How can healthcare providers make AI pay off?
Most organisations are still breaking even on technology spending.
Healthcare providers are rapidly adopting artificial intelligence (AI), but weak data, cybersecurity risks, and regulatory requirements continue to limit returns, according to KPMG's Global Tech Report 2026: Healthcare.
The study, released in May and based on a survey of 128 healthcare technology leaders worldwide, found that 40% of organisations spend $50m to $100m a year on technology, mainly on electronic health records, cloud platforms, and enterprise systems.
AI adoption has more than doubled. KPMG found that 66% of healthcare organisations are deploying AI applications, up from 32% a year earlier. Another 76% expect to expand AI over the next 12 months, whilst 86% are integrating it into clinical or operational work.
Despite higher spending, returns remain uneven.
Fifty-seven percent of organisations said their technology investments were only breaking even, whilst 30% reported returns above their original investment.
KPMG found that cybersecurity, poor quality data, and regulatory compliance remain the biggest barriers to wider tech adoption.
Weak governance and limited in-house expertise were cited by 42% of respondents as their biggest challenge.
Separate reports released by PricewaterhouseCoopers in May and the Healthcare Information and Management Systems Society in April identified similar obstacles.
Both found providers are focusing on cybersecurity, data quality, and information sharing as they expand digital services.
KPMG also reported growing interest in remote patient monitoring, robotic surgery, digital twins, predictive analytics, and patient support networks.
Nearly one-third of organisations plan to hire more local technology professionals to reduce reliance on offshore workers.
Questions to ponder:
- How can healthcare providers improve returns on AI investments?
- Should organisations fix data quality before expanding AI?
- How can providers balance faster AI adoption with cybersecurity and regulatory requirements?