Partner Perspective: AI Changing the RCM Game Too, CIOs Would Do Well to Take a Look

AI has revolutionized clinical workflows, but its impact on revenue cycle management (RCM) is just as transformative. Health system CIOs must take notice, as AI-driven automation is rapidly reshaping contract management, denials reduction, and payment processes. Those who fail to embrace these innovations risk inefficiencies and financial setbacks in an increasingly competitive landscape.

According to John Landy, CTO at FinThrive, and a longtime technology leader in RCM, CIOs must move beyond traditional approaches and take a proactive stance on AI, cybersecurity, and vendor partnerships.

Health systems are facing mounting financial and administrative pressures, prompting greater investment in AI-driven automation, which is streamlining workflows in three key areas: employee productivity, data processing, and product functionality.

“AI has become a vital tool in making processes more efficient,” Landy said. “It’s improving the way developers write code, automating data processing, and enhancing software functionality in ways that health systems should be leveraging.”

AI is also being used in contract management, denials prediction, and support automation. Health systems that integrate AI into these areas will be better positioned to reduce administrative burdens and improve revenue cycle outcomes. “Many of these AI-driven improvements are embedded in workflows in a way that users may not even notice—but they make a significant impact,” Landy said.

Cybersecurity Concerns in a Changing Landscape

The Change Healthcare cyberattack heightened awareness of security risks across the industry, pushing health system CIOs to reevaluate their vendor relationships. “Even long-standing customers are conducting security reviews to ensure alignment with today’s threats,” Landy said. “There has been a surge in security-related discussions, and this needs to be a permanent shift rather than a short-term reaction.”

Landy emphasizes that security must be an ongoing investment. “Financial services have had zero major ransomware attacks in five years because they invest heavily in security,” he said. “Healthcare, on the other hand, has been underinvested in security, which is why we see repeated breaches.”

To mitigate risk, CIOs should ensure their vendors have robust cyber resilience plans, including secondary environments for rapid recovery. “Traditional disaster recovery planning is no longer enough,” Landy said. “CIOs need to demand cyber-resilient infrastructures that allow systems to be restored within days—not weeks.”

AI in RCM is evolving from machine learning to generative AI and agentic AI, which combines large language models with robotic process automation (RPA) for autonomous workflows.

“Machine learning has been around for years, but generative AI enables new capabilities like automated appeal letter generation,” Landy said. “Agentic AI goes further by integrating workflow automation. One example is automated denial appeals: an AI agent can analyze a denial, reference historical data, generate an appeal, and resubmit it—without human intervention.”

This level of automation is expected to accelerate in 2025. “The tooling vendors—Microsoft, UiPath, and others—are heavily investing in agentic AI,” Landy said. “Hospital CIOs should engage with their vendors now to understand how these solutions will improve patient and workforce experiences.”

Landy advises CIOs to evaluate AI’s potential for claims processing, denial prevention, and revenue optimization. “AI can reduce processing times, improve payment accuracy, and ultimately impact a health system’s financial stability,” he said.

The Shift to Resilience Over Risk Management

Health system CIOs are rethinking third-party risk management following Change Healthcare’s security breach. Historically, organizations relied on extensive questionnaires to assess vendor risk,