AI in Healthcare

Good morning. Today is December 22, 2025. This week's newsletter covers six critical developments in AI and healthcare:

Have suggestions? Reply to this email.

A Black Book poll found that "governed AI" has become the deciding factor for 2026 NHS purchasing decisions. This marks a fundamental shift from price-based or brand-based buying to governance-first evaluation. NHS buyers now require proof of AI oversight, controls, and trust mechanisms before shortlisting vendors.

For vendors selling to the NHS, this means governance documentation must be ready at bid time. Sales teams need policy documents, risk assessments, and audit logs prepared before RFP responses. Legal and product teams must align on governance claims to avoid disqualification.

Contracts should include AI-specific service level agreements and audit rights. Run pilot projects that demonstrate safe, auditable AI behavior before submitting full bids. Without clear governance proof, vendors risk exclusion from 2026 procurement cycles regardless of technical capability or cost advantage.

DataM Intelligence projects the generative AI in healthcare market will reach $30.68 billion by 2033. Key players include IBM, Microsoft, Google, NVIDIA, and OpenAI. The report identifies drug discovery and medical imaging as primary use cases driving growth.

This forecast signals major market expansion over the next eight years. Healthcare organizations should plan budgets now for data infrastructure and compute partnerships. Cloud and GPU vendor relationships will become critical for competitive advantage.

Focus pilot projects in drug discovery and imaging workflows to demonstrate ROI quickly. These areas show the clearest path to measurable clinical and financial returns. The market signal is unambiguous: generative AI represents a growth opportunity that requires strategic planning and capital allocation today.

Comparitech and Industrial Cyber report that healthcare vendor attacks rose 30% in 2025. Of 423 total incidents tracked from Q1 to Q3, 130 targeted healthcare businesses rather than direct providers. Vendors suffered 6,049,434 breached records with an average ransom of $532,000.

Attackers now target one vendor to compromise multiple providers simultaneously. This amplifies supply-chain risk and creates complex liability across contracts and insurance policies. The shift makes third-party vendors the primary entry point for healthcare breaches.

Healthcare leaders must treat vendors as high-risk assets. Add continuous monitoring and tighter service level agreements to vendor contracts. Require proof of backup systems and breach response drills from all key suppliers. Increase cyber insurance coverage and add contract clauses for incident cost-sharing. Prioritize patching and access controls on all third-party integrations. The 2025 data shows the attack vector has moved outward—organizations must harden third-party controls immediately.

A Nature Medicine study tested pathology AI models on over 4,300 cancer patient slides from The Cancer Genome Atlas and Mass General Brigham. Researchers found accuracy gaps by race of 3.7% for breast cancer, 10.9% for lung cancer, and 16.0% for glioma cases.

Simple reweighting of under-represented patient groups only marginally reduced bias. Self-supervised foundation models reduced disparities and raised overall accuracy, but gaps persisted and some demographic groups remained small in test sets.

Bias in pathology AI creates unequal care and legal risk. Hospital leaders and buyers must demand demographic-stratified performance reports from vendors. Require testing on local patient cohorts before deployment. Prefer models trained on large, diverse datasets or foundation architectures, but still insist on subgroup metrics. Push regulators to mandate demographic-stratified evaluation as a standard approval requirement. Without diversity checks in procurement and approval processes, AI can widen existing health disparities even as it improves aggregate care quality.

A Nature Communications Medicine study tested BMVision AI with six radiologists reading 200 abdominal CT scans twice—with and without AI assistance—for 2,400 total reads. AI reduced the time to identify, measure, and report malignant renal lesions by approximately 33%.

BMVision has CE marking and is moving from research into clinical workflow at Tartu University Hospital. The tool assists detection and measurement but does not replace radiologist oversight.

Faster reads free radiologist capacity to handle rising imaging volumes with limited staff. For imaging services, this can reduce reporting bottlenecks and improve triage for suspected kidney cancer. The CE mark enables immediate clinical rollout across the European Economic Area. Organizations should evaluate similar validated tools to address workflow constraints while maintaining quality oversight.

The Department of Health and Human Services issued a Request for Information asking how the entire agency can accelerate AI adoption in clinical care. HHS will consider three main levers: regulation, reimbursement, and research and development funding.

Comments are due 60 days after Federal Register publication. The full RFI text is available online. HHS wants input from AI developers, healthcare organizations implementing solutions, and clinicians facing adoption barriers.

Your comments can shape regulatory requirements, payment models, and funded research priorities. This directly affects product design, market access, and revenue for both vendors and health systems. Prepare submissions that focus on real-world implementation barriers and economic impact. Include specific recommendations on regulation, reimbursement structure, or research priorities. Review the new info-blocking FAQs if your solution involves automation or electronic health information exchange. This is a direct opportunity to influence federal policy on clinical AI.

This week shows AI moving from experimental to operational across healthcare. Governance requirements are tightening, market opportunities are expanding, and security risks are shifting to supply chains. Organizations that act now on governance documentation, vendor security controls, and bias testing will gain competitive advantage.

The HHS Request for Information creates a direct channel to influence federal policy. Vendors and health systems should submit focused recommendations on regulatory barriers, reimbursement models, or research priorities before the 60-day deadline. The NHS governance shift demonstrates that policy changes can reshape procurement criteria overnight—preparation matters.