Healthcare is buying and using AI faster than it is putting rules around it. In 2026, that gap means more privacy risk, more patient safety risk, and more vendor risk.
Here’s the short version:
- 75% of U.S. health systems use at least one AI tool
- 50% use three or more
- But only 16% have an enterprise-wide AI governance plan
- 20% of healthcare organizations had a breach tied to shadow AI in 2025
- Only 30% had a central AI inventory in early 2026
If I had to boil the article down to one point, it’s this: AI oversight in healthcare is still too fragmented for how these tools are being used today. Privacy, billing, documentation, clinical support, and vendor software are all being affected at once, while ownership is often split across IT, legal, compliance, and clinical teams.
Here’s where the pressure shows up first:
- Shadow AI: staff use public tools for notes, summaries, and messages
- Clinical AI: outputs can shape diagnosis, treatment, coding, or reimbursement
- Vendor AI: software updates can change AI behavior with little visibility
- Rule gaps: HIPAA, FDA, CMS, and state laws each cover only part of the problem
- Weak monitoring: many teams review tools before launch, but not enough after go-live
What should healthcare leaders do now?
- Build one AI inventory
- Rank tools by patient, privacy, and billing risk
- Assign one named owner for each tool
- Put human review around high-risk uses
- Track drift, overrides, outputs, and vendor changes
- Review contracts for AI update rights, retraining limits, and liability
A simple way to think about it: if a tool can touch PHI, care decisions, or claims, it needs tighter review than a basic admin tool. And if no one owns it, no one is watching it.
The article makes one thing clear: buying AI is the easy part. Running it safely inside a health system is the hard part.
Healthcare AI Adoption vs. Governance Gap: Key Stats 2025–2026
Healthcare AI Governance - Risks, Compliance, and Frameworks Explained
Effective oversight requires managing third-party AI risk to protect patient data and safety.
sbb-itb-535baee
Where Healthcare Governance Is Falling Behind AI Use
The gap is already showing up in three areas: shadow AI, clinical decision support, and vendor software. It usually starts on the front lines, moves into bedside decisions, and then spreads into systems run by outside vendors.
Shadow AI and Generative AI in Clinical Workflows
When teams are stretched thin, people look for the fastest way to get work done. That’s why shadow AI is showing up in healthcare. 86% of healthcare IT executives have reported instances of shadow IT within their systems [5], and 20% of healthcare organizations suffered a data breach specifically tied to shadow AI in 2025 [5].
Clinicians and admin staff are using public generative AI tools to draft notes, summarize records, and reply to patient messages. The appeal is obvious: these tools save time. But they also slip past IT review and logging. On top of that, many employees don’t even know the rules. Only 18% of healthcare professionals are aware of formal organizational policies governing generative AI use [4].
The main issue isn’t careless behavior. It’s a mismatch between the approved tech stack and what frontline staff need in the moment. Once PHI is entered into an unvetted tool, the organization no longer controls where that data goes, how it’s used, or whether it could be exposed outside the enterprise.
Automated Decision Support and Patient Safety Risks
Once AI shifts from drafting content to making recommendations, the risk changes. Privacy is still part of the picture, but patient safety moves to the center.
AI-driven decision support tools - such as risk scoring, diagnostic suggestions, and workflow prioritization - are only as safe as the review around them. The danger is simple: errors get missed when clinicians don’t have time to check outputs closely. If a clinician accepts an AI-generated note or coding suggestion without meaningful review, the organization can face both clinical and compliance exposure.
There’s another problem here too. Post-deployment reviews are rare, which means model drift can pass unnoticed. A tool may look fine at launch and then slowly drift off course while still being treated like it’s reliable.
Vendor AI Tools and Third-Party Accountability Gaps
The same weak spot shows up in third-party software. A lot of healthcare AI doesn’t arrive through internal procurement at all. It comes bundled inside vendor products.
Many vendor agreements were written before AI features became common. So a vendor may roll out expanded AI-enabled functions through product updates while the healthcare organization has only limited visibility into data use, model changes, and downstream vendor dependencies [6].
Epic's AI Charting tool, adopted by seven health systems on day one, shows how fast vendor AI can reach the EHR and create upcoding risk without documented human review [7].
Why Existing Oversight Is Not Keeping Up
The issue isn't only weak policy. It's also that healthcare AI now touches too many tools, teams, and workflows for any single oversight system to handle. AI in healthcare is moving faster than the rules meant to govern it, and those rules are split across agencies, programs, and states.
A Patchwork of FDA, HIPAA, CMS, and State Requirements
In the U.S., healthcare AI is governed by overlapping rules, not one shared framework. Each layer covers part of the problem. The gaps sit in the spaces between them.
| Oversight Layer | What It Covers | Key Limitation |
|---|---|---|
| FDA | Certain AI-enabled software and device-related use cases | Does not cover all AI workflows in health systems |
| HIPAA | PHI privacy and security | Does not govern model behavior, drift, or post-deployment performance |
| CMS | Payment, coverage, and program integrity | Not a full AI safety framework |
| State laws | Disclosure, oversight, and emerging AI obligations | Patchwork rules, uneven across states |
HIPAA protects PHI, but it does not govern model behavior, drift, or post-deployment performance.
State rules are moving faster, but they don't line up neatly. By March 2026, more than 250 AI-related bills had been introduced across 47 states [2]. Texas, California, and Colorado were among the states adding disclosure and governance requirements for AI in clinical decisions by June 2026 [3]. That sounds like progress, and in some ways it is. But disclosure rules don't run day-to-day operations.
So even when new rules show up, health systems still need internal controls to turn those requirements into actual steps.
Voluntary Frameworks Help, but They Do Not Run Operations
NIST AI RMF gives organizations a way to think about risk. That's useful. But it does not set risk tolerance, assign approvals, or monitor models over time. It does not name owners, enforce policy, or keep watch over tools in use.
More than half of U.S. health systems were already deploying AI across clinical and operational workflows - often before formal regulatory guidance was even in place [2]. Only 16% had an enterprise-wide AI governance strategy [5]. In plain English, many teams were already using AI while still figuring out who was supposed to manage it.
That leaves healthcare leaders to build the operating model themselves.
Fragmented Ownership Creates Blind Spots
AI governance is often split across legal, compliance, IT, procurement, and clinical teams. The result is simple: no one owns the full lifecycle. No single team handles intake, approval, monitoring, incident response, and retirement from start to finish.
Here's where that turns into risk. A vendor updates a model. A clinical team starts using a tool in a new way. Output quality slips over time. Who catches it? Who decides whether the issue needs escalation? In many organizations, the answer is fuzzy. And when ownership is fuzzy, blind spots show up fast.
Closing those gaps takes more than policy language. It takes a governance model with clear decision rights, an AI inventory, and continuous monitoring.
What Effective AI Governance Should Include
To close the gaps around shadow AI, vendor tools, and automated decision support, governance has to move from policy to day-to-day practice. It needs clear ownership, a full inventory, and controls that can stand up in clinical settings. Put simply, governance has to show up everywhere risk shows up: in clinical workflows, vendor products, and day-to-day monitoring.
A Cross-Functional Governance Model with Clear Decision Rights
A governance committee only works when the right people are involved and each person knows exactly what they own. Clinical leadership, IT, cybersecurity, privacy, compliance, legal, risk management, and procurement all need a seat at the table. And those groups need clear decision rights before any tool goes live.
| Governance Role | Primary Responsibility in AI Oversight |
|---|---|
| Clinical Leadership | Validates clinical accuracy, safety, and human review |
| Cybersecurity/IT | Manages shadow AI discovery, runtime controls, and API security |
| Privacy/Compliance | Ensures HIPAA and PHI handling, BAA review, and audit trail integrity |
| Legal/Procurement | Manages vendor liability, data-use rights, and AI-specific contract terms |
| Named Tool Owner | Accountable for a specific tool's performance, drift monitoring, and escalation |
Every AI tool needs one named owner. That person is on the hook for performance, validation, and escalation. For high-risk use cases that affect diagnosis, treatment, or reimbursement, executive oversight is also needed.
AI Inventory, Classification, and Lifecycle Controls
A central AI inventory is the starting point. Yet only 30% of healthcare organizations had one in early 2026 [8]. Without it, an organization can't see where risk is already in motion.
That inventory should include all AI systems: internal tools, AI built into vendor platforms, and shadow AI found through network monitoring. Once that list is in place, leaders can sort tools by risk and match controls to that risk.
High-risk tools, such as those that influence diagnosis, treatment decisions, coding, or reimbursement denials, need:
- Human review
- Continuous bias monitoring
- Inference-level logging
Lower-risk administrative tools still need security review and vendor monitoring, but the control set can be lighter.
Governance also can't stop at launch. Model drift can chip away at performance over time. For any high-risk AI system, monthly monitoring against the launch baseline, plus annual risk reassessments, should be treated as the minimum bar.
Security, Privacy, and Vendor Controls Built for AI
Standard security controls were not built for the way AI systems behave. Healthcare organizations need controls that deal with prompts, APIs, and the vendor relationship itself.
On the security and privacy side, that means access controls, encryption, audit logging, data minimization, and prompt and API safeguards that inspect inputs and outputs in real time. The 2026 HIPAA Security Rule puts AI systems that handle ePHI squarely in scope [3]. So logs of prompts, outputs, model version, and user identity are not just nice to have. They're a compliance requirement.
Vendor AI also has to be governed as part of the supply chain, not treated like some separate IT problem. BAAs should be audited for AI update rights, liability tied to AI outputs, and limits on retraining. The Kaiser Permanente settlement shows what can happen when automated coding runs without clinical traceability or human review [1].
With that control model in place, leaders can start where the risk is highest.
Practical Steps Healthcare Leaders Can Take Now
Once governance roles are clear, the next move is execution. And it has to happen fast. AI is already showing up in clinical systems and vendor workflows, so leaders need visibility before they can expect control.
Start with High-Risk Use Cases and Baseline Controls
The first 30 days should focus on visibility. Build one central inventory that covers sanctioned tools, pilots already in motion, vendor AI features, and shadow AI found through audit trails.
Then move from visibility to control. Classify each tool and monitor it based on risk. The highest-risk use cases usually include patient-facing chatbots, clinical decision support, and AI-driven billing or coding. For those tools, baseline controls should include:
- No unmanaged public AI use for PHI
- One named owner and one escalation path for each tool
- Real-time PHI filters
| Action | Timeline | Owner |
|---|---|---|
| Centralized AI inventory | Days 1–30 | CIO / CISO |
| Classify tools by patient, billing, and operational risk | Days 31–60 | Chief AI Officer / Compliance |
| Named ownership and escalation paths | Days 61–90 | Operational Executives |
| Real-time PHI filters | Days 61–90 | CISO / IT Security |
| Vendor contract AI-lens review | Days 61–90 | Legal / Procurement |
Standardize Assessment and Continuous Monitoring
Approval alone doesn't solve the problem. AI oversight has to continue after go-live.
A pre-deployment review gives you a snapshot. That's useful, but it's still just a moment in time. At go-live, teams should set a documented performance baseline. After that, they need to track drift, override rates, and output quality every month for routine tools, and more often for clinical decision support, since changes can affect patient safety, coding accuracy, and reimbursement [3].
If those metrics shift, reassessment should start right away.
Human review matters too, but only if it's real. If a workflow pushes clinicians to approve AI output in a few seconds, without time to look at it closely, that isn't meaningful oversight. It's box-checking.
Use Censinet to Scale AI Governance and Vendor Risk Management
At scale, spreadsheets and manual tracking start to crack. Vendor AI needs the same third-party vendor risk management discipline as internal tools.
Censinet RiskOps™ supports standardized enterprise and third-party AI risk assessments and automates workflows across the organization. Censinet AI standardizes third-party AI risk assessment by enabling vendors to complete security questionnaires in seconds, automatically summarizing vendor evidence and documentation, capturing integration details and fourth-party dependencies, and writing risk summary reports based on all relevant assessment data. That gives teams one place for intake, review, routing, and tracking. Automation helps move the work along, while human review keeps the calls that matter most with risk teams [8].
FAQs
What counts as AI governance in healthcare?
In healthcare, AI governance is the organization-wide process for managing the full lifecycle of AI tools, along with the risk and accountability that come with them. It’s more than a one-time policy on paper. It’s active oversight that helps keep AI use in line with security, compliance, and patient safety standards.
That work usually covers a few core areas: inventory and classification, cross-functional oversight, traceability and documentation, post-deployment monitoring, human review for high-risk decisions, and AI-specific contract controls for vendors.
Which healthcare AI use cases carry the most risk?
The highest-risk healthcare AI use cases are the ones tied directly to clinical or operational outcomes. When these systems get something wrong, the fallout can be serious: patient harm, compliance trouble, or regulatory liability.
That group includes diagnosis, treatment decisions, medical coding, reimbursement, and consent documentation.
Patient-facing AI tools that give recommendations carry a high level of risk too, especially when they start to blur the line between automated help and licensed medical care. That’s where things can get messy fast.
For those use cases, human-in-the-loop review isn’t optional. Teams also need audit trails and close, ongoing monitoring.
How can health systems control vendor AI changes?
Treat AI like a living product, not a one-time buy. That means using vendor risk management built for AI, with clear checks for data lineage, bias testing results, and incident response plans.
Contracts should also spell out change control plans and require notice when new features roll out or existing functionality expands. On top of that, health systems should keep an inventory of AI tools, require a Business Associate Agreement (BAA) when protected health information is involved, and keep watching for model drift or unauthorized updates.
