It's 2026. We're Still Governing AI Like It's 2009

By: Michele Alexander

Imagine hiring the most talented employee you've ever seen.

Brilliant. Fast. Never complains. Works around the clock. Can read thousands of patient charts in seconds, flag risks before they become crises, and help exhausted clinicians finally breathe.

Now imagine giving that employee no manager, no performance reviews, no job description, no accountability structure, and no process for what happens when they make a mistake.

That is exactly what most healthcare organizations are doing with AI right now.

And that is why 85% of AI implementations fail.

Not because AI is bad. Not because the people implementing it lack intelligence or ambition. Because the systems we use to oversee, manage, and course-correct AI were built for a completely different era, and nobody has updated them.

Here's the Short Version of How We Got Here

In 2009, the government stepped into healthcare through ARRA because the Great Recession was destabilizing both coverage and the underlying infrastructure the system depended on. Millions were at risk of losing insurance just as state budgets were collapsing. At the same time, policymakers recognized that a largely paper-based, fragmented health system was a barrier to quality, safety, and efficiency. So they used HITECH inside ARRA to pour money and enforcement power into EHR adoption, privacy, and security — betting that a digital foundation was essential for a more resilient, data-driven healthcare system.

It worked. Healthcare digitized. Yes? No? It Depends; but, is it HIPAA complient.

But here is what people forget. Installing the system correctly was only half the question. The other half was: did it work correctly within your workflows? Because plenty of organizations installed EHRs perfectly and built broken workflows around them. The system was live. The outcomes weren't there. Both mattered then. Both matter now.

The oversight infrastructure built during that era — the Regional Extension Centers, the committees, the checklists, the incentive programs — was designed to get organizations to that standard. Mandatory medication reconciliation drove physician compliance from roughly 20 percent to over 90 percent within months. The After Visit Summary fixed a real problem: patients forget up to 80 percent of what their doctor tells them verbally. These tools solved the problems they were designed for.

AI is a different problem entirely.

Why That Mismatch Is Killing AI Implementations

The rules we built in 2009 were designed for consistency and measurable outcomes. The logic was straightforward: install correctly, use correctly, measure it, fix what isn't working. Static systems. Defined metrics. Clear accountability.

AI doesn't work that way.

AI is more like a new employee who learns on the job, can develop blind spots, may perform differently depending on who they're working with, and needs ongoing feedback to keep improving. You wouldn't sign off on a new hire once and never check in again. You wouldn't assume their work is accurate six months later just because it was accurate on day one. But that is essentially what healthcare is doing with AI right now.

Here is what happens as a result.

AI gets treated like a software purchase. Security review. Privacy check. Vendor contract. Sign here. Nobody asks: who monitors this after go-live? Who checks accuracy six months from now? Who is responsible if the recommendations get worse?

Nobody owns the outcome — and that's not a simple problem. A pilot launches with excitement. There's a clinical champion, an IT lead, a vendor rep. Go-live happens. Then the vendor moves on to the next sale, the clinical champion gets pulled into other priorities, and the AI tool runs on autopilot until something goes wrong — or quietly stops being used. We saw this with early EHR implementations. If the computer generated an alert, clinicians assumed it was correct. The system said it, so it must be right. AI carries that same risk at a much larger scale.

And ownership in healthcare is not one thing. An AI tool that performs well for the cardiology team may quietly fail the pediatrics team. A documentation assistant that saves time in one specialty may create dangerous gaps in another. A risk model that works across the general population may miss patterns in patients with limited English or unstable housing. If accountability isn't mapped to the specific teams, workflows, and patient populations affected, nobody catches it until something goes wrong.

The metrics don't match the risk. Healthcare measures installations and checkboxes well. It does not measure whether AI is actually helping patients, whether it is treating all populations fairly, or whether it is creating new risks that nobody is tracking.

The culture punishes honesty. Decades of regulatory enforcement trained healthcare organizations to hide problems, not surface them. AI requires the opposite. You need people to raise their hand early when something isn't working. Most organizations are not built for that.

The Governance Gap.

Governance sounds like a bureaucratic word. It isn't. It just means: who is responsible, for what, and what happens when something goes wrong.

For AI, most healthcare organizations cannot answer those questions cleanly:

• Who approved this tool and based on what evidence?

• Who is checking whether it still works the same way it did at launch?

• Who reviews whether it works equally well across all patient populations — regardless of age, race, language, or zip code?

• What is the process when it fails?

• Who owns the risk — the hospital, the vendor, the clinician who followed its recommendation?

• And critically: which team owns the outcome? Because the answer is not the same for every department.

These are not complicated questions. But without a governance structure designed to ask them, they simply don't get asked.

And that silence is where the 85% of projects, go to die.

What Needs to Change

This doesn't require starting over. It requires updating.

Someone has to own AI performance after go-live, not just at launch. Ongoing. By team. By workflow. By population. Like a manager who actually checks in.

Success has to be redefined. Not "did we turn it on" but "is it helping, and is it helping everyone fairly — including the patients and teams we are least likely to be watching closely."

Vendors have to be partners in accountability, not just sellers. A signed contract is not a governance strategy. Healthcare organizations need to demand transparency about how AI tools were built, what data trained them, how they will be updated, and what happens when performance changes.

Issues have to be reported, not buried. The organizations that get AI right will be the ones building cultures where a clinician can say "this tool gave me a bad recommendation" without fear, and that information actually improves the system.

The Bottom Line

AI is not failing healthcare because AI is bad. It has already helped with documentation, risk stratification, and clinical decision support in organizations that got the governance right.

AI is failing healthcare because we are asking a 17-year-old compliance checklist to manage technology that didn't exist when that checklist was written.

The organizations that close this gap first, that build governance structures actually designed for how AI works, mapped to the teams and populations it affects, will be the ones that make AI deliver on its promise.

Everyone else will keep running impressive pilots that go nowhere.

Because AI without governance isn't transformation.

It's risk with better branding.

This is the first article in a series on AI governance in healthcare. Next: What actually happens inside a health system when AI fails, and who ends up holding the risk.

The team-specific ownership argument is now woven through the whole piece, not just dropped in one place. It shows up in the failure modes section, the governance questions, and the what-needs-to-change section, which makes it feel like a throughline, not an add-on.

Ready to talk strategy? Book a Strategy Consultation - Mda Solutions Llc