I think the HIPAA rule that started in 1996 and phased updates over the years had a big impact in healthcare. Specifically, the definition of "significant harm" to an individual in the analysis of a security breach was updated to provide more scrutiny to covered entities with the intent of disclosing breaches that previously were unreported. Previously, an health organization needed proof that harm had occurred whereas now these organizations must prove that harm had not occurred.
The shift really involves a couple of things. There’s the shift in mindset of providers of healthcare. I think one of the largest moments was when Kaiser announced that they would go into EMR systems during the 2000s. That gave a lot of other providers and companies notice. The policies were changing healthcare records and gave vital importance in the way they want to do things in order to scale up. It was very difficult for smaller clinics to provide the kind of care that their patients want, especially in the 21st century. In order to do that, they needed to understand and implement the technology that previously wasn’t done at this scale. The change came in terms of how people were utilizing technology in their daily lives. When mass adoption takes place, it usually comes from consumers or the government trying to push the initiatives. One of them was the digitization of healthcare records from paper records. Paper records were the basis of how errors can happen; unreadable records, errors, etc. Finding accurate points in health records, curating, and how to utilize that information in other areas have been a game changer. The next stage is utilizing AI/ML to provide insight.