AEP-Locked Healthcare CX Evaluator — Deepen, Supplement, or Replace Advisory

When a healthcare organization matches archetype.aep-locked-healthcare-cx-evaluator — AEP incumbent, Snowflake CDW, VP Engineering RACI-Accountable, HIPAA data-residency constraint, CX primary goal — the evaluation question is not "which CDP should we buy" but "given what we have, what's the smallest architectural change that closes the documented gap."

Why three paths exist. The evaluation trigger for this archetype is almost never "AEP is completely wrong" — it is usually one of four precipitating events (contract renewal, post-acquisition unification, compliance audit, or Snowflake-first data science team questioning AEP's role). Each trigger maps to a different gap type, and each gap type has a different appropriate response.

Path 1 — Maximize AEP on Snowflake. AEP Healthcare and Life Sciences (HLS) cloud and the AEP–Snowflake zero-copy integration are the stay-and-optimize tools. The correct question to ask first: "Has the HLS shield been fully configured, and is the Snowflake zero-copy sync enabling the data science team's access patterns?" Most evaluations that reach a serious vendor-replacement conversation have not fully activated these capabilities.

Path 2 — Supplement with Hightouch. vendor.hightouch holds a HIPAA BAA and offers Snowflake-native activation (no data movement outside the BAA boundary). Adding Hightouch as an activation layer does not displace AEP as the profile store — it reduces the activation lag for CX use cases that AEP's native connectors cannot handle at intra-session latency. This path's decision criterion is whether AEP's activation speed or connector flexibility is the documented gap rather than the underlying data model.

Path 3 — Evaluate Amperity. vendor.amperity (Lakehouse CDP, HIPAA BAA, Snowflake zero-copy, Stitch identity resolution) is architecturally suited to healthcare organizations with fragmented patient identity across Epic, Cerner, and Salesforce Health Cloud — the identity resolution problem that AEP's generalist data model struggles with in multi-EHR environments. Path 3 is only appropriate when the gap analysis explicitly identifies identity resolution quality as the root cause.

What this recommendation does NOT do. It does not recommend replacing AEP without a documented gap analysis. Switching cost is real. An evaluation that begins from "AEP is expensive" without identifying a specific capability gap that AEP cannot close will arrive at Path 1 or Path 2 as the correct answer in most cases.

2026 Security Rule vendor-diligence step (all three paths)

The HIPAA Security Rule 2026 overhaul (compliance deadline ~September 2026) adds obligations that apply regardless of which path is selected:

• Annual written vendor verification. The covered entity must obtain annual written confirmation from each business associate — including every CDP, CDW, and activation vendor in the stack — that required technical safeguards are implemented. For this archetype: request annual verification documentation from AEP/Adobe (Path 1), Hightouch (Path 2), or Amperity (Path 3) before or at contract execution. Update BAA language to include this obligation.
• 72-hour RTO. All ePHI-handling components must be restorable within 72 hours. Confirm vendor RTO SLA for the ePHI-handling layers in each path.
• Annual pen testing and biannual vulnerability scanning. Confirm each vendor's scheduled security testing programs. This is particularly relevant for VP Engineering evaluators who bear accountability for the security posture of the full data stack.

These obligations do not change the relative scoring of the three paths. They add a vendor-diligence step that VP Engineering must complete before deployment, regardless of path selection. See constraint.hipaa-security-rule-2026 v2 for the complete requirement set.