The ABC’s of Integrating AI Into Your Compliance Strategy 

blog header

I recently attended the 2024 Health Care Compliance Association (HCCA) Managed Care Conference, and it was great to attend sessions and network with professionals and exhibitors from across the country. If I received $1 for every time artificial intelligence (“AI”) was referenced, I might have the financial means to invest in one of the many AI products being pitched to the health care industry.  

There was a lot of sharing of ideas around how to respond to both the opportunities and challenges that AI brings to our organizations and industry. I can summarize these in three themes – the ABC’s, if you will, of integrating AI into your compliance strategy. 


Great organizational compliance programs feature a formal process to assess and prioritize risk. This must include AI, because it can impact every part of our business – from clinical care delivery, claims payment, and patient interactions to human resources, procurement, and accounting. That said, AI is the same as any other emerging risk facing our organizations.  

If not already part of your 2024 compliance plan, “AI Program Oversight Strategy” should be at the top of your list. Key focus areas to include as part of the program strategy include: 

  • AI Inventory: Assess and capture current AI initiatives within the organization in preparation of building an intake process to capture and review future AI initiatives.  
  • AI Governance Strategy: Work with key business partners to build an oversight structure to help ensure consistency and standardization as new AI is proposed and introduced into the organization.  
  • AI Awareness: Integrate AI into annual education and training modules. This will ensure awareness about protecting data and safeguards required when using AI in a healthcare setting, as well as capture key state and federal regulatory considerations. 

 2. (B)UY-IN

As interest in and adoption of AI increases, the value proposition in adopting and articulating an enterprise-wide AI strategy increases. The ability to use AI to optimize innovation of care models, increase patient access, scale, grow services and market share, and reduce the cost of healthcare is exciting and transformative.  

As with any enterprise initiative, the following considerations should be at the top of the list: 

  • Executive Champion: Building an AI culture starts at the top, which is why recommending that your organization identify an executive business leader and champion is essential. Who that should be will be unique to each organization and dependent upon their strategy. The compliance professional’s role will be to ensure they are one of the key stakeholders at the table. 
  • Skillset/Expertise: You also need the right skillset within the organization and your compliance team to lead this work. Do you have the right mix of talent and expertise within your team to help you adapt to and support your organization’s strategy of optimizing AI to scale and grow? Hiring new people, or an inability to hire, can’t always be the answer. It’s our job as compliance professionals to continue to find different ways to work to support emerging risk areas.  


Generative AI is impacting all areas of healthcare. As adoption increases, so can the risks. Be prepared for an oversight structure that includes new partnerships such as cloud vendors, external IT professionals, and other consulting firms. If not already at the table, be ready to deploy the same due diligence and compliance program oversight as part of your vendor oversight initiatives. 

Integrating an AI program oversight structure can be viewed in two ways: overwhelming and fragmented, or reframed into something as simple as “ABC.” By taking a practical approach to this complex topic, you will be viewed positively by your team and able to respond well to questions about AI risks from your business partners, the C-suite, and your Board of Directors. 

Jenny O’Brien, JD, MS, CHC serves on the advisory board for YouCompli. She is also president and principal at BlackBridge Advisors. She has been the chief compliance officer (CCO) at multiple companies, including UnitedHealthcare, as well as a state assistant attorney general and a partner at a law firm. She is a past president and board member of HCCA/SCCE, serves on the boards of Bon Secours Mercy Health System and St. Charles Health System, and the advisory board of Stellar Health. 

Qualified compliance professionals do the heavy lifting for you, simplifying regulatory change management    

Our in-house team works tirelessly to monitor US regulators, carefully read the regulations in their entirety, and translate the information into simple regulatory intelligence you can use. We deliver model procedures and expert tools that can be used to fulfill your business requirements. Everything is validated by a third-party law firm.   

Get the latest from healthcare compliance experts   

Never miss an article by Jenny O’Brien. Sign up for YouCompli’s weekly email if you haven’t already.