Scripting

I ended up re-writing the query to simplify it and resolve an issue where it was counting needed patches inaccurately:

SELECT M.NAME, OS_NAME,
SUM(MS.PATCH_INSTALLED) as 'Installed',
SUM(MS.PATCH_APPLICABLE) as 'Needed',
GROUP_CONCAT(IF(DETECT_STATUS = 'NOTPATCHED', TITLE, null)) AS 'Needed Patches',
FLOOR(ROUND((SUM(PATCH_INSTALLED) / COUNT(MS.PATCH_ID)) * 100,1)) AS PERCENT_PATCHED
FROM ORG1.PATCH_MACHINE_STATUS MS
JOIN KBSYS.PATCH PP ON (PP.ID = MS.PATCH_ID)
JOIN PATCH_STATUS PPS ON (PPS.PATCH_ID = PP.ID)
JOIN MACHINE M ON (M.ID = MS.MACHINE_ID)
WHERE
PPS.STATUS = 0
AND PPS.IS_SUPERCEDED = 0
AND YEAR(PP.CREATION_DATE) = YEAR(NOW())
GROUP BY M.ID
ORDER BY M.NAME

Some notes on the changes:

• I'm using the PATCH_INSTALLED and PATCH_APPLICABLE columns instead of conditional sums. In my testing those columns equate to the patch being installed or not installed.
• The conditional group_concat is the answer to your original question.
• I simplified the percent patched column.
• I removed joins you weren't using in your query. If you want to limit this by label those two tables will need to be added again.
• You were checking if the patch is superceded in both the global (KBSYS) and organization tables. I removed the KBSYS check to make the query organization specific and non-redundant.
• I changed the criteria for the patch creation date to be relative instead of hard coded to 2020.

Let me know if that works for you.