Doom, gloom, and a chance to bloom: 3 healthcare predictions for 2026
That’s a wrap on 2025, and boy, was it a doozy. Over the past 12 months, healthcare has taken a beating from all angles, primarily from the Trump Administration’s relentless work to demolish the foundations of established clinical science while plundering the nation’s financial safety net for the benefit of others.
As a result, a lot of healthcare folk are going into 2026 in the brace position, especially as major financial changes start to take place at the federal level, AI leaders start to pull away from the pack, and shifting trends in cybersecurity force organizations into new defensive positions.
So what’s in store for the upcoming year, and will any of it be good news? That depends largely on one’s political perspective, business priorities, and ability to remain resilient in the face of hurricane-force headwinds.
In 2026, it’ll be more important than ever to have a comprehensive strategic roadmap, complete with ironclad AI governance principles, to help organizations navigate an environment unlike anything experienced before.
But those who make an effective plan (and stick to it) still have the opportunity to come out of this year in a strong position to keep providing essential services to their communities. The key will be investing in the right places, staying nimble to roll with the punches, and doubling down on protecting what matters most: the humans that both provide and seek care from the system.
Here are three predictions for what’s in store during 2026.
Want basic healthcare? You better be making bank.
Healthcare is a business, and that business has been steadily going bankrupt for years. The Trump Administration has decided to massively accelerate the likely collapse of the biggest sector of the economy with several large-scale actions to defund the government subsidies that have kept healthcare access marginally affordable.
As of January 5, Congress has not yet acted to extend ACA health plan subsidies that put healthcare coverage within reach of millions of Americans. Marketplace users previously eligible for the credits will see their monthly premiums rise by an average of 114%, leading anywhere between 2 and 7 million people to drop off their plans.
But the affordability crisis doesn’t stop there. Thanks to 2025’s One Big Beautiful Bill, January 1 also brought down the axe on Medicaid’s Federal Medical Assistance Percentage (FMAP) assistance, which incentivized Medicaid expansion by covering around 90% of expansion costs. This will kickstart the decade-long process of throwing an estimated 11.8 million Medicaid enrollees off their coverage.
2026 will also see the federal government implement tighter administrative requirements for Medicaid, including frequent eligibility re-determinations that are designed to force people out of the system by purposely creating impenetrable administrative complexity. By the end of the year, states will also need to have prepared their new work requirements, set to go into effect the first day of 2027.
For healthcare provider organizations, this will mean a huge spike in uncompensated care, as well as a steady rise in more complex, more urgent cases that require expensive acute management from people who couldn’t afford to engage in preventive care.
Just from the expired ACA credits alone, the Urban Institute predicts an overall $7.7 billion increase in uncompensated care from uninsured individuals, with hospitals seeing a burden of about $2.2 billion and physician offices shouldering an additional $1.0 billion.
In addition, the sunsetting of the FMAP subsidies are likely to result in hospitals in Medicaid expansion states seeing operating margins reduced by an average of 11.7% to 13.3%, with safety net hospitals averaging a whopping shortfall of up to 29.6%, says the Commonwealth Fund.
With such big numbers on the table, just improving internal efficiencies with AI won’t create enough breathing room to compensate. Instead, organizations will need to take the next 12 months to reengineer care pathways (especially for higher-needs communities) and initiate savvy investment strategies that prioritize affordable, accessible preventive care.
Flooding community health centers and primary care providers with support will be essential for keeping costs as low as possible. This will include educating communities about the availability of less expensive care options; integrating free-standing urgent care centers into the health information exchange network; removing persistent barriers to care access for people with socioeconomic challenges; diving into risk stratification and prediction with financial factors included in the calculations; and partnering with telehealth and other digital health providers to give uninsured individuals at least some access to basic services.
AI will show its true colors, and they might not be pretty
AI saw explosive adoption in 2025, but it also saw the beginnings of a backlash against the “slop” that emanates from poorly designed, poorly implemented systems. Researchers started to publish warnings that overreliance on AI can degrade the capacity to think and reason independently, while terms like “AI fatigue” began to hit headlines as users get tired of being told, time and time again, that this AI-enabled tool is going to be the one that revolutionizes their entire workflow.
There’s a lot of bad AI out there, and there will only be more of it as vendors continue to ride the wave of interest in a dangerously unregulated environment increasingly stacked in their favor.
Late adopters and smaller organizations with more limited budgets are among the most vulnerable to unintentionally adopting products that could poison the tech stack with inaccurate information, untrustworthy calculations, or hard-to-erase biases that creep into the system.
These mistakes will only widen the gulf between the AI winners and losers, which will in turn dictate who’s going to be able to withstand the financial chaos and who’s likely to succumb to the consolidation trend that might only be making things worse for the average consumer.
That doesn’t mean 2026 is the year to throw in the towel on AI. It just means that healthcare organizations will need to take a much harder look at how, when, and where they bring AI tools into the system – and how they’re going to monitor and manage these tools so that they actually produce the value they’re supposed to.
The word of the year for 2026 should be “governance,” with organizations doubling down on their efforts to build structure and oversight into the AI adoption process from the first vendor cold call to the eventual end-of-life shutdown of the product.
To stay ahead of the game, organizations need to establish AI governance councils that bring the C-suite together with clinical champions, legal and compliance experts, data scientists, and others to get a multifaceted view of how to appropriately implement AI across the enterprise. This council should have a clear sense of the organization’s business priorities, as well as the key criteria for launching a pilot, moving it forward into full production, and evaluating its success.
Overall principles should include keeping humans in the loop, building in override and hard stop options when a user suspects an issue, and carefully managing privacy and security to limit risk and maintain control over data usage.
Curious where healthcare AI is heading next? Join the conversation with top innovators and health system leaders at ViVE. AI Zone @ViVE 2026.
Be prepared for cybercriminals to skip the “pretty please” and move straight to data theft
Ransomware has long been the scourge of the healthcare community, with the average organization losing close to $2 million a day when hit by downtime due to an attack.
But there might be something even worse on the horizon for organizations hoping to secure their precious data: straight up theft without the polite overture of encryption, according to a recent report from Sophos.
The data shows a significant drop in the number of attacks resulting in encrypted data, from 74% in 2024 to just 34% by the second half of 2025.
Part of the shift is attributable to a five-year high in the number attacks stopped in their tracks before criminals could access sensitive information, as well as a sharp reduction in the number of organizations that are willing to pay the ransom. For example, a mere 36% paid the ransom in 2025 compared to 61% in 2022, and hackers are getting much less out of their targets: an average of $150,000 these days compared to $1.47 million in the heyday of 2024.
But the other reason is that extortion-only attacks are on the rise. Instead of encrypting data in place and asking for a ransom to resume normal EHR operations, attackers are stealing the data but leaving systems uninterrupted, and then threatening to release or sell the stolen goods on the dark web unless they are paid a specific sum.
The proportion of extortion-only attacks has tripled to 12% of attacks in 2025, compared to 4% in 2022-2023, Sophos says.
While healthcare organizations may be initially relieved to hear this, since interruptions to daily clinical operations are among the most serious, immediate, and potentially deadly impacts of cybercrimes, it’s not really good news. Instead, it indicates that the threat environment is shifting to harder-to-detect strategies that could end up leaving hidden vulnerabilities open for a long time before the bad actor publicizes their demands and sparks an investigation into how they got in.
If this trend continues into 2026, which seems likely, CISOs are going to have even more to worry about. They will need to continue the never-ending work of identifying and plugging potential holes in the infrastructure, and keep working to deploy advanced, automated, and adaptable AI-powered threat detection tools that can scan the environment more quickly and more thoroughly than ever before.
Leaders will also need to establish and maintain consensus on what to do when an attacker strikes by developing contingency plans for both ransomware and extortion-only attacks. Conducting war games to simulate threats, as well as and keeping legal and compliance experts deeply involved in all digital development decisions, can help to keep the organization prepared for when an attack inevitably unfolds.
Stay ahead of the evolving cyber threat landscape — connect with the leaders, practitioners, and innovators securing the future of healthcare at ViVE’s Cybersecurity Zone.
The bottom line? A difficult but not insurmountable year ahead.
All in all, it’s not looking like the happiest of New Years for healthcare organizations, but it ain’t over until it’s over.
Organizations that go into 2026 with a determined and detailed strategy for success are more likely to find themselves able to withstand the immense financial pressures, maximize the value of AI tools, and keep their infrastructure secure against whatever new threats may arise in the next swing around the sun.
Jennifer Bresnick is a journalist and freelance content creator with a decade of experience in the health IT industry. Her work has focused on leveraging innovative technology tools to create value, improve health equity, and achieve the promises of the learning health system. She can be reached at [email protected].