Healthcare organizations continue to face increasing compliance pressure as regulatory oversight expands and operational complexity grows. Strategic, operational, financial, and compliance risks are often interconnected; yet many organizations still manage them within siloed departments, using tools that do not communicate with each other. The result is recurring gaps: required steps are missed, completed incorrectly, or never documented. A recent Thomson Reuters article on cross-functional risk management underscores a point that applies directly to healthcare: the benefits of connected workflows and data are not theoretical. They address a structural problem—fragmentation—that undermines both risk management and compliance.
The Problem: Silos and Fragmentation
Compliance and risk failures in healthcare rarely stem from a lack of policy. More often, they stem from breakdowns in the operational workflows that are supposed to implement those policies. When finance, operations, compliance, legal, and clinical teams use separate systems and disconnected processes, no single view of risk or compliance status exists. Data that could inform decisions is scattered across departments. Workflow steps that should trigger accountability or documentation are not visible to the right people at the right time.
Thomson Reuters, drawing on a Forrester Consulting study commissioned in 2025, notes that even when risk is interconnected across functions, collaboration between departments remains erratic. Technology solutions used by different teams typically do not integrate. Legacy systems, skill gaps, inconsistent data quality, and siloed data are cited as roadblocks. The same dynamics appear in healthcare: domain-specific tools focus on individual functions rather than on coordinating workflows across pharmacy, nursing, quality, privacy, revenue cycle, and supply chain. The outcome is not that people do not care about compliance or risk. The outcome is that the system was never designed to reliably support cross-functional visibility and accountability.
Reframing the Cause: From People to Systems
When audits or oversight reports highlight repeated compliance gaps, the cause is usually framed in one of two ways. The person approach attributes failure to individuals—forgetfulness, carelessness, or negligence. Alternatively, Tthe system approach attributes failure to the conditions under which people work: unclear tasks, missing communication, fragmented tools, and lack of transparency. High-reliability organizations have consistently achieved better outcomes by treating errors as consequences of system design rather than as causes rooted in individual blame. Healthcare organizations that shift toward this view often find that the real issue is not motivation but infrastructure. Workflow gaps, fragmented systems, and lack of operational transparency make it difficult for well-intentioned teams to execute and document what is required.
Connected workflows and unified data do not fix compliance or risk by themselves. What matters is whether regulatory and risk expectations are embedded directly into operational workflows and whether teams can see and act on the same information. When workflows are connected and data is shared across domains and functions, compliance and risk management can shift from reactive, department-specific activities to a more integrated view of where the organization stands and where it is exposed.
What “Connected Workflows and Data” Actually Require
The Thomson Reuters piece emphasizes that organizations adopting cross-functional risk management benefit from a clear governance structure, defined roles, effective communication channels, and technology solutions that deliver connected data sharing and workflow capabilities. In healthcare, the parallel is straightforward: compliance and risk need to be integrated into the same operational infrastructure that teams use daily. That means workflow orchestration that spans departments, tasks that are assigned and tracked in a visible way, and data that flows across functions so that emerging risks or compliance gaps can be identified before they result in audit findings or patient harm.
Research and industry practice support this direction. The Forrester study noted that insights-driven organizations break down silos and sync data, analytics, and optimization across teams. Success depends on whether the organization treats risk and compliance as cross-functional concerns and whether the technology in place supports that. For healthcare leaders and compliance professionals, the takeaway is not to adopt a single vendor or product. It is it is critical to avoid siloed technologies when possible and to evaluate whether the current design of workflows and data supports or undermines cross-functional visibility and accountability.
Practical Takeaways
Ultimately, compliance and risk failures rarely originate from bad intentions. They originate from systems that were never designed to reliably support complex, cross-functional operational workflows. When regulatory and risk requirements are embedded directly into those workflows, and when data is connected rather than siloed, compliance and risk management can shift from a reactive burden to a natural byproduct of daily operations.
As regulatory expectations continue to grow, healthcare organizations may need to reconsider whether traditional, siloed approaches to compliance and risk are sufficient. The proven benefits of connected workflows and data are not about replacing human judgment. They are about giving teams the transparency and structure they need to execute, document, and improve—across departments and over time.
References
- How businesses are embracing cross-functional risk management (Thomson Reuters Legal, November 2025).