TTA has an open invitation to industry leaders to contribute to our Perspectives non-promotional opinion and thought leadership area. Today’s topic concerns how unapproved ‘off the books’ AI tools, also known as ‘shadow AI’, are becoming widespread in healthcare organizations. Difficult to track, they may save an individual’s valuable time but open the organization to data breaches and misuse of private data. The author, Errol Weiss, is chief security officer of Health-ISAC (Health Information Sharing and Analysis Center). His information security experience includes the NSA and senior positions at Citigroup and Bank of America. Health-ISAC is a non-profit organization based in Orlando, Florida that is dedicated to protecting the global health sector from cyber and physical threats through real-time alerts, collaboration, and usable intelligence.

Ask a hospital executive how their AI adoption is progressing, and you’ll hear about pilot programs, governance committees, and carefully vetted vendor deployments.

While illustrative, that answer is incomplete because most healthcare organizations have little visibility into how much AI is actually being used without approval. Clinical staff, administrators, and operations teams are independently adopting AI tools to draft documentation, optimize scheduling, assist with coding, and communicate with patients without waiting for approval.

There’s little point in blaming them: With technology advancing at a breakneck pace, today’s state-of-the-art will be obsolete next month. Who has the time to wait for months-long review processes?

For at least the past 40 years, whenever employees found IT’s procurement bureaucracy too slow, they simply implemented or signed up for software or cloud services by sidetracking corporate procedures and got on with their work. This is known as “shadow IT”, and organizations have come up with entire playbooks and best practices to limit its effects.

But its successor, “shadow AI”, requires a different approach simply because this new revolution in technology doesn’t work the same way as most software does. It doesn’t help that shadow AI usage is already widespread: A December 2025 Wolters Kluwer survey of more than 500 healthcare professionals found that 40 percent had encountered unauthorized AI tools in their workplace, nearly one in five admitted to using them, and one in ten had used an unauthorized tool for direct patient care.

Why governance keeps losing the race

The fact is, the people using these tools are behaving rationally. Healthcare staff operate under continuous and heavy workloads, so if a tool cuts a two-hour documentation task to 40 minutes, you’re fighting a losing battle if you expect employees to ignore the benefits of AI. Per the Wolters Kluwer data, half of those using unapproved tools cited faster workflows as their primary reason, and a quarter pointed to better functionality than anything their employer had sanctioned.

Meanwhile, the institutional approval machinery moves at its own pace. Enterprise approval channels were designed for software whose deployment cycles took quarters, and accounted for contracts, security reviews, and integration planning. A consumer AI tool requires a browser and an email address.

This is harder to contain than shadow IT ever was

Shadow IT, for all its headaches, could at least be tracked. An employee signing up for an unapproved file-sharing service needed to create an account and upload a file, leaving a trail security teams could identify and act on. Network telemetry and endpoint management tools like EDR could be used to track data stored on shadow IT devices. The behavior looked similar for most tools, so organizations eventually built the muscle to spot it. 

In contrast, AI tools encourage different user behavior because they work differently — the user interface is more conversational, dynamic and useful in different ways. Staff who would never think to upload a patient’s file to a third-party service may not feel so hesitant about typing a patient’s diagnosis into a chatbot because it doesn’t register as a data transfer; it registers as asking for help.

Regardless, the compliance risk and data exposure are similar. When information about a patient is uploaded to an AI model not constrained by a contractual agreement, the organization has no control over where that data is sent, how long it is stored, and whether it will be used to train future tools and AI models. There is no file to retrieve and no audit trail to close.

The costs are real: IBM’s most recent breach research found that shadow AI added an average of $670,000 to breach costs, and healthcare already carries the highest breach costs of any sector.

Govern the current instead of damming it

What can leaders do to keep shadow AI usage under control? One obvious answer is to flat-out ban such tools, but the problem with doing that without offering alternatives is that employees will find other ways to use them. It also turns compliance teams and clinical staff into adversaries, which is the exact opposite of what an organization wants to accomplish.

It’s more useful and realistic to establish a governance framework that gives this energy a sanctioned channel. Here are a few steps to consider:

• First, get the lay of the land. Map where and how much shadow AI your organization has.
• Next, build a process that lets clinical and administrative teams submit AI tools for review and receive a decision much faster — think days, not weeks.
• Pair this with a clear policy definition of shadow AI, and educate your employees on why a consumer chatbot and an approved enterprise tool are not interchangeable.

Vendors and contractors are a part of this problem, too. They move through many hospital workflows and touch patient data, leaving the hospital organization to own the compliance exposure regardless of whose employee created it. Vendor assessments and contracts must change to account for how AI tools affect end-user behavior and control what data leaves your supply chain.

Thankfully, no organization needs to solve all these problems alone. Through information-sharing communities, security teams can compare and share notes on how their peers are detecting unsanctioned AI use, and which governance models hold up under real conditions.

Shadow AI grows because there’s a gap between what staff need and what the organization provides. That gap widens every month that governance stands still. Leaders must act now to shape the gap. Those who wait will eventually be mapping it from breach forensics instead.