Healthcare AI governance breaks down after go-live: IT leaders

ILLINOIS, UNITED STATES — Three in four United States health systems are already running artificial intelligence (AI) — but fewer than one in five have the governance structures to manage it.

According to a thought leadership article from Healthcare IT Today, the gap between deployment speed and oversight capacity is now a documented structural failure, not a planning oversight.

Pooja Walia and Rajat Rawal, who wrote the article, are both IT professionals and technology leaders that support healthcare organizations.

AI adoption outpaces health system governance

According to a February 2026 survey of 120 health systems by Eliciting Insights, 75% have implemented or plan to implement AI solutions — a 27% year-over-year increase. Only 18% have established mature AI governance, defined as a documented strategy paired with a formal governance group.

“Health systems are embracing AI to address workforce constraints and financial pressures, moving beyond pilots into strategic deployment,” said Trish Rivard, CEO of Eliciting Insights.

Meanwhile, 42% of health systems lack both a governance strategy and the organizational structures to enforce one — meaning nearly half are operating AI tools with no formal accountability framework in place.

Ambient documentation tools are live in exam rooms, revenue cycle models are running on live claims, and clinical decision support is embedded across specialties.

The tools are deployed. The governance is not.

Vendor reliance signals a governance crisis

The governance gap has a default resolution — and health systems are using it. Seventy percent of programs without mature governance rely on vendors to define how AI is used, according to HFMA data.

Thirty-five percent have no formal AI data policy. Meanwhile, organizations running three or more AI tools simultaneously grew 67% year over year — compounding the oversight risk with every new deployment.

The HFMA/Eliciting Insights Health System Readiness report concluded that “health systems are investing in AI solutions before establishing internal governance, data policies, or adequate resources for responsible operation.”

The regulatory environment is tightening: a 2026 HIPAA Security Rule overhaul brings AI systems handling protected health information into explicit scope. Revised FDA Clinical Decision Support Software guidance published in January 2026 narrows the exemptions that previously shielded deployed AI tools from oversight requirements.

When vendors define AI usage rules, health systems cede control of the governance function — and the liability that comes with it. As AI deployments scale, the oversight absence compounds.

For healthcare outsourcing providers supporting compliance, coding, revenue cycle management, and clinical documentation, the governance gap is an operational opening.

The opening is sharpest in revenue cycle management — where AI-generated outputs require continuous monitoring that most health systems cannot staff internally.

Health systems that cannot build internal AI oversight can source it — through partners who specialize in monitoring AI-generated outputs, validating model performance, and maintaining audit trails across clinical and administrative workflows.

AI is live. Accountability for what it does next is still up for grabs.