Technology and Innovation in Medical Services: AI, EHR, and More

Artificial intelligence, electronic health records, remote monitoring, and diagnostic algorithms are reshaping how medical services are delivered, documented, and evaluated across the United States. This page examines the major categories of health technology in clinical use, how they interact with federal regulatory frameworks, and where the boundaries between tool, device, and clinical decision lie. The stakes are real: the Office of the National Coordinator for Health Information Technology (ONC) estimated that more than 96% of non-federal acute care hospitals had adopted certified EHR systems by 2021 (ONC Data Brief No. 56).

Definition and scope

Health technology in medical services covers a spectrum wider than most people picture when they hear "AI in medicine." The broadest governing definition comes from the World Health Organization, which classifies health technology as any application of organized knowledge and skills in the form of medicines, devices, vaccines, procedures, and systems developed to solve a health problem and improve quality of life (WHO Health Technology). In the US regulatory context, that definition gets operationalized primarily by the Food and Drug Administration (FDA) and the ONC.

The FDA distinguishes clinical software by risk level. Software that merely displays historical data sits at one end; software that drives a treatment decision — an algorithm recommending insulin dosing, for instance — sits at the other. The FDA's Digital Health Center of Excellence, established under the 21st Century Cures Act (Pub. L. 114-255), oversees this classification landscape and has issued specific guidance on Software as a Medical Device (SaMD). Meanwhile, the ONC's Health IT Certification Program establishes criteria that EHR systems must meet to qualify for federal incentive programs.

For context on how these technologies slot into broader service delivery, the National Medical Services Authority index situates health technology within the full landscape of US medical infrastructure.

How it works

Medical technology operates through three broad functional layers, each with distinct regulatory touchpoints.

1. Data capture and documentation — Electronic health records collect structured and unstructured clinical data at the point of care. Certified EHR technology (CEHRT) must meet ONC's certification criteria under 45 CFR Part 170, including standards for clinical decision support, medication reconciliation, and patient access through standardized APIs. The 21st Century Cures Act Final Rule (published in the Federal Register on May 1, 2020) added requirements for information blocking prohibitions, requiring that certified health IT vendors not impede the flow of electronic health information.

2. Analysis and decision support — Clinical Decision Support (CDS) tools analyze captured data against rule sets, evidence libraries, or trained machine learning models to surface alerts, recommendations, or predicted risk scores. The FDA's 2022 guidance on Clinical Decision Support Software clarifies that CDS tools displaying recommendations a clinician can independently review and verify are generally exempt from device regulation, while those whose outputs cannot be meaningfully audited by a clinician are classified as SaMD and subject to premarket review.

3. Intervention and monitoring — Remote patient monitoring (RPM) devices transmit physiological data — blood pressure, glucose, cardiac rhythms — to clinical teams outside a hospital setting. The Centers for Medicare and Medicaid Services (CMS) established separate reimbursement codes for RPM services under CPT codes 99453, 99454, 99457, and 99458, creating a billing pathway that accelerated adoption after 2019.

Common scenarios

Health technology shows up in clinical practice in ways that range from seamlessly invisible to conspicuously new.

• Radiology AI: FDA-cleared algorithms assist radiologists in detecting nodules, fractures, and intracranial bleeds. As of 2023, the FDA had authorized more than 690 AI/ML-enabled medical devices, with radiology accounting for the largest single category (FDA AI/ML-Enabled Medical Devices).
• Sepsis prediction: Hospital systems use early-warning algorithms that score patients for sepsis risk based on vital signs and lab trends. These tools fall under CDS regulatory frameworks when clinician review is built into the workflow.
• Telehealth platforms: Video-based care delivery, which expanded dramatically under CMS flexibilities during the COVID-19 public health emergency, operates at the intersection of state licensure law, HIPAA privacy standards (45 CFR Parts 160 and 164), and payer reimbursement policy. The regulatory context for medical services page covers how federal and state rules interact in this space.
• Prior authorization automation: Payers and health systems are deploying AI tools to streamline prior authorization workflows — a process that CMS estimated affects more than 35 million Medicare Advantage prior authorization requests annually (CMS Prior Authorization Final Rule, CMS-4201-F).

Decision boundaries

Not every clinical software tool carries the same risk profile, and the regulatory framework reflects that with deliberate gradation.

The FDA's SaMD framework — aligned with International Medical Device Regulators Forum (IMDRF) guidance — classifies devices along two axes: the seriousness of the condition being addressed, and the significance of the information provided to the clinical decision. A tool that flags a low-severity condition for further review sits in a lower-risk class than one driving autonomous treatment in a critical situation.

A useful contrast: a diabetic retinopathy screening algorithm that produces a binary "refer/don't refer" result with no clinician intermediary is classified as a Class II medical device and requires FDA 510(k) clearance. An algorithm that generates a retinal image overlay for an ophthalmologist to interpret is more likely to qualify as non-device CDS under the 21st Century Cures Act criteria.

Interoperability standards introduce another boundary condition. Health systems exchanging data through certified APIs must comply with HL7 FHIR Release 4 standards as required under the ONC Cures Act Final Rule — a technical specification that determines whether AI tools can actually access the data they need to function.

Safety oversight for health IT also falls within the scope of The Joint Commission's Electronic Health Information standards, which accredited hospitals must satisfy as part of their accreditation conditions. Errors introduced by technology — wrong-patient alerts, documentation autofill errors — are classified as sentinel events under Joint Commission reporting frameworks.

References

• Office of the National Coordinator for Health Information Technology (ONC)
• ONC Data Brief No. 56 — Hospital EHR Adoption
• FDA Digital Health Center of Excellence
• FDA AI/ML-Enabled Medical Devices List
• FDA Clinical Decision Support Software Guidance (2022)
• 21st Century Cures Act (Pub. L. 114-255)
• ONC Cures Act Final Rule — 45 CFR Part 170
• CMS Prior Authorization Final Rule (CMS-4201-F)
• WHO Health Technology Assessment
• The Joint Commission — Standards and Accreditation
• IMDRF SaMD Framework