Healthcare organizations are increasingly being asked to evaluate, adopt, or oversee artificial intelligence (AI) tools while still operating under tight regulatory scrutiny, staffing constraints, and rising payer expectations. For many leaders, the challenge is not whether AI will play a role in healthcare—it already does—but how to govern its use in a way that supports efficiency without introducing new compliance, documentation, or liability risks. Questions around oversight, transparency, and clinical accountability are becoming more urgent as both federal and state activity accelerates.
Federal activity around AI in healthcare continues to expand, highlighted by a recent Government Accountability Office (GAO) report examining both the promise and risks of AI. The report outlines current applications across diagnostics, clinical decision support, administrative efficiency, and public health surveillance. While it acknowledges potential improvements in outcomes, access, and cost reduction, it also underscores risks tied to data quality, bias, transparency, and oversight. The GAO emphasizes the need for stronger governance frameworks, including accountability for AI-driven decisions, validation and monitoring of systems, and interagency coordination—particularly through the Office of Management and Budget (OMB). Privacy concerns are also central, including risks related to sensitive health data, re-identification, and compliance with federal protections.
In parallel, the Centers for Disease Control and Prevention (CDC) has issued an AI strategy focused on public health modernization. The strategy prioritizes safety, equity, and effectiveness while leveraging AI for disease detection, forecasting, response, and operational efficiency. It also emphasizes workforce readiness, data infrastructure, and ethical safeguards such as transparency and bias mitigation, along with cross-sector collaboration to support responsible implementation at scale.
This evolving landscape is occurring alongside a December 2025 Executive Order aimed at “ensuring a national policy framework for artificial intelligence,” which directs federal agencies to reduce the impact of state laws viewed as overly burdensome or obstructive to a unified national AI strategy. The Order reflects a broader federal priority to promote innovation through a “minimally burdensome” regulatory approach and to avoid what it characterizes as a patchwork of state requirements. To operationalize this, it calls for federal actions, such as challenging certain state laws through litigation, conditioning federal funding, and developing potential preemption frameworks.
While the Executive Order signals a clear federal interest in minimizing state-level barriers, many state-level proposals continue to reflect priorities around patient protection, clinical oversight, and insurance regulation:
• Florida (HB 281 / SB 344): Prohibits the use of AI in providing mental health treatment services while allowing exceptions for administrative tasks such as scheduling, billing, and patient record management. The law permits AI to record or transcribe sessions with prior written consent. (Status: HB 281: 3/13/26 – Died in Health and Programs Subcommittee / SB 344: 3/13/26 – Died Health Policy Committee)
• Iowa (HSB 766): Proposes a licensing framework for AI-augmented and autonomous service providers in clinical settings, including requirements that could apply to virtual or AI-supported care delivery. (Status: 3/24/26 – Subcommittee recommends passage)
• South Carolina (S 443): Mandates that healthcare coverage decisions involving automated decision-making tools using artificial intelligence must be supervised and reviewed by a licensed physician in South Carolina. It specifies that no healthcare coverage decisions can be made solely based on AI tools without this professional oversight. (Status: 3/11/26 – Referred to Committee on Banking and Insurance)
• Washington (HB 2157 / SB 6120): Regulates high-risk AI systems but explicitly excludes certain technologies and entities from its provisions, such as systems used exclusively for research or those complying with specific federal standards. (Status: HR 2157: 2/19/26 – Returned to Rules Committee for second reading. House Rules “x” file / SB 6120: 1/14/26 – First reading, referred to Environment, Energy and Technology Committee)
Additional state activity reflects similar themes, even where formal legislation is still evolving, including transparency requirements, consumer protections, and expectations for human oversight in clinical and coverage decisions across Oregon, Idaho, Montana, Missouri, and Indiana.
As both federal and state policymakers continue to act, the balance between innovation and patient safety will remain central. The variability in requirements—particularly around telehealth, utilization management, and automated decision-making—creates an environment where organizations must be increasingly deliberate in how AI intersects with documentation, coding, and medical necessity review.
For providers and healthcare organizations, these developments reinforce the importance of maintaining clear documentation, ensuring clinician involvement in decision-making, and understanding how emerging AI policies may influence coverage determinations and compliance expectations.
As these requirements continue to evolve, organizations benefit from proactively assessing how AI is being used within their workflows and where oversight gaps may exist. BCA’s audit, education, and consulting services can help organizations evaluate documentation integrity, strengthen compliance alignment, and build sustainable processes that support both innovation and regulatory readiness in this rapidly changing environment.
Connect with an expert today.