My life the last 3 years...--FOSS HEALTHCARE IT & LIABILITY DRAGONS--TLD

1. My life the last 3 years...
2.  
3. --FOSS HEALTHCARE IT & LIABILITY DRAGONS--
4.  
5. TLDR: FOSS vendors *would* make money hand over fist, but have your $100 million umbrella policy ready for defect liability.
6.  
7. FDA and hospitals treat IT software, like an OpenEMR, very similar (slightly relaxed) to x-ray machine(s) or pacemaker. Why? Because when (not if) OpenEMR loses patient info like allergy info it could be fatal. Period.
8.  
9. Consequently, someone must own the defect liability for the following risks:
10. * The cost of a FDA Class I/II product recalls for life threatening bugs.
11. * Lawsuits from hospitals and patient injuries.
12. * Potential jail time for cases of engineering negligence.
13.  
14. Hospitals treat "transferring liability to a 3rd party" as a required feature alongside the rest of the technical solution they are considering. Moreover, they will pay 7+ figures for a solution.
15.  
16. Here lies the rub and resulting hurdle for FOSS...
17.  
18. FOSS vendors typically only accept contractual liability for misconfiguration. And only misconfiguration provable by the documentation. They refuse to accept liability of product defects (listed earlier). As a result, hospitals turn down FOSS vendors because the vendor will not assume that kind of defect liability.
19.  
20. Now personally as a patient I am glad that these kinds of liabilities exist to protect me as a patient. However, as an engineer, it is difficult to see how a 100% FOSS solution is adopted in a hospital setting. Especially as more and more hospitals try to reduce the custom in-house implementations in favor of paying millions of dollars to reduce their liability.