products.
What ViVE 2026 ultimately confirmed
Beyond the sessions and strategy conversations, ViVE also reminded me why in-person events still matter. Some of the most valuable exchanges happened in those unscheduled moments: between meetings, at booth activations, or in hallway conversations that never make it onto the official agenda.
Healthcare technology is clearly entering a more mature phase, and the conversations happening across the industry reflect that shift. At Devlane, these are the kinds of discussions we’re having every day with healthcare organizations building and scaling digital products. It’s also why we keep showing up to events like ViVE: to stay close to the ecosystem and the people shaping where healthcare technology goes next.
If you're building healthcare technology and need engineering teams that understand data, security, and compliance from the ground up, we'd love to connect.
Other Blog Posts
.webp)
ViVE Conference 2026: What’s actually changing in healthtech
