Governing Health AI Development and Adoption: Insights from HHS’s Recently Announced Strategy to Promote AI in Healthcare
The Trump Administration continues to pursue a policy of AI dominance, which began with its January 23, 2025 executive order to remove “barriers” to Artificial Intelligence (“AI”) innovation to promote “human flourishing, economic competitiveness and national security.”
On December 11, 2025, the Administration issued another executive order announcing a policy to remove state law impediments to adopting a “minimally burdensome national standard” for AI development and use.
HHS’s AI Strategy and Compliance Plan
Consistent with these policy efforts, the U.S. Department of Health and Human Services (HHS) recently released an AI Strategy and Compliance Plan under Office of Management and Budget (OMB) Memo M-25-21. The HHS pronouncements reflect an effort to promote the deployment of AI within HHS to advance public health and gain workforce efficiencies. The Strategy has five pillars:
- Ensure Governance and Risk Management for Public Trust
- Design Infrastructure and Platforms for User Needs
- Promote Workforce Development and Burden Reduction for Efficiency
- Foster Health Research and Reproducibility Through Gold Standard Science
- Enable Care and Public Health Delivery Modernization for Better Outcomes
As stated by HHS Deputy Secretary Jim O’Neill, HHS has taken the first steps to be “all in” on AI.
Opportunity for Stakeholder Feedback
Furthering the Strategy, HHS also released a “Request for Information: Accelerating the Adoption and Use of Artificial Intelligence as Part of Clinical Care” (the “RFI”) on December 23, 2025. This RFI provides an opportunity for healthcare stakeholders to provide comments to inform HHS’s policymaking efforts moving forward. Comments are due by February 23, 2026.
A Strategy Focused on Accelerating AI Use
The five-pillar Strategy lays out HHS’s framework to establish robust HHS-wide infrastructure, accelerate AI innovation, and promote and ensure AI security throughout the healthcare and human services sector while respecting the privacy of Americans’ identifiable information and complying with applicable law on the privacy and security of such information.
Notably, HHS has adopted a centralized organizational approach (“OneHHS”) to accelerate decision-making and unite Divisions by eliminating information silos where appropriate and coordinating and collaborating without friction.
Preliminary Assessment of AI Maturity
HHS will be making a preliminary assessment of AI maturity emphasizing areas where AI is already being applied, including in public health, drug development, and precision medicine. These use cases reflect existing applications and emerging priorities for integrating AI into federal health programs.
Through the adoption of the Strategy, HHS is moving to embed successful AI tools directly into public health operations and healthcare delivery to support monitoring, care, research, and broader public health goals.
Principles of Governance
Within its Strategy, HHS emphasizes the importance of governance rooted in foundational principles of transparency, human oversight, fairness, privacy, and security. The Strategy suggests that internal governance processes will provide that developers and deploying organizations are accountable for system behavior, ensure human involvement, manage bias and data representativeness, control access to sensitive health information, and foster public trust.
To that end, HHS has formed a department-wide Governance Board to unify AI efforts across Divisions consistent with legal requirements. The goal will be to have a nimble AI governance system that allows beneficial innovations to move quickly into practice while maintaining a strong check on potential misuses, breaches, or failures to mitigate risk, and improve public trust.
Operational Compliance Plan Under M-25-20
HHS’s Compliance Plan is its response to the OMB’s directive, formalized in Memorandum M-24-10, directing agencies to develop plans and risk management for AI adoption. As part of its compliance efforts, HHS will maintain a publicly accessible inventory of AI use cases, create a standard taxonomy for categorizing cases, provide clear metrics for potential “high-impact AI” use, refine risk management practices, and share best practices.
The inventory will encourage collaboration and limit redundant development. The Compliance Plan states that by April 3, 2026, all HHS Divisions will work together to apply risk management practices to high-impact AI, the metrics for which will be developed from the use case inventory.
Potential Strengths and Practical Challenges
HHS’s stated ambitions for AI reflect a strategic attempt to move AI adoption from fragmented experimentation to a coordinated, national, faster adoption effort consistent with President Trump’s recent Executive Order. The possible advantages touted in the Strategy and Compliance Plan are many:
- Greater transparency and a consistent governance baseline across a large federal agency can build public trust.
- A framework can clarify expectations for developers and vendors aiming to work with HHS, potentially benefiting private-sector practices.
- Building internal capacity, e.g., staffing, oversight, and documentation, coupled with training, may help sustain institutional knowledge over time.
- Risk-based classification and compliance-by-design can help ensure that AI deployments reflect the sensitivity, risk, and impact of healthcare applications.
However, such ambitious implementation may not be easy, and the pillars may compete with one another, requiring reconciliation. HHS oversees a broad and diverse portfolio of programs, each with different data maturity, technical capabilities, and risk profiles; aligning governance across diverse programs may take significant time and resources.
Implications for Stakeholders Beyond HHS
The Strategy and Compliance Plan may have implications beyond the federal government. State health agencies, private health systems, developers, vendors, and other stakeholders may look to HHS’s approach as a model. For regulators, the classification and oversight frameworks may inform future policy or enforcement.
As AI becomes more integrated across healthcare delivery, research, and public health, the standards embedded in HHS’s approach may influence broader norms and practices.
HHS’s AI Strategy and Compliance Plan reflect an intent to reap the benefits of AI while also identifying potential misuse, breaches, and failures to mitigate risk. By combining ambition with transparency and interoperability, and by creating the use case inventory, HHS appears to be positioning itself to identify and scale the most effective AI innovations for healthcare in a use-case-by-use-case approach.
As AI tools become more central to how care is delivered and public health is managed, the broader policy environment will continue to evolve both within HHS and more broadly. For stakeholders in health, technology, privacy, and regulation, it is clear that HHS’s progress in implementing its Strategy and Plan warrants close attention as a way of tracking Federal policy direction and potentially informing best practices in the private sector.
Further updates will be provided as developments unfold.
