.png)
.png)
Healthcare IT leaders often talk about agentic AI as something that is coming.
That framing is increasingly misleading.
Agentic AI (AI systems that can reason, plan, and act across multiple steps and tools with limited human intervention) is already influencing clinical decisions today. Not through approved medical devices, but through informal and unmonitored use of general-purpose AI tools inside clinical workflows.
These tools function as shadow AI: AI systems that influence clinical reasoning and decisions without institutional clearance, visibility, or control, similar to how shadow IT emerged before formal governance models caught up.
A recent Wolters Kluwer Health survey found that around 40% of healthcare professionals have encountered unauthorized AI tools in their organisations, and nearly 20% report having used them, including in some direct patient-care scenarios(1). This confirms that shadow AI is not theoretical, but already embedded in day-to-day clinical work.
This is not a future governance challenge. It is a present infrastructure gap.
The Failure Is Already in Your Hospital
A radiologist finishes a late shift.
They open a general-purpose LLM to sanity-check a complex finding. Not because IT approved it, but because it is faster than calling a colleague. The tool summarises guidelines, suggests follow-up imaging, and drafts an impression.
Nothing dramatic happens. That is the danger.
The output looks reasonable. It sounds confident. It is wrong in a subtle but clinically relevant way.
No one can audit which model version produced the answer.
No one can trace what sources were used.
No one can tell whether the behaviour changed after a silent model update.
The recommendation influences a clinical decision indirectly. There is no log, no monitoring, no governance.
This pattern is already reported informally by CIOs and CMIOs in large academic centres across Europe. It rarely appears in official usage metrics because it happens outside approved systems.
The same Wolters Kluwer survey shows that clinicians and administrators often turn to unauthorized AI tools to improve speed and workflow efficiency, especially when enterprise-approved options are not available.
From an IT perspective, this is already an agentic system acting outside of control.
Blocking access does not eliminate shadow AI. It decentralises it further.
Why Agentic AI Changes the Risk Profile for Healthcare IT
Traditional clinical AI behaves predictably. An input produces an output. The model does not adapt during use.
Agentic systems behave differently.
They combine foundation models (large AI models trained on broad data) with memory, tools, and orchestration logic. This allows them to reason, iterate, and act across systems such as PACS, reporting tools, guidelines, and clinical trial databases.
This creates value. It also invalidates existing governance assumptions that were designed for static systems.
Agentic systems do not reliably produce the same output for the same input. They depend on underlying models that may be upgraded, fine-tuned, or deprecated by external providers. In a regulated clinical environment, this challenges the reproducibility, validation stability, and post hoc accountability.
These concerns are no longer theoretical. They are being discussed openly by clinicians, IT leaders, and infrastructure providers across European and US healthcare systems.
Stop Treating Agentic AI as a Feature Problem
Many healthcare organisations are responding to agentic AI by embedding directly into individual point solutions.
A reporting tool adds an autonomous summarisation agent.
A PACS vendor adds a reasoning assistant.
A guideline system adds recommendation logic.
Each solution appears compliant in isolation.
Collectively, they create an ungovernable system.
Ungovernable means no single party can reconstruct, explain, or intervene in system behaviour end-to-end.
There is no shared control layer.
No unified audit trail.
No way to observe interactions across agents.
No protection against model changes invalidating prior validation.
This approach is often intended to be cautious. In practice, it fragments responsibility while removing the ability to exercise control.
When Governance Stops Reflecting Reality
Many healthcare organisations have invested serious effort in governing AI.
They have internal position papers on generative AI. They have approval committees. They have clearly articulated principles around validation, safety, and clinical responsibility.
These efforts are well-intentioned and necessary.
They are also increasingly misaligned with how AI is actually used in clinical environments.
Governance starts to lose effectiveness when it is built around assumptions that no longer hold. When policies reflect how AI was expected to be used, not how it is already being used. When leadership can describe rules and processes, but lacks visibility into real-world behaviour across teams and tools.
In those situations, governance does not fail because organisations are careless. It fails because the form and pace of technological change have outgrown the mechanisms designed to manage it.
This is not a question of intent. It is a question of fit.
The Gap Between Policy and Practice Is the Real Risk
In many hospitals, the official position is that generative and agentic AI are restricted or prohibited. In practice, clinicians already rely on shadow AI for reasoning, summarisation, and decision support because the tools are accessible and useful.
Wolters Kluwer survey respondents ranked patient safety, privacy, and data security as their top concerns regarding unauthorized AI use, underscoring that this gap creates material operational risk, not just theoretical discomfort.
This gap is not malicious. It is structural.
Policy assumes control through prohibition. Clinical practice adapts to operational pressure. The result is a system where AI influences care while remaining invisible to IT, compliance, and executive leadership.
Over time, this gap compounds risk rather than containing it.
Waiting Is No Longer a Neutral Strategy
Foundation models and agentic systems are already influencing clinical work, regardless of formal approval.
In this context, choosing not to provide a governed alternative does not preserve safety. It creates a growing governance gap that leadership ultimately remains accountable for.
CIOs are no longer deciding whether AI enters clinical workflows. They are deciding whether it enters with governance or without it.
Inaction does not reduce exposure. It shifts control away from the organisation and toward unmanaged systems embedded in daily work.
Infrastructure Is the Only Control Point That Scales
The limiting factor for responsible agentic AI in healthcare is not model capability.
It is infrastructure.
Agentic systems require orchestration layers that define which agents act, when, and why. They require auditability across agents, models, and decisions. They require monitoring to detect performance drift in production. They require a strict separation between AI assistance and medical responsibility.
Without this foundation, agentic AI cannot be governed at scale.
With it, agentic systems function as clinical co-pilots rather than uncontrolled actors.
Why Cloud Infrastructure Becomes Necessary at Scale
Agentic systems place demands on compute, memory, and version control that local infrastructure cannot reliably meet over time.
Each agent is typically powered by a large foundation model with persistent memory and tool access. Multiple agents running in parallel amplify requirements for reproducibility, traceability, and lifecycle management.
In practice, cloud environments are currently the only place where these guarantees can be delivered consistently at scale. They enable stable model versioning across long validation cycles, controlled handling of model upgrades and deprecations, persistent agent memory with auditability, and centralised monitoring across institutions.
For many healthcare organisations, this leads to hybrid architectures. Local systems remain essential. But the control plane for agentic AI increasingly sits in environments designed for elasticity, lifecycle control, and observability.
Agentic AI does not mandate cloud by ideology. It exposes the need for infrastructure that can support governance at scale.
Monitoring Is the Missing Clinical Safeguard
Healthcare lacks mature, standardised methods to monitor agentic systems in production.
Traditional validation approaches were designed for static models. They do not capture evolving behaviour, cross-agent interactions, or longitudinal drift.
Without continuous monitoring, organisations remain stuck between perpetual pilots and uncontrolled rollouts.
Agentic systems require platforms that can observe, document, and compare behaviour across sites and over time. Without this, trust cannot be sustained.
This Requires a Leadership Shift
Agentic AI is not challenging healthcare because the technology is reckless.
It is challenging healthcare because governance and delivery models were designed for a world of slower change, predictable systems, and tightly bound tools.
That world has changed.
Leadership responsibility today is defined by what can be observed, governed, and explained in practice, not only by what is permitted on paper. This places new demands on CIOs and executive teams who remain accountable for outcomes even as AI systems increasingly operate across traditional control boundaries.
This is not a failure of leadership. It is a shift in what leadership now requires.
Organisations that adapt will be those that invest in a clinical AI infrastructure layer that sits between models and workflows, enabling orchestration, auditability, monitoring, and lifecycle control across the organisation.
This is no longer about top-down adoption.
It is about whether shadow AI remains invisible or becomes governable.
.png)
.jpg)
.png)