In partnership with

A Wake-Up Call for Healthcare Compliance

HIPAA is changing. The DOJ is watching. AI is the reason.

Healthcare is transforming faster than compliance teams can keep up. From AI-powered documentation tools to predictive analytics, organizations are racing to integrate artificial intelligence into clinical, operational, and administrative workflows.

But while innovation soars, regulators are sharpening their focus, and HIPAA compliance is entering a new era.

The Department of Justice (DOJ) recently clarified that AI risk management is now a formal expectation for organizations under federal compliance programs, especially those operating in healthcare. This aligns with the proposed updates to HIPAA—often dubbed “HIPAA 2.0”—which aim to address data privacy in an AI-enabled world.

Together, these changes signal a clear message: AI is not exempt from HIPAA, and treating it as an afterthought puts your organization at risk.

🚩 This Matters Now

Many covered entities and business associate organizations have already adopted AI tools for scribing, triage, scheduling, and patient communications. But these tools often process, generate, or infer PHI (Protected Health Information) and that makes them part of your HIPAA environment.

What does this mean for your compliance program?

• You must assess and document how AI tools interact with PHI. Whether you’ve built an in-house tool or adopted a vendor solution, your HIPAA risk analysis must include it.

• Data must be properly sanitized before use. That means stripping all identifiers from any patient data before feeding it into an AI model, even if it’s “just for testing.”

• Security measures must be updated. Access controls, multi-factor authentication (MFA), audit logs, and encryption must apply to AI platforms just as they do to your EHR or billing systems.

• Ongoing training is critical. If your workforce interacts with AI tools—directly or indirectly—they must understand the risks and responsibilities under HIPAA.

Failing to address these elements doesn’t just invite data breaches. It could lead to investigations, penalties, and public damage to your reputation under the DOJ’s evolving enforcement posture.

🔐 VanRein Compliance Helps You Lead, Not Lag

You don’t need to tackle these changes alone. VanRein Compliance is actively helping organizations adapt their programs for the age of AI and build trust through robust, forward-looking practices.

We offer:

• ✅ AI Risk Assessments and Compliance Audits that help you identify gaps in AI oversight and integrate them into your HIPAA framework

• ✅ ISO 42001 Certification Readiness, so your AI systems align with the world’s first AI Management System Standard

• ✅ HIPAA + AI Training Programs that educate your staff on safe and compliant usage of emerging technologies

• ✅ Policy and Documentation Support to ensure every AI interaction is covered, tracked, and defensible

The intersection of HIPAA and AI is no longer theoretical. It’s here, and it’s enforceable. Whether you're using AI to streamline workflows or enhance patient experiences, regulators expect you to act with foresight and responsibility. The stakes are high, but so is the opportunity to lead. By addressing AI risks proactively, you're not just avoiding penalties—you're building a program that patients, partners, and regulators can trust.

📞 Ready for HIPAA 2.0?

The longer you wait, the greater the risk. With HIPAA 2.0 around the corner and DOJ oversight tightening, now is the time to future-proof your compliance.

👉 Schedule your AI + HIPAA Readiness Call to assess your risks, close the gaps, and position your organization as a leader in responsible healthcare innovation.

Are your employees using unauthorized AI meeting notetakers?

You wouldn’t allow unmanaged devices on your network, so why allow unmanaged AI into your meetings?

Shadow IT is becoming one of the biggest blind spots in cybersecurity.

Employees are adopting AI notetakers without oversight, creating ungoverned data trails that can include confidential conversations and sensitive IP.

Don't wait until it's too late.

This Shadow IT prevention guide from Fellow.ai gives Security and IT leaders a playbook to prevent shadow AI, reduce data exposure, and enforce safe AI adoption, without slowing down innovation.

It includes a checklist, policy templates, and internal comms examples you can use today.

Download the Shadow IT Prevention Guide

DOJ Intensifies Crackdown on AI-Driven Healthcare Fraud

The U.S. Department of Justice (DOJ) is ramping up its enforcement of healthcare fraud in 2025, and artificial intelligence is now at the center of the conversation. But unlike the narrative around innovation and efficiency, this time AI is being scrutinized as a potential tool for committing fraud and the DOJ is making it clear: misuse will be prosecuted.

As healthcare organizations race to adopt AI tools in everything from documentation to billing, the DOJ is responding with an equally aggressive push to detect and punish AI-driven fraud schemes. One major 2025 takedown revealed individuals using AI-generated audio recordings to falsify Medicare beneficiary consent, sending a powerful message that AI misuse isn’t just unethical, it’s criminal.

Key Enforcement Trends to Watch

The DOJ’s evolving strategy is defined by five critical focus areas:

🔍 AI-Enhanced Investigations
The DOJ is deploying its own AI-powered analytics to proactively identify suspicious billing patterns and emerging fraud tactics. Expect faster investigations and broader detection capabilities.

📈 Complex Scheme Crackdowns
Fraud schemes involving telehealth, genetic testing, and durable medical equipment (DME) are under the microscope—especially when AI is used to automate or conceal abusive practices.

🧾 Accountability for AI Misuse
Whether it’s fabricated documentation, synthetic patient records, or auto-generated billing, the DOJ is holding individuals and companies accountable for how AI is used or abused.

⚖️ White-Collar Crime Priority
Healthcare fraud remains a top priority within the DOJ’s white-collar agenda. May 2025 guidance reaffirmed its commitment to pursuing both civil and criminal penalties in this space.

🏢 Corporate & Individual Liability
Enforcement is no longer limited to bad actors on the ground. The DOJ is examining compliance programs and vendor oversight, holding leadership accountable for lapses in governance and risk management.

A Call to Proactive Compliance

This isn’t just about catching fraud. It’s about setting a new standard for responsible AI use in regulated industries. As enforcement becomes faster and more tech-savvy, so too must your compliance program. Healthcare organizations must implement clear oversight, documentation protocols, and internal controls to protect themselves from both intentional misuse and accidental noncompliance.

If your organization uses AI, or works with vendors who do, it’s time to evaluate how exposed you might be.

📣 Build a Future-Proof Compliance Program

The DOJ is raising the bar—and organizations must respond. Whether you’re leveraging AI internally or relying on third-party vendors, your compliance program must include clear governance, proactive monitoring, and leadership accountability.

✅ VanRein Compliance supports your entire compliance lifecycle, from vendor vetting to leadership training, from risk assessments to robust documentation.

Real News for Real People — Not Partisans

Feeling like you want to get off the rollercoaster of polarizing politics? Read Tangle — an independent and nonpartisan political newsletter recently profiled on This American Life for helping to bridge the gap between politically divided families. Each day, the newsletter unpacks one important news story, examining it from all sides of the political spectrum.

Read it for free.

100 Genius Side Hustle Ideas

Don't wait. Sign up for The Hustle to unlock our side hustle database. Unlike generic "start a blog" advice, we've curated 100 actual business ideas with real earning potential, startup costs, and time requirements. Join 1.5M professionals getting smarter about business daily and launch your next money-making venture.

Get the guide