top of page
Search

How to Evaluate the Scalability of Patient Engagement Solutions

  • Writer: Angela Hoegerl
    Angela Hoegerl
  • 2 hours ago
  • 9 min read

Key Takeaways on How to Evaluate the Scalability of Patient Engagement Solutions


  • Throughput, deliverability, and uptime are clinical metrics, not technical ones: a 95% versus 99% deliverability rate is the difference between 50,000 and 10,000 patients missed on a million-message campaign, and 99.99% uptime cuts allowed downtime to 52 minutes a year.

  • Multi-EHR is the steady state: acquired sites typically run their original EHR for 3-7 years post-deal, so platforms must support modern FHIR pipelines and legacy HL7 v2 interfaces in parallel - and 64% of healthcare organizations plan to consolidate patient engagement vendors.

  • Use-case breadth beats vendor count: health systems average 11 different texting vendors today, fragmenting carrier-trust scores and patient experience - a single platform that handles reminders through ED discharge triage avoids the consolidation cycle altogether.

  • Pricing must hold at 10× volume: per-message contracts that look cheap at pilot volumes become punitive at enterprise scale, and carrier pass-through fees rose 50% in a single year, pushing executives toward flat-ACV or PMPM structures.

  • Third-party risk is now the leading breach vector: a single missing MFA control at one vendor produced a $3.1B+ healthcare cyber event, and SOC 2 Type 2 plus HITRUST CSF is the enterprise baseline for vendor risk evaluation.

  • The right test is not “cheapest cost per message today” but “most predictable TCO at 10× volume across multi-EHR, multi-site, multi-use-case operation.”


Throughput, deliverability, and uptime under real peak load


Uptime of 99.9% Means 8 Hours Down Per Year

The relevant question is not how many messages a vendor's API can fire off per second.


It is whether the platform actually delivers them to a patient's handset and stays up while doing it.


Deliverability is the metric that matters, because carrier filtering is silent.


A filtered “sent” message produces no bounce and no notification to the sender, so the only signal that something went wrong is a no-show rate that doesn't move.


The difference between a 95% and a 99% deliverability rate on a one-million-message campaign is 50,000 versus 10,000 patients who never received the message.


Uptime tells a similar story in a different unit.


A 99.9% SLA permits 8 hours and 46 minutes of downtime per year, while 99.99% permits just 52 minutes.


For workflows carrying lab criticals, pre-op instructions, or discharge medications, that delta is not a footnote - it is the operational difference between a routine year and a regulatory one.


Throughput tier is the third lever, and the spread is severe.


Short codes and high-Trust-Score 10DLC channels can run hundreds of messages per second, while unregistered long codes still default to one - making a 500,000-recipient broadcast either a roughly 80-minute send or a two-day one depending on which tier the vendor actually has provisioned.


Compliance itself becomes a throughput constraint at scale, since consent checks, opt-out handling, audit logging, and encryption all add inline processing that meters peak capacity.


Dialog Health was built against those realities, with Tier-1 carrier connectivity across major mobile providers, cloud architecture with redundancy and backups, and short code plus 10DLC support designed to operate above the unregistered-traffic surcharge floor that carriers have been escalating since 2023.


How well does it operate across multiple sites, specialties, and EHRs?


If your organization is acquiring sites, opening service lines, or absorbing physician groups, the next question is whether the platform can grow with that footprint without re-platforming.


Multi-EHR is now the steady state, not a transition phase.


Mohawk Valley Health System ran four distinct EHRs for more than five years post-merger - a normal post-deal reality, not an outlier - and a mid-sized health system that owned one EHR five years ago routinely operates three to five concurrently today.


A vendor that integrates beautifully with one EHR but cannot reach the others becomes a strategic dead end the moment the next deal closes.


FHIR has improved the picture under the ONC Cures Act, since standardized FHIR APIs have been required for certified EHRs since January 2023.


But capability is not throughput, and a vendor still needs to operate against legacy HL7 v2 interfaces in parallel for years after each acquisition, because Epic and other major implementations run 18 to 36 months and well into eight or nine figures.


Acquired sites typically retain their original EHR for three to seven years post-deal, so a platform that can onboard a new site in weeks via FHIR - and also coexist with whatever the acquired site brought to the table - is the only architecture that maps to real M&A velocity.


The market has caught up: 64% of healthcare organizations plan to consolidate or stop using at least one patient engagement solution, and EHR-agnostic operation has moved from a nice-to-have to a decisive selection criterion.


Dialog Health is integration-agnostic across eight full EHR integrations - Epic, Cerner, Meditech, NextGen, athenahealth, Greenway, ModMed, and HealthGrid - and supports HL7, JSON, XML, and CSV exchanged via UI, sFTP, or RESTful API.


Multi-tenancy also has to extend to the people the platform serves, not just the systems it connects to.


A Dialog Health client, St. Louis Integrated Health Network, serves a regional population in which nearly 9% of residents speak a language other than English at home.

Its single-language appointment-reminder campaign was reaching 86% of clients and getting a 5% response rate.


After activating the platform's multi-language feature, reach climbed to 97% and response rose to 24% - a 380% increase - within 60 days, without a re-implementation.


That is the operational signal organizational scalability is working: the platform reconfigures around a new patient population the way it should reconfigure around a new EHR.


Use-case breadth and the vendor-fragmentation problem


Health Systems Average 11 Different Texting Vendors

Even after you have the technical and organizational story right, the platform still has to do more than send appointment reminders.


That is where most procurement decisions quietly go wrong.


A typical health system today uses an average of 11 different digital health vendors that text patients across reminders, billing, telehealth, intake, and portals - fragmentation that dilutes carrier-trust scores, confuses patients, and pushes opt-out rates up.


The pattern is consistent across the industry.


Buyers select a vendor for appointment reminders, succeed, and within twelve months realize they also want self-scheduling, recalls, post-discharge follow-up, surveys, billing outreach, broadcast and emergency communication, and two-way clinical messaging.


Each new use case the original vendor cannot absorb means another business associate agreement, another integration, another opt-out list to reconcile, and another patient-facing phone number on a carrier-trust score that is already spread thin.


The strongest evidence for expanding beyond reminders comes from post-discharge texting.


A Penn Medicine randomized controlled trial published in JAMA Network Open found automated text outreach after discharge produced a 55% reduction in 30-day readmission odds and a 41% drop in 30-day acute-care use, with an 82.8% patient engagement rate and only 8.6% opt-out.


Post-discharge is reimbursement-relevant under the Hospital Readmissions Reduction Program, which is why a platform that only handles reminders ends up putting a ceiling on its own ROI.


A Dialog Health client, Hackensack Meridian Mountainside Medical Center, ran the same workflow in its emergency department.


Over the year covered by the deployment, the hospital discharged 22,863 ED patients, reached 70% via post-discharge text, and saved 523 staff hours that would otherwise have gone into phone outreach - with an opt-out rate of just 0.004%.


The texts also did the triage, routing patients into nurse callbacks, billing help, PCP scheduling, or portal support based on their reply.


That is the use-case-breadth proof point: the platform that confirms appointments also runs ED discharge triage on tens of thousands of patients without breaking.


Whether the pricing model holds up at 10× current volume


Pricing is where the gap between procurement spreadsheet and lived reality opens widest.


A vendor model that looks attractive at pilot volumes can become punitive at enterprise volumes, particularly once carrier pass-through fees, multi-segment messages, two-way conversations, and language overhead start compounding.


The arithmetic is straightforward: a five-hospital system running 10 million messages a year at $0.03 each pays $300,000 in messaging alone, before MMS, multi-segment SMS, two-way conversation costs, language translation, or fallback channels like voice or email.


That is before the carriers raise their prices, which they have been doing aggressively.

T-Mobile's unregistered SMS fee rose 50% in a single year (2024), and AT&T added a $0.003 inbound charge in October 2024.


Carrier pass-through fee handling is therefore a contract-level question, not a footnote.


Hospital and health-system executives have already adjusted: 2026 capital-strategy data shows a clear preference for flat-ACV or PMPM contracts over usage-based pricing, because predictable monthly and annual commitments protect the original business case at 10× volume in a way that per-message pricing cannot.


The hidden TCO categories that CFOs most often miss include EHR integration work (Epic Connection Hub builds can run $25,000 to $1,000,000 depending on complexity), 15-20% ongoing maintenance, MMS and long-message multipliers, multi-language overhead, and the 3-7% annual escalators that are standard in healthcare SaaS contracts.


The math against the status quo, however, is still strongly in texting's favor.


A typical customer-service phone call costs about $16 to handle, against $1 to $5 for a text - meaning the right pricing model unlocks operational savings on top of every clinical outcome the platform produces.


The right test for any pricing model is not “what is the cheapest cost per message today.”


It is “which model produces the most predictable, contained total cost at 10 times current volume across multi-EHR, multi-site, multi-use-case operation.”


Third-party risk, compliance posture, and the true cost of getting this wrong


One Missing MFA Control Caused a $3.1B Healthcare Breach

Every vendor relationship is also a security perimeter, and patient engagement vendors handle some of the most sensitive metadata in the organization - appointment patterns, treatment categories, billing status, and direct patient contact.


The category that most often resets buyer assumptions is third-party risk.


The February 2024 Change Healthcare attack affected approximately 192.7 million individuals and pushed UnitedHealth Group's costs above $3.1 billion within the year - and the root cause was a single Citrix remote-access portal that lacked multi-factor authentication.


One missing control, at one vendor, became the most expensive cyber event in healthcare history.


That pattern is not isolated.


The 2025 Data Breach Investigations Report found third-party involvement in breaches doubled from 15% to 30% in a single year, and healthcare absorbed a disproportionate share of those incidents.


Every business associate agreement is therefore both an audit obligation and a notification dependency, which is a structural reason to consolidate from many texting vendors to fewer certified ones.


The compliance overlay on patient texting is also dense.


HIPAA tier-four penalties for willful neglect now exceed two million dollars per violation, but TCPA exposure can dwarf those numbers - five hundred dollars per violation, fifteen hundred per willful violation, with no statutory cap, and verdicts that have already crossed nine figures.


The April 2025 FCC consent order also tightened revocation rules so that opt-outs must be honored within ten business days, and a non-compliant healthcare text campaign of even modest size can stack TCPA damages well into the millions before any HIPAA, state privacy, or carrier penalty enters the conversation.


The way to scale vendor risk management against that exposure is to require evidence-grade certifications.


SOC 2 Type 2 controls audited over six to twelve months, paired with HITRUST CSF at i1 or r2, is the enterprise healthcare baseline - adopted broadly across U.S. hospitals and health plans.


Dialog Health operates with SOC II certification under HIPAA, TCPA, CTIA, FCC, SSAE, AICPA, and ASCA frameworks - a compliance posture designed for buyers who treat security as the floor, not the ceiling, of vendor evaluation.


What evidence to require from the vendor before signing


The procurement-grade conversion of all of this is a short set of questions that should be answered with evidence, not assertions.


A demo cannot answer them.


A reference call can confirm them.


The contract has to lock them in.


  • Technical: a committed uptime SLA of at least 99.95% with a 99.99% option for patient-safety workflows, documented multi-region and multi-carrier failover, 98%+ end-to-end deliverability reporting, and 10DLC plus Campaign Registry compliance documentation.

  • Integration: FHIR R4 and SMART-on-FHIR support, certified integrations with every EHR in your current footprint, multi-tenant architecture with logical isolation by site, department, and role, and documented onboarding timelines for new sites measured in weeks rather than months.

  • Use case: a single platform that supports appointment reminders, recalls and care-gap closure, no-show recovery, digital intake, surveys, broadcast and emergency communication, two-way clinical and staff messaging, billing and payment outreach, and post-discharge follow-up - in production today, not promised on a roadmap.

  • Financial: explicit pricing modeling at 10× current volume, a flat-ACV or PMPM structure rather than pure per-message, itemized carrier pass-through fee handling, a contractual annual escalator cap, fixed-fee milestone-based implementation, and a three-year TCO model that includes integration, training, ongoing FTE, and exit and migration costs.

  • Security and compliance: an unqualified SOC 2 Type 2 report less than 12 months old, HITRUST i1 or r2 certification, a signed BAA before any PHI flows, MFA enforced at the identity-provider layer, AES-256 at rest and TLS 1.2+ in transit, and 6-year audit-log retention with export.

  • TCPA-specific: timestamped consent capture, automated STOP processing within 10 business days, an opt-out audit trail, and template-level governance for treatment-related messaging under the FCC healthcare exemption.

  • Contract: a documented sub-processor inventory with their own certifications, a BAA with vendor breach-notification within 24 to 72 hours rather than the HIPAA 60-day maximum, and contractual data portability and exit assistance.


Walk through your scalability requirements with the team that built for them


You've just walked through five dimensions of scalability and the evidence required before signing.


Dialog Health was purpose-built for that bar - Tier-1 carrier connectivity, eight full EHR integrations, SOC II compliance, and multi-language outreach across patient and staff workflows.


Clients have used the platform for 380% response-rate lifts, 82% readmission reductions, and 70% workflow consolidation in their EDs.


Fill out this quick form and one of our healthcare communication experts will reach out to schedule a brief 15-minute video call at your convenience.


We've done this hundreds of times with health systems like yours - no pressure, just answers to the questions you're already asking.

bottom of page