AI in Healthcare Offers New Opportunities; Privacy and Compliance Expectations Remain

Digital healthcare AI interface with medical data and security graphics representing artificial intelligence, HIPAA compliance, and healthcare privacy protections
PYA Insights

Executive Contacts

Miriam Murray - Headshot
Miriam Murray - Email Miriam Murray - Phone Call Miriam Murray - LinkedIn
Miriam Murray
Erin Walker - Headshot
Erin Walker - Email Erin Walker - Phone Call Erin Walker - LinkedIn
Erin Walker

Related Services

Artificial intelligence (AI) is bringing efficiencies and convenience to healthcare, but HIPAA expectations remain constant. As healthcare organizations manage the integration of AI, they “must remain cognizant of the potential privacy risks and violations associated with AI platforms’ use of [protected health information],” state two of PYA’s thought leaders, Senior Manager Miriam Murray and Manager Erin Walker.

In May, Murray and Walker published an article, “Privacy Under Pressure: Challenges in the Age of AI,” in the Health Care Compliance Association’s Compliance Today magazine. They discuss AI in healthcare in depth, including regulatory requirements and safeguarding strategies, such as

  • Develop an inventory
  • Conduct risk assessments
  • Limit access
  • Implement system safeguards
  • Conduct regular training
  • Continually monitor systems
  • Establish response plans
  • Tighten agreements
  • Understand third-party practices

The authors write:

“While the ability to process vast amounts of information drives innovation, it simultaneously heightens privacy risks, making it imperative for healthcare organizations and their [business associates] to implement adaptive privacy and security programs designed to anticipate and mitigate AI-specific vulnerabilities. While in this new frontier, organizations must continue to ensure that AI tools do not circumvent established privacy protections, such as the ‘minimum necessary’ standard for data use and disclosure….”

Murray and Walker urge healthcare organizations to establish AI governance committees to develop transparent guidelines for the use of AI, which helps maintain trust with patients and regulators. Governance could include

  • Risk assessment policies
  • Technical safeguards
  • Third-party vendor management policies
  • Training and education
  • Reporting procedures
  • Auditing and monitoring procedures

The full article is available to HCCA members, or download a PDF of the article here.

SCCE & HCCA is a member-based association with more than 19,000 members worldwide. The organization promotes high standards in compliance and ethics programs through knowledge-rich educational opportunities.

Learn about PYA’s Healthcare Technology and Cybersecurity services and our Revenue Integrity services.

With decades of experience, PYA consultants advise clients on healthcare AI and data security, regulatory compliance, and other matters related to healthcare operations and strategy.

 

Related Insights

View All Insights
Magnifying glass examining AI symbol with check and X icons representing oversight and risk evaluation of AI tools New Webinar: “Managing AI Tools: Oversight, Risk, and Compliance in Practice”
AI in healthcare—PYA guidance on risks and mitigation AI in Healthcare: PYA Addresses Risks and Mitigation
Smart glasses worn by a man, representing wearable technology in healthcare settings Trending Technologies and Healthcare Benefits and Compliance Risks: Focus on Smart Glasses
Healthcare compliance expert discussing data-driven fraud enforcement trends in 2026 PYA Nationally Renowned Healthcare Compliance Expert Shares Insights, Advice about Data-Driven Enforcement in 2026
AI-Enabled Medical Devices: FDA Draft Guidance and Cybersecurity Webinar | PYA On-Demand Webinar: “AI-Enabled Medical Devices: New FDA Draft Guidance and Cybersecurity Insights”
PYA
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.