Healthcare’s AI Challenge: Balancing Opportunity and Reputational Risk
There is little doubt that Artificial Intelligence (“AI”) has the power to transform the quality of health care. At the same time, the technology’s widespread adoption across the sector has the potential to expose organizations to significant risk. Healthcare leaders have a responsibility to ensure they understand both the potential opportunities and risks – including reputational risks – of the AI tools they use in order to adequately respond should a crisis occur.
The Transformative Power of AI in Healthcare
The past two years alone have seen an explosion in the use of AI tools in the healthcare ecosystem, with the industry integrating AI into operations at a much higher rate than other sectors in the economy.1 Driving this increase are acute needs across the industry to save time, improve data management and enhance patient care.
From 2023 to 2025, 22% of healthcare organizations started using AI tools specific to their organization, according to research from Menlo Ventures.2 Within the industry, 27% of health systems, 18% of outpatient providers and 14% of payers have adopted AI tools. Meanwhile, only 9% of companies across other sectors implemented AI into their businesses over the same time period.3
A report from Philips Healthcare found that healthcare workers believe AI can help simplify data management by automating time-consuming, repetitive tasks and shortening lengthy procedure times.4 Thirty-five percent of the healthcare professionals surveyed said they spend more time completing administrative tasks than spending time with patients.5
Beyond creating more time for patient care, AI is already enabling early interventions that have the potential to save lives. The Lancet medical journal published a study in January 2026 reporting that using AI tools in breast cancer screening reduces by 12% the rate of a cancer diagnosis in subsequent years and leads to a higher rate of early detection.6
Key Risks for Healthcare Organizations
These advancements in AI, however, bring the potential of serious risks for healthcare organizations.
Laws and frameworks regulating new technology often lag behind the development and use of the technology, and AI is no different. This delay makes healthcare organizations vulnerable to data privacy and HIPAA-related risks. The increase in use of AI tools can leave patient data exposed, especially if a healthcare provider or a third party has weak security or inadequate data management practices.7
Research shows that healthcare professionals are aware of this danger: a survey by Forrester found that less than half of those who make risk management decisions in their organizations said their third-party risk management process is mature.8 More important for healthcare professionals, however, is whether organizations’ leadership have a plan for how they will respond if such an incident does occur.
An additional AI usage risk area for healthcare organizations is the potential for AI tools to misdiagnose and “hallucinate” – in which an AI model produces information that is false or nonsensical but may appear logical at first glance. Such incidents have already been publicly reported. A London man was invited to a diabetic screening after the tool produced a medical report that falsely claimed he had diabetes and possible heart disease. However, the patient never had diabetes.9
The American Health Association (AHA) has called on federal health officials to implement measures to mitigate these dangers. In a February 23, 2026 letter to the Department of Health and Human Services (HHS), AHA encouraged the Department to hold third-party vendors to industry-standard data privacy requirements and to strengthen regulatory frameworks to ensure human oversight of AI is required.10
Increased regulation will help clarify AI best practices for healthcare organizations, but it is up to the organizations to make sure their use of AI tools does not expose them to danger. Overreliance on AI tools that may be vulnerable to data privacy risks and hallucinations can mean not only serious patient care consequences, but also legal and reputational risks for healthcare organizations.
How Organizations Can Prepare
While healthcare organizations should take every measure to prevent AI-involved incidents, they also need to have a plan to mitigate, communicate about, and respond to these risks.
Step #1: Clearly communicate your organization’s AI use policy
Organizations need to be transparent about how they use AI. This means ensuring providers are applying appropriate “human checks” on AI tool outputs, and that patients and the broader public understand how and why the tools are being utilized.
Step #2: Work with counsel to understand your exposure to data privacy risks associated with AI tools
To mitigate potential legal and reputational challenges, it is imperative that healthcare organizations assess their legal risk surrounding their use of AI tools. This awareness is especially important as the laws regulating the use of AI in critical industries like healthcare mature.
Step #3: Develop an AI incident response and communications plan to prepare for incidents involving your organization’s use of AI
Even during the normal course of using AI, an organization will receive questions from patients, regulators, and the media: How is my data being used by this AI tool? Where is the data stored? Who has access to the data?
These questions will inevitably intensify in the event AI tools do not perform as they are supposed to. Healthcare organizations’ leadership needs to prepare responses to these questions in the unfortunate event that an AI tool becomes the headline in a story, either through user error or the AI not performing as it should.
Central to effective preparedness efforts is developing a communications plan for how the organization will respond quickly in a crisis and dispel false narratives. This plan should include the communications process protocols for delivering timely and accurate information to staff, patients, regulators, media and other key stakeholders; and scenario plans for potential AI-related crises. Conducting tabletop exercises around AI-specific incidents will also enable healthcare organizations to improve their muscle memory for responding to these emerging issues.
AI has the potential to radically improve healthcare. It also has the potential to bring significant risks to organizations. This is the time for healthcare organizations to assess how AI is being deployed across their enterprises, honestly evaluate their risk, and develop a plan for the worst-case scenarios.
The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, Inc., its management, its subsidiaries, its affiliates, or its other professionals. FTI Consulting, Inc., including its subsidiaries and affiliates, is a consulting firm and is not a certified public accounting firm or a law firm. FTI Consulting is an independent global business advisory firm dedicated to helping organizations manage change, mitigate risk and resolve disputes: financial, legal, operational, political & regulatory, reputational and transactional. FTI Consulting professionals, located in all major business centers throughout the world, work closely with clients to anticipate, illuminate and overcome complex business challenges and opportunities.
©2026 FTI Consulting, Inc. All rights reserved. fticonsulting.com
Related Expertise
References
[1] Yap, Greg, Derel Xiao, Johny Hu, JP Sanday, Croom Beatty, “2025: The State of AI in Healthcare,” Menlo Ventures (Oct. 21, 2025), https://menlovc.com/perspective/2025-the-state-of-ai-in-healthcare/.
[2] Id.
[3] Id.
[4] Philips, “Building Trust in Healthcare AI: Perspectives from Patients and Professionals” (2025), https://www.philips.com/a-w/about/news/future-health-index/reports/2025/building-trust-in-healthcare-ai.html.
[5] Id.
[6] Gommers, Jessie, Veronica Hernström, Victoria Josefsson, Hanna Sartor, David Schmidt, Annie Hjelmgren, et al. “Interval cancer, sensitivity, and specificity comparing AI-supported mammography screening with standard double reading without AI in the MASAI study: a randomised, controlled, non-inferiority, single-blinded, population-based, screening-accuracy trial,” The Lancet (Jan. 31, 2026), https://www.thelancet.com/journals/lancet/article/PIIS0140-6736(25)02464-X/abstract?utm_campaign=tlpr&utm_medium=email&_hsenc=p2ANqtz–N0UZ2qQR5tTjDaMcW81RCxf0Ts-i2uQT7FjfNhG8m6GyH4dy8TNyO73R_tkMW_umENaem7i_5LzK0DZtuGWGTt2Jrx2UngU35-KwD7Sepdoa3a5E&_hsmi=400595687&utm_content=400595687&utm_source=hs_email.
[7] McBride, B. Scott and Sydney Menack, “AI in Healthcare: Opportunities, Enforcement Risks and False Claims, and the Need for AI-Specific Compliance,” Morgan Lewis (July 14, 2025), https://www.morganlewis.com/pubs/2025/07/ai-in-healthcare-opportunities-enforcement-risks-and-false-claims-and-the-need-for-ai-specific-compliance.
[8] Farraher, Shannon Germain, Arielle Trzcinski, “Predictions 2026: The Year AI Tests the Heart of Healthcare,” Forrester (Oct. 31, 2025), https://www.forrester.com/blogs/2026-predictions-the-year-ai-tests-the-heart-of-healthcare/.
[9] Nolan, Beatrice, “UK health service AI tool generated a set of false diagnoses for one patient that led to him being wrongly invited to a diabetes screening appointment” Fortune (July 20, 2025), https://fortune.com/2025/07/20/uk-health-service-ai-tool-false-diagnoses-patient-screening-nhs-anima-health-annie/.
[10] Diaz, Naomi, ”AHA urges HHS to align AI rules with existing healthcare regulations” Becker’s Health IT (Feb. 23, 2026), https://www.beckershospitalreview.com/healthcare-information-technology/ai/aha-urges-hhs-to-align-ai-rules-with-existing-healthcare-regulations/?origin=CIOE&utm_source=CIOE&utm_medium=email&utm_content=newsletter&oly_enc_id=6998I4205356D2A.
