It has become one of the fastest-growing questions in healthcare IT: can clinicians use ChatGPT?

The honest problem with that question is that “no” is not a real answer — because they already are. For note summaries, patient-letter drafts, literature digests, and a dozen other small tasks, generative AI is already in the building, with or without a policy. A blanket ban does not stop it. It just pushes it into the shadows, where you have no visibility and no controls at all.

The questions underneath the obvious one are the hard ones, and they are the ones worth answering:

  • Can PHI be entered into AI tools — and into which ones?
  • Which AI vendors are approved?
  • How do we audit AI use?
  • How do we prevent data leakage?
  • How do we validate AI-generated clinical content?

Why a blanket ban backfires

Forbidding AI does not eliminate the risk; it relocates it. Clinicians under time pressure will reach for the tool that helps, and if the only options are unapproved consumer tools, your PHI ends up in exactly the places you least want it. Governance that gives people a safe path beats a prohibition they will quietly ignore.

What real governance looks like

  • An approved-tools list — a small set of vetted AI tools clinicians can use with confidence.
  • A clear PHI rule — what data can and cannot go into which tools, and where that data lives.
  • Audit logging — so AI use is visible, not invisible.
  • A human-validation requirement — any AI-generated clinical content is reviewed before it informs care.

How LANStatus helps

This is where our healthcare experience and our AI governance work meet. We help you set a usable AI policy — approved tools, clear PHI rules — put the technical guardrails and logging in place, and give clinicians a safe path instead of a ban they will route around. The goal is not to slow your people down. It is to let them use AI without putting protected health information, or a patient, at risk.

Your clinicians are already using AI. The only real question is whether they are doing it on tools you have vetted — or ones you have never heard of.

We help healthcare organizations set AI policy that protects PHI without blocking the tools clinicians want.

Explore Professional Services

Brian Diamond

Founder & CEO, LANStatus · Fractional Chief AI Officer

Brian founded LANStatus in 2001 and works with mid-market healthcare and financial-services organizations on AI strategy, governance, and security. He publishes The CAIO Brief, a weekly briefing for leaders navigating AI in real time.

The CAIO Brief · BrianOnAI · LinkedIn