The Trump Administration continues to pursue a policy of AI dominance, which began with its January 23, 2025 executive order to remove “barriers” to Artificial Intelligence (“AI”) innovation to promote “human flourishing, economic competitiveness and national security.”
On December 11, 2025, the Administration issued another executive order announcing a policy to remove state law impediments to adopting a “minimally burdensome national standard” for AI development and use.
Consistent with these policy efforts, the U.S. Department of Health and Human Services (HHS) recently released an AI Strategy (the “Strategy”) and Compliance Plan under Office of Management and Budget (OMB) Memo M-25-21. The HHS pronouncements reflect an effort to promote the deployment of AI within HHS to advance public health and gain workforce efficiencies. The Strategy has five pillars: (1) Ensure Governance and Risk Management for Public Trust, (2) Design Infrastructure and Platforms for User Needs, (3) Promote Workforce Development and Burden Reduction for Efficiency, (4) Foster Health Research and Reproducibility Through Gold Standard Science, and (5) Enable Care and Public Health Delivery Modernization for Better Outcomes. In short, as stated by HHS Deputy Secretary Jim O’Neill, HHS has taken the first steps to be “all in” on AI.
Furthering the Strategy, HHS also recently released a “Request for Information: Accelerating the Adoption and Use of Artificial Intelligence as Part of Clinical Care” (the “RFI”) on December 23, 2025. This RFI provides an opportunity to healthcare stakeholders to provide comments to inform HHS’s policymaking efforts moving forward. Comments are due by February 23, 2026.
A Strategy Focused on the “Guiding Principle” of Accelerating the Use of AI
The five-pillar Strategy “lays out HHS’s framework to establish robust HHS-wide infrastructure, accelerate AI innovation, and promote and ensure AI security throughout the health care and human services sector while respecting the privacy of Americans’ identifiable information and complying with applicable law on the privacy and security of such information.” Notably, HHS has adopted a centralized organizational approach (“OneHHS”) to accelerate decision-making and “unit[e] Divisions by eliminating information silos where appropriate and coordinating and collaborating without friction.”
HHS will be making a preliminary assessment of AI maturity emphasizing areas where AI is already being applied, including in public health, drug development, and precision medicine. These use cases reflect existing applications and emerging priorities for integrating AI into federal health programs. Through the adoption of the Strategy, HHS is moving to embed successful AI tools directly into public health operations and healthcare delivery to support monitoring, care, research, and broader public health goals. The “outcomes-first” approach of evaluating the value of specific use cases reflects HHS’s intent for AI to be used beyond merely administrative applications. Successful use cases will be advanced, while suboptimal or outdated approaches will be phased out or modified. According to the Strategy, by utilizing this process, boundaries to AI adoption will be reduced and AI innovation will be accelerated across the agency.
Principles of Governance: Transparency, Oversight, Fairness, Privacy, Security
Within its Strategy, HHS mentions the importance of governance rooted in foundational principles of transparency, human oversight, fairness, privacy, and security. The Strategy suggests that internal governance processes will provide that developers and deploying organizations are accountable for system behavior, and should ensure human involvement, manage bias and data representativeness, control access to sensitive health information, and foster public trust. To that end, HHS has formed a department-wide Governance Board to “unify AI efforts across … Divisions consistent with legal requirements.” The goal will be to “have a nimble AI governance system that allows beneficial innovations to move quickly into practice, while maintaining a strong check on potential misuses, breaches or failures to mitigate risk, and improve public trust.”
An HHS Operational Compliance Plan Under M-25-20
HHS’s Compliance Plan is its response to the OMB’s directive, formalized in Memorandum M-24-10, directing agencies to develop plans and risk management for AI adoption. As part of its compliance efforts, HHS will maintain a publicly accessible inventory of AI use cases, to create a standard taxonomy for categorizing cases, to provide clear metrics for potential “high-impact AI” use, to refine risk management practices, and to share best practices. The inventory will encourage collaboration and limit redundant development. The Compliance Plan states that by April 3, 2026, all HHS Divisions will work together to apply risk management practices to high-impact AI, the metrics for which will be developed from the use case inventory. These risk management practices may be informative for how the private sector should develop and adopt AI.
Potential Strengths and Practical Challenges
HHS’s stated ambitions for AI reflect a strategic attempt to move AI adoption from what the agency perceives to be fragmented experimentation with many impediments to a coordinated, national, faster adoption effort consistent with President Trump’s most recent Executive Order, profiled here. The possible advantages touted in the Strategy and Compliance Plan are many. First, greater transparency and a consistent governance baseline across a large federal agency can build public trust. Second, a framework can clarify expectations for developers and vendors aiming to work with HHS, potentially benefitting private-sector practices. Third, building internal capacity, e.g., staffing, oversight, and documentation, coupled with training, may help sustain institutional knowledge over time. Finally, risk-based classification and compliance-by-design can help ensure that AI deployments reflect the sensitivity, risk and impact of healthcare applications. Again, this approach to adoption may be informative for how the private sector should adopt AI.
Such ambitious implementation may not be easy, and the pillars may compete with one another, requiring reconciliation. HHS oversees a broad and diverse portfolio of programs, each with different data maturity, technical capabilities, and risk profiles; aligning governance across diverse programs may take up significant time and resources. The definition of “high-impact AI” may be subject to change and to debate. Further, maintaining rigorous oversight requires ongoing staffing, funding, and technical processes.
Implications for Stakeholders Beyond HHS
The Strategy and Compliance Plan may have implications beyond the federal government. State health agencies, private health systems, developers, vendors, and other stakeholders may look to HHS’s approach as a model. For regulators, the classification and oversight frameworks may inform future policy or enforcement. As AI becomes more integrated across healthcare delivery, research, and public health, the standards embedded in HHS’s approach may influence broader norms and practices.
HHS’s AI Strategy and Compliance Plan reflect an intent to reap the benefits of AI, while also identifying potential misuse, breaches, and failures to mitigate risk. By combining ambition with transparency and interoperability, and by creating the use case inventory, HHS appears to be positioning itself to identify and scale the most effective AI innovations for health care in a use-case-by-use-case approach. As AI tools become more central to how care is delivered and public health is managed, the broader policy environment will continue to evolve both within HHS and more broadly. For stakeholders in health, technology, privacy and regulation, however, it is clear that HHS’s progress in implementing its Strategy and Plan warrants close attention as a way of tracking Federal policy direction and potentially informing best practices in the private sector.
Epstein Becker Green will be tracking developments and will provide further updates. If you have questions, please contact the authors of this post and/or the Epstein Becker Green attorneys with whom you normally work.
Blog Editors
Authors
Member of the Firm
Member of the Firm
Associate
Member of the Firm