Healthcare IT leaders evaluate every new technology through a lens of risk, integration, compliance, and long-term scalability. Their environments are complex. Resources are limited. And every new system must fit securely into an already crowded digital ecosystem.
When healthcare organizations evaluate ultrasound solutions, clinical features often get the spotlight. But behind every purchase decision is another critical factor: the IT assessment.
To better understand the challenges IT teams face during the assessment of ultrasound technology, GE HealthCare gathered insights from CIOs, CMIOs, IT directors, and technology managers from health systems in the United States, United Kingdom, France, and Germany. These leaders shared candid insights into what they need from vendors, and where some have fallen short. We’re using this feedback to strengthen how we support IT teams throughout the ultrasound adoption journey.
Here are key takeaways from the survey.
Involve IT early – assessment is part of the decision
A key takeaway from our research is the importance of including IT teams early in the evaluation process. According to our research, 7 in 10 IT leaders prefer to conduct their assessment after a demo but before a decision is made. Notably, 5 in 10 would rather be involved even earlier—before a demo takes place.
Delaying IT’s involvement can lead to a host of issues, including integration challenges, inefficiencies, and even stalled procurement. By engaging IT early and often, organizations can make informed decisions, avoid unnecessary roadblocks, and ensure the solution fits securely and effectively within their existing infrastructure.
“IT teams are balancing risk, integration, and compliance from the start, not at the end,” said Sam Balga, Vice President, VerisoundTM Digital Solutions, GE HealthCare. “That’s why we engage our IT partners early, bringing the right GE HealthCare specialists into the conversation so questions get clear answers and evaluations stay on track.”
Understand regional standards and certifications
Each country represented in our survey has specific requirements for cybersecurity, cloud storage, and data access and protection. In the United States, HIPAA compliance is paramount, while UK stakeholders prioritize GDPR, Digital Clinical Safety Standards, and DSPT compliance. In Germany and France, ISO 27001 certification and GDPR compliance are key, with Germany requiring additional adherence to BSI and BDSG standards.
Data encryption and access controls differ by region. Across all regions, IT leaders stress protecting data in transit. AES is the de‑facto standard; DES is withdrawn and no longer approved for new protections, and 3DES (TDEA) is being retired under NIST transition guidance. For authentication, many facilities use MFA; in some environments this is implemented as 2FA (two distinct factors), while others adopt additional factors or phishing‑resistant methods. For authorization, RBAC is widely used, and some organizations, especially in France, also apply ABAC, which evaluates user/resource/context attributes for fine‑grained access decisions.
Ultimately, 84% of IT leaders confirmed that their organizations follow the same IT assessment process across all digital solutions. This means vendors unable to meet regional or global standards are often excluded from purchasing consideration.
“Choosing a supplier with reliable security resources is a real challenge. Cyber-attacks can happen at any time, so we can't trust just anyone to handle our confidential information.”
-Director of IT/IT applications, France
Partner with IT-Focused Ultrasound Experts
Top pain points in the assessment process, according to IT
During the survey, IT leaders had the opportunity to share their most significant pain points during assessments in their own words, without checkboxes or prompts. Their open-ended responses spotlight inefficient collaboration as a common frustration.
“Lack of clear communication with vague proposals and unresponsive and delayed responses, limited references and outdated information, incompatibility with existing systems”
-Healthcare Technology Manager, USA
“In my opinion, the biggest challenge is to maintain a constant thread of communication with them, take appropriate follow-up action and retrieve the correct status of the work in a timely manner.”
-CIO, Germany
After consolidating themes, five primary areas of concern emerged:
- Inefficient collaboration - the most frequently cited frustration
- Integration & interoperability challenges
- Weak cybersecurity measures
- Non-standardized documentation
- Lengthy assessment processes
Communication breakdowns and delayed follow-up were described repeatedly. Many IT leaders noted that unclear proposals, outdated documentation, and limited technical access create unnecessary friction and extend timelines.
When asked to identify the single biggest pain point in the IT assessment process, interoperability rose to the top. Security risks and inconsistent testing methodologies followed closely, alongside concerns about limited internal resources and data privacy requirements.
The message was consistent: assessment delays are rarely caused by clinical performance. They stem from gaps in coordination, integration readiness, and security validation.
How to accelerate the IT assessment process
IT leaders were equally clear about what helps move evaluations forward.
The most frequently cited accelerators included:
- Timely, transparent communication
- Access to a dedicated integration or interface team
- A dedicated implementation team
- Onsite clinical training
Survey respondents also suggested that providing predefined frameworks, tools, and self-serve access to essential document such as compliance certificates, sample audit logs, and DICOM conformance statements could also help reduce delays and build IT confidence in the solution.
Sam Balga added, “Speed in assessment comes from access to people who can resolve issues, not just documents. We support customers with a dedicated bench of experts, including integration and interface resources, implementation teams, and clinical and security specialists, so IT leaders can validate requirements quickly and move forward with confidence.”
Building stronger IT partnerships
Clinical performance matters. But for IT leaders, confidence matters just as much. Confidence that a system will integrate smoothly. Confidence that security standards are met. Confidence that the vendor will respond quickly when issues arise.
At GE HealthCare, we’re committed to helping IT teams move forward with clarity and confidence—from first evaluation through full deployment.
See how Verisound supports IT teams
REFERENCES:
CIO Pain Points - 2025 Internal Research
Verisound is a trademarks of GE HealthCare.
Product and features may not be available in all countries and regions. Full product technical specification is available upon request. Contact a GE HealthCare representative for more information.
JB37264XX
