What You Should Know:
– Despite the rapid expansion of artificial intelligence across clinical and operational workflows, a new survey by Black Book Research of 182 U.S. hospital leaders reveals widespread underinvestment in AI governance, safety, and compliance.
– The survey reveals the median 2026 budget share for AI governance and safety is critically low, standing at just 4.2% of the combined IT and Quality/Safety budget.
The Quiet Risk: Widespread Underinvestment in AI Safety
This financial shortfall translates directly into low audit readiness:
- Only 22% of hospitals report high confidence (4-5/5) that they could deliver a complete, auditable AI explanation to regulators or payers within 30 days.
- A staggering 44% of respondents report low confidence (1-2/5) in their audit readiness.
Doug Brown, founder of Black Book Research, warned: “Underinvestment is the quiet risk in hospital AI programs… Hospitals need audit trails, not just pilots, to prepare for 2026 scrutiny. Smaller facilities are one incident away from major disruption.”
Confidence Gap Across Hospital Segments
The confidence gap is evident across all organizational sizes, with smaller hospitals facing the greatest vulnerability:
| Segment | Median % of 2026 Budget for AI Governance / Safety | High Confidence (4-5/5) | Low Confidence (1-2/5) |
| Small Hospitals (1-2 facilities) | 2.3% | 15% | 54% |
| Community Systems (3-9 facilities) | 4.5% | 21% | 43% |
| Large Medical Centers/Systems (10+ facilities/academic) | 6.8% | 34% | 28% |
Even among large medical centers, where spending is highest (6.8% median), confidence remains low, with only one-third (34%) reporting high confidence in audit readiness. The smallest hospitals, with the lowest budget share (2.3% median), show the lowest confidence (15%) and the highest risk exposure.
Top Barriers to AI Audit Readiness
Hospital leaders cite several structural and procedural hurdles slowing their governance progress:
- Vendor Transparency (41%): The top audit barrier is the limited availability of explainability artifacts (e.g., model cards, drift reports) from vendors.
- Policy Immaturity (71%): Only 29% of hospitals have implemented and enforced AI policies covering model inventory, lineage, and sign-offs, with 48% still drafting these essential policies.
- Data Provenance (37%): Over a third of hospitals report incomplete tracking of data inputs and model versions.
- Ownership Ambiguity (33%): Unclear internal ownership between IT, Quality/Safety, and Compliance teams slows governance progress.
Board Actions Recommended for Q1 2026
To drastically improve readiness, Black Book suggests that hospitals shift at least two to three percentage points of their 2026 budget toward AI governance. The following actions are recommended for Q1 2026:
- Fund a Full Stack: Implement model registry, lineage tracking, monitoring, and override logs.
- Contract for Audit Rights: Ensure all vendor agreements mandate the delivery of explainability artifacts.
- Clarify Ownership: Define clear roles and responsibilities (RACI) across IT, Quality/Safety, and Compliance, with quarterly board reporting.
- Conduct Audit Drill: Execute a 30-day AI audit drill and remediate any gaps found.
