[0point692]

You could look at this from a couple of angles. From the healthcare business side, it's controlling costs, plus either regulatory compliance or revenue support (e.g., through provider lock-in). From the tech side, it's whether something developed 'in house' can be 'sold' to the private market: the economics about government institutions 'crowding out' private ventures argues that publicly funded innovations should not deny private profit opportunities. In the public sector this is controlled with ethics regulations that prevent organizations (and individuals) from benefiting from that effort: they legally cannot market or sell that work _at all_. With an open-source system, it's (business) risk management and (provider) lock-in concerns. Proprietary systems are used to satisfy both. Safety risks arising from cybersecurity concerns are almost always chained to something already managed by existing processes with an insurer at the end of the line.