AI Governance for Small Medical Practices: 5 Numbers Define the Gap

Picture a nurse at a 14-person family practice. She opens ChatGPT and pastes in a discharge summary, hoping to soften the wording for a patient whose English is limited. She deletes the patient's name first, figuring that covers it. It doesn't. The address, date of birth, medication list, and referring physician all go along for the ride.

She isn't being reckless. She's doing exactly what 71% of healthcare workers were doing in 2025, according to Netskope, and the AI-use policy her practice almost certainly doesn't have wouldn't have stopped her anyway.

Here is the trap small practices are walking into. By 2026, every regulator that touches healthcare writes its rules as though you already have AI governance in place. The proposed HIPAA Security Rule update from January 2025 expects AI tools to show up in your formal risk analysis. Texas TRAIGA went live on January 1, 2026. The Joint Commission and the Coalition for Health AI are assembling a voluntary certification program that will eventually reach more than 22,000 accredited organizations. Almost no small practice has any of this, and almost every product built to provide it is priced for a hospital system.

The five numbers below measure the size of that gap. The framework after them is how a practice with twelve employees actually closes it.

1. 81%: How Many Physicians Now Use AI in Practice

When: Survey waves August 2023, November 2024, and early 2026 Source: AMA Augmented Intelligence Research survey What changed: AI use in medical practice has more than doubled in three years

The American Medical Association has run its physician AI survey three times now. The 2023 wave found 38% of physicians using AI in their practice. The November 2024 wave found 66%. The 2026 wave, released in March, found 81%.

Use cases per physician roughly doubled too, from 1.1 in 2023 to 2.3 in 2026: billing-code documentation, research summaries, draft discharge instructions, translation, assistive diagnosis. The applications are multiplying faster than anyone is building governance around them.

The numbers also capture a contradiction. Data privacy was the top concern in the 2024 survey, where 84% of physicians wanted stronger data-privacy assurances before adopting further (alongside 87% who wanted a designated feedback channel and 84% who wanted EHR integration). Yet adoption kept climbing regardless. Physicians are using these tools daily while quietly doubting that their own organization handles the data properly, and that mismatch between behavior and trust is the whole problem.

What this means in practice: AI use in medicine isn't an emerging trend anymore, it's the baseline. The real variable between practices isn't whether staff use AI, it's whether anyone has thought about how. By the 2026 numbers, the practice that has formalized nothing is now the outlier rather than the norm.

2. 71%: Healthcare Workers Still Using Personal AI Accounts with Patient Data

Netskope Threat Labs reported this one in May 2025, and HIPAA Journal summarized it: even after organizations roll out sanctioned AI tools, most healthcare workers keep reaching for personal accounts anyway.

The underlying survey spanned healthcare organizations of every size. Among them, 88% had folded cloud-based generative AI into operations, 98% used apps with some genAI feature baked in, and 96% used apps that train on user data. A notable 43% were already experimenting with running genAI infrastructure locally.

Against that backdrop, 71% of healthcare workers were still using personal AI accounts for work. That was down from 87% the year before, as more organizations stood up internal tools, but a clear majority stayed on consumer accounts. The usual pattern is mundane: a worker uses the approved tool for some tasks and quietly switches to ChatGPT or Gemini for others, because the consumer interface is faster, less locked-down, and already open in another tab.

This "shadow AI" behavior is well-documented in healthcare specifically. As Chris Bevil put it on the MGMA Insights podcast: "When using tools like ChatGPT or other generative AI platforms, you don't always know where the data is going." MGMA's own guidance is blunter still: "If your policy doesn't create a safe, approved path, staff will create their own."

The lesson is uncomfortable for anyone hoping a sanctioned tool solves the problem. It doesn't. Habit and convenience keep pulling people back to the accounts they already have open, so governance has to start from the assumption that staff will use general-purpose AI no matter what the policy says, and protect against the fallout instead of pretending the policy alone will hold.

3. January 6, 2025: HIPAA Now Requires AI in Your Risk Analysis

When: Notice of Proposed Rulemaking published January 6, 2025; comment period closed March 7, 2025; final rule expected 2026 Source: HHS Office for Civil Rights What changed: First major Security Rule update in 20+ years, with explicit AI provisions

The proposed rule changes several things that bear directly on AI. Your Security Risk Analysis would have to run annually and explicitly include AI systems. Encryption of ePHI moves from "addressable" to mandatory, and so does multi-factor authentication for anything that touches ePHI. The rule also adds 72-hour incident reporting and annual penetration testing.

For governance, the AI provisions are the ones that bite. Under the proposed rule, deploying an AI tool that touches PHI without listing it in your risk analysis is itself a violation, separate from any breach that might follow. "We didn't know our staff were using ChatGPT" stops working as a defense.

OCR's enforcement record points the same direction. The agency announced 22 enforcement actions in 2024 and collected roughly $9.9 million in penalties. In October 2024, the Bryan County Ambulance Authority in Oklahoma paid $90,000 specifically for failing to conduct an adequate HIPAA risk analysis after a ransomware incident affecting 14,273 patients. By March 2025, OCR had confirmed that the third phase of HIPAA compliance audits, focused squarely on risk analysis and risk management, was underway with an initial 50 covered entities and business associates.

Penalty tiers in 2025 ran from $145 to $2,134,831 per violation category per year. Most settlements land well below those caps, but the structure is clear: failing to analyze and document is, by itself, the violation.

The bottom line is that the HIPAA floor just moved up. AI is now a line item on the risk-analysis checklist, and the documentation expectation is annual rather than whenever-you-get-to-it. Once the rule takes effect, likely in 2026, a practice that hasn't assessed its AI exposure on paper is already operating below the legal floor.

4. $10,000 to $200,000: Texas TRAIGA Civil Penalties Per Violation

This is where it stops being a federal-only story. State AI laws now run in parallel with HIPAA, and they carry their own penalties.

The Texas Responsible AI Governance Act (HB 149), signed by Governor Abbott on June 22, 2025, took effect on January 1, 2026. Civil penalties run from $10,000 to $200,000 per violation, are enforced by the Texas Attorney General, and can accrue daily. Companion legislation SB 1188, effective September 1, 2025, requires licensed practitioners to review AI-generated medical records against Texas Medical Board standards.

Colorado's path has been messier. The original Colorado AI Act (SB 24-205), passed in May 2024, was set to impose sweeping risk-based requirements on high-risk AI in healthcare. After industry pushback it was repealed and replaced by SB 26-189, signed on May 14, 2026, taking effect on January 1, 2027. The replacement leans toward disclosure and transparency around automated decision-making rather than full impact assessments.

Both states treat AI use in a care setting as a regulated activity, and neither law carves out an exemption for a 12-person dental practice. Any practice operating across state lines, or even just accepting referrals across them, will end up tracking more than one framework. Other states have already signaled similar bills.

So federal HIPAA is no longer the only frame you have to fit. State-level AI laws now apply alongside it, each with its own definition of "high-risk" use, its own mandatory disclosures, and its own penalty math. Expect that patchwork to grow before it ever consolidates.

5. 22,000 Organizations: The Joint Commission and CHAI Certification

When: Partnership announced June 11, 2025; first guidance released September 17, 2025 Source: Joint Commission and Coalition for Health AI joint announcements What's coming: A voluntary "Responsible Use of AI" certification across accredited healthcare organizations

The Joint Commission accredits more than 22,000 healthcare organizations in the US. In June 2025 it announced a partnership with the Coalition for Health AI to build AI playbooks and a voluntary certification program. The first guidance document, "Responsible Use of AI in Healthcare," landed on September 17, 2025, and laid out seven elements: AI policies and governance structures, data use and security, ongoing monitoring, transparency with patients, education, equity considerations, and risk management.

The Joint Commission has said the certification won't be split by institution size, though it will account for the resources an organization has. The playbooks turning the guidance into practice are being developed through workshops with hospitals and health systems "of all sizes and regions."

The direct accreditation pressure lands on hospitals. The indirect pressure lands on every practice in their referral network. A hospital chasing AI certification will reasonably want to know what AI governance looks like at the practices feeding it patients, which means "we don't have an AI policy" becomes a referral-relationship problem long before it becomes a regulatory one.

That is the quiet shift in this last number: governance is turning from a privacy-compliance question into a credentialing one. For most small practices, the pressure to formalize AI use will arrive through the hospitals they refer to, not through a letter from OCR.

Reading the Pattern

Step back from the five numbers and the same shape shows up in each one. AI use is the default. The regulatory floor underneath it keeps rising. And the governance frameworks that do exist were mostly designed by large academic medical centers, for organizations that look nothing like a small practice.

A February 2026 systematic review in npj Digital Medicine named that gap outright. Researchers at the University of Chicago reviewed 35 healthcare AI governance frameworks published between 2019 and 2024 and concluded that, while the frameworks offer real guidance, their resource requirements "create barriers for smaller healthcare organizations." Many would be "exceedingly difficult to implement" in regional and community health systems without in-house data science teams.

The same paper proposed a five-level maturity model. Level 1 is written for organizations "beginning to explore AI implementation," with no formal governance structure and limited ability to evaluate AI tools on their own. Level 5 is reserved for "top academic health systems and research institutions" with dedicated AI governance institutes. Most published guidance so far has effectively been written for Level 5.

These aren't edge cases either. In 2024, 47.4% of US physicians worked in practices of ten physicians or fewer (AMA practice characteristics survey), and roughly 73% of the 213,000 private practices counted in 2020 had fewer than 50 employees. The frameworks weren't built for them, and the product market still doesn't really serve them.

Why the Two Existing Approaches Fail

The policy-template approach is theatrical compliance.

A HIPAA-aligned AI use policy costs nineteen dollars or less. Free templates float around the physician associations. Adoption takes an afternoon, and the result looks perfectly legitimate on paper.

But a policy nobody enforces is operationally identical to no policy. A document that says "do not paste PHI into ChatGPT" stops exactly no one from doing it. It gives a regulator something to point at after the fact, and not much else. When that regulator reviews your AI program after an incident, the question will be simple: what mechanism actually prevented this? A PDF is not a mechanism.

The enterprise-platform approach is structurally unaffordable.

WitnessAI, Zscaler AI Security, Netskope One AI Security, Palo Alto Networks Protect AI, CrowdStrike Falcon AIDR, Microsoft Purview with its Copilot governance modules. These tools do real enforcement. None of them publish public pricing, and all of them require an enterprise sales conversation. WitnessAI's own positioning describes its core customer as enterprises already running Zscaler or Netskope who want AI governance layered onto an existing Security Service Edge stack.

A 12-person dental practice does not have a Security Service Edge stack. It has twelve people on whatever browser shipped with their laptops, an outsourced IT contractor who answers tickets, and a practice manager juggling compliance as one of nine jobs.

There is no obvious product sitting between the PDF template and the enterprise SSE add-on. That empty middle is the gap this whole article is about.

A Practical Framework at Small-Practice Scale

Three parts, none of which require enterprise spend. (Full disclosure: we build a tool that lives in part two, so weigh that accordingly. The category logic below holds no matter whose product you pick.)

Part 1: Sort AI tools into two tiers.

Workflow-integrated AI with a BAA. Ambient scribes like Suki, Abridge, DAX Copilot, Freed AI, and Heidi Health, plus the AI baked into your existing EHR. These vendors sign BAAs, encrypt in transit and at rest, and either don't train on your data or let you opt out. Approve them per tool, file the BAA, document the use case, and move on. Small-practice pricing here runs from roughly $99 per provider per month (Freed AI) to around $600 per provider per month (DAX Copilot).

General-purpose AI without a BAA. ChatGPT, Claude, Gemini, consumer Copilot. OpenAI will sign a BAA for ChatGPT Edu or Enterprise via API only; the consumer chat product isn't eligible. For this group, the realistic question isn't whether to ban them. Your staff will use them, and you won't know, because they'll be on personal accounts. The question is whether you can make that use safe.

Part 2: Enforce the boundary at the browser.

For general-purpose AI, enforcement has to happen at the point where data actually leaves the device, which means three properties matter.

Local-first. PHI never leaves the machine, by design. Any tool that ships PHI off to a vendor cloud for inspection has relocated the problem, not solved it.

Operationally invisible. If staff have to copy somewhere else, paste somewhere different, or log into yet another tool, adoption will be zero. The control has to work inline, in the browser they already have open.

Affordable. Per-seat-per-month pricing measured in dollars, not five-figure platform fees.

That points to browser-based PII detection and masking. PiiBlocker is one tool in this category and there are others; the category matters far more than any single product.

Part 3: Three documents, not thirty.

A one-page AI use policy. A one-page note on what enforcement is actually in place. And a monthly summary of AI-related events: what got detected, what got blocked, what slipped through. A spreadsheet is completely fine.

Having those three documents already puts a small practice ahead of roughly four out of five of its peers. It also produces exactly the artifact a Joint Commission-accredited referrer is going to ask to see.

What This Costs

Here is what a 15-person practice working through the above can realistically expect.

Policy template. Free from a physician association, or nineteen dollars for a paid kit. Call it zero.

Browser-layer PII control. Market pricing in this category sits around four to seven dollars per seat per month. For 15 seats, that's roughly $720 to $1,260 a year. PiiBlocker sits at the lower end.

Monthly review time. About two hours a month of the practice manager's time to scan the event log, tweak the policy, and file the paperwork.

Total: somewhere around $900 to $1,200 a year, plus roughly 24 hours of management time.

Compare that to $20,000 to $50,000-plus a year for enterprise SSE platforms with AI governance modules. Or to the $90,000 Bryan County Ambulance settlement for an inadequate risk analysis. Or to those top penalty tiers, which cap at $2,134,831 per violation category per year.

What the framework doesn't cover: ambient scribes (those get their own BAA-based governance) and sophisticated agentic AI threats. What it does cover is the thing actually happening today, which is staff pasting things into ChatGPT, and that's roughly ninety percent of a small practice's real exposure.

Back to the Nurse

Think again about the nurse from the opening. A policy alone wouldn't have stopped her. An enterprise platform was never going to be affordable for her practice. What stops her is a layer in her own browser that recognizes the discharge summary, masks the PHI before it leaves the machine, and lets her keep using the tool she was going to use regardless.

That layer is the whole difference between "your practice has AI governance" and "your practice has a policy in a drawer."

Every number in this piece lands in the same place. Staff at small practices are already using AI. Regulators now assume those practices have the governance to match. The available solutions are either too flimsy to enforce anything or too expensive to buy. A workable middle path does exist, even if almost nobody has bothered to describe it at this scale yet.

---

PiiBlocker is a free Chrome extension that masks personal data before it reaches AI chatbots. 100% local processing, no servers, no data collection. Install from Chrome Web Store →