HealthSeptember 11, 2025

GenAI in healthcare brings the need for risk policies

African American businessman and doctors using digital tablet
As healthcare professionals increasingly use generative AI tools in administrative work and at the point of care, it’s crucial that leaders implement usage policies to minimize risk to security and patient care.

GenAI has entered the (healthcare) chat

Generative AI (GenAI) has entered the healthcare industry as a transformative tool with the potential to revolutionize clinical decision-making, increase speed-to-answer, and improve health outcomes. Medical students and residents are entering the clinical environment with experience using GenAI tools to get quick clinical responses, and nursing schools are planning to more than double GenAI use in the next 2-3 years.

The main thing clinicians need is more time. A 2022 study found primary care clinicians need an impossible 26.7 hours per day to provide guideline-recommended care. Using GenAI tools at the point of care can help clinicians get faster responses, reduce administrative time, and have more moments to focus on patients. However, currently, these tools can vary from team to team and from clinician to clinician, opening up organizations to variations in care and tool security, setting up challenges to risk mitigation.

How much risk are leaders willing to tolerate when it comes to using nascent AI technology at the point of care? Where is the line between accepting people will use available tools to save time and opening up organizations to security risks?

New tools require new policies

While well-intended, using various free or unsanctioned tools on personal or work devices can introduce risk to an organization. The healthcare industry continues to be a major cybersecurity target, averaging $9.8 million per incident, and a KLAS Research analysis found that asset management was an opening for breaches. The analysis suggests a far more reactive approach than proactive among healthcare organizations.

Leaders are trying to figure out how AI technology fits into policymaking. AI is no longer confined to a couple of major technologies; it’s integrated into administrative tools, analytics, and decision support. The 2024 Healthcare Cyber Security Survey Report from HIMSS highlighted that stronger cybersecurity governance is essential, including in areas involving AI.

Outside of healthcare, many organizations are establishing risk policies for AI. From chatbots to generative content creation to analytics, AI has become commonplace in most organizations and available through various tools. However, some organizational risks include data privacy and security concerns, bias risks, and copyright issues.

A gap between organizational enthusiasm for GenAI and policy preparedness

The 2025 Wolters Kluwer Health Future Ready Healthcare report found stark differences in the enthusiasm for GenAI at healthcare organizations compared to the preparedness policy-wise. Out of respondents, 80% cited “optimizing workflows within departments and across practices” as a top priority, and 63% said they were “prepared” to use GenAI to optimize workflows. However, only 18% were aware of published policies for GenAI use in their organization.

This leads back to the GenAI tools. Without published policies or vetted tools, leaders are opening doors for users to select their own, thereby introducing risk to organizations and also to patient safety and privacy, if used at the point of care. Patient safety can be at risk depending on whether a given tool was purpose-made for healthcare use and whether it references trusted evidence. Additionally, without proper guidance and training, employees may inadvertently expose confidential information by using free GenAI tools.

As with any new technology being introduced in the healthcare setting, effective governance and change management are essential for the successful and safe adoption of Gen AI tools. Healthcare organizations must establish robust methodologies for evaluating, selecting, implementing, and monitoring these tools.
Holly Urban, MD, MBA, Vice President of Strategy, Wolters Kluwer Health

Healthcare organizations are starting to establish risk policies for GenAI

As enterprise-wide tools are increasingly adopted, some organizations are implementing usage rules and processes. The Future Ready Healthcare report found that organizations are starting to publish policies for authorized use of GenAI. Of respondents:

  • 64% had data privacy rules such as adhering to HIPAA or guidelines on data access, storage, and sharing.
  • 55% had transparency about how the GenAI tool was trained and used, along with documentation of limitations and potential biases.
  • 51% had rules addressing ethical implications of GenAI use, such as informed consent regarding using the tools for care.
  • 42% had processes regarding integrating GenAI tools into existing workflows.

As health leaders implement policies and approved tools, supporting employees in change management is essential to successful adoption. The rollout must communicate the benefits to the users—especially if they’re being asked to stop using unsanctioned tools—and how the tool complements the users’ workload. The Future Ready Healthcare report found that only 31% of respondents said there was a clear delineation between clinicians' responsibilities and GenAI tools.

To support organizations creating policies, the American Medical Association created foundational pillars of responsible AI adoption and governance. These include:

  • Establishing executive accountability and structure.
  • Forming a working group to detail priorities, processes, and policies.
  • Assessing current policies.
  • Developing AI policies.
  • Defining project intake, vendor evaluation, and assessment processes.
  • Updating standard planning and implementation processes.
  • Establishing an oversight and monitoring process.
  • Supporting AI organizational readiness.

With the mountain of patients and administrative work in front of them, healthcare professionals will use whatever tools will get them through the day. Good AI governance can help keep organizations aligned in evidence-based tools and provide employees with guidance so they can move through their work efficiently and securely.

The right solution partner makes a difference. Download the UpToDate vision for future-forward healthcare, and explore more GenAI readiness insights from the Future Ready Healthcare report.

Download the whitepaper

Solutions
UpToDate Enterprise Edition
Comprehensive clinical decision support designed for modern healthcare systems
Learn More
Unify care teams and administrators with leading expert content and innovative features like analytics and Clinical Generative AI.
Contact Us

Related Insights

  • Article
    Health
    September 09, 2025

    Key insights from NACDS Total Store Expo 2025

    At NACDS TSE: Industry leaders discussed increasing pharmacy revenue, efficiency, provider status, and investing in community healthcare.
    Learn More
  • Article
    Health
    September 09, 2025

    Redefining pharmacy leadership: Driving innovation in patient care and system efficiency

    Pharmacy leaders revolutionize healthcare by improving patient outcomes, streamlining operations, and advancing value-based care.
    Learn More
  • Article
    Health
    September 08, 2025

    A generational shift in the clinical workforce and decision-making

    The intersection of innovation, generational workforce shifts, and the emergence of GenAI is driving a new era of clinical information retrieval.
    Learn More
  • Article
    Health
    September 05, 2025

    Opportunities in innovation: The role of the pharmacist is evolving along with their industry and tools

    Healthcare technology innovation can help pharmacists expand patient care services and, enabling them to use their advanced professional skillset.
    Learn More
Back To Top