
‘Shadow AI’ on the Rise in Healthcare as Clinicians Turn to Unauthorised Tools to Improve Workflows
Key Takeaways:
- A survey of healthcare professionals found that 57% have encountered or used unauthorised artificial intelligence tools in their organisations, highlighting the growing presence of so-called “shadow AI” in healthcare settings.
- Many clinicians and administrators report using these tools to improve efficiency, analyse data, and manage administrative tasks, particularly when approved solutions or clear guidance are lacking.
- While most respondents believe AI will significantly improve healthcare within five years, concerns about patient safety, data privacy, and security risks remain widespread.
Unauthorised AI tools emerging in healthcare workplaces
A new survey suggests that artificial intelligence tools are already being used in healthcare organisations in ways that fall outside formal governance structures. According to the findings, a significant proportion of healthcare professionals have either encountered or used AI tools that have not been authorised by their employer.
The survey, conducted by Wolters Kluwer Health, gathered responses from 518 healthcare professionals, including both clinical providers and administrators. The research was carried out in December 2025 and was released publicly last week.
Overall, the findings indicate that four in ten healthcare professionals reported encountering unauthorised AI tools within their organisation, while 17% acknowledged personally using such tools.
When responses were analysed by professional role, 15% of physicians admitted to using an unauthorised AI tool, compared with 19% of administrators. In addition, one in ten respondents reported using an unauthorised AI tool in connection with direct patient care.
The report refers to the unauthorised adoption of artificial intelligence tools in professional environments as “shadow AI.”
Why healthcare staff turn to unauthorised AI
The survey findings suggest that healthcare professionals are often motivated by practical needs rather than deliberate attempts to bypass organisational policies.
According to the report:
“Clinical and administrative teams want to adhere to rules surrounding AI usage, but if the organization hasn’t provided guidance or approved solutions, they’ll experiment with generic tools to improve their workflows.”
Many respondents indicated that the absence of formal guidance or approved AI platforms has encouraged individuals to explore publicly available tools on their own.
The most frequently cited motivation for using unauthorised AI tools was the need to accelerate workflows and improve efficiency. Approximately half of respondents identified faster workflows as the primary reason for using these tools.
However, the survey also revealed differences in how clinical and administrative staff tend to use AI technologies.
Administrators were more likely to employ AI tools for operational or analytical tasks such as:
- Data analysis
- Predictive analytics
- Administrative processes
Healthcare providers, meanwhile, reported using AI for activities such as:
- Data analysis
- Patient scheduling
- Patient engagement tasks
The findings also indicate that clinicians were more likely than administrators to experiment with AI tools out of curiosity.
Governance and policy development remain uneven
The survey results highlight a notable imbalance in how different professional groups participate in the development of AI policies within healthcare organisations.
According to the report, administrators were three times more likely than clinical providers to be actively involved in developing AI governance policies.
Specifically:
- 30% of administrators reported involvement in AI policy development
- Only 9% of providers said they had participated in such efforts
This difference suggests that policy ownership around AI adoption may currently be concentrated within administrative leadership rather than clinical teams.
Administrators also reported greater familiarity with their organisation’s AI policies compared with providers, although awareness varied across both groups.
Security and privacy risks associated with “shadow AI”
The use of unauthorised AI tools raises important concerns about data security, privacy protection, and governance oversight.
The Wolters Kluwer report notes that inconsistent or unsanctioned AI usage can expose organisations to potential vulnerabilities. Without clear oversight, the integration of external AI tools may lead to data privacy violations, security breaches, or inappropriate handling of sensitive information.
To illustrate these risks, the report references a 2025 study by IBM, which found that 97% of organisations that experienced an AI-related security incident lacked adequate AI access controls.
Security incidents involving AI systems can have significant consequences, including financial losses, operational disruption, and damage to public trust.
Healthcare professionals remain optimistic about AI’s future
Despite concerns about governance and security, the survey indicates that most healthcare professionals remain broadly optimistic about the long-term role of artificial intelligence in healthcare.
Nearly 90% of respondents said they believe AI will significantly improve healthcare within the next five years. Administrators were found to be slightly more optimistic than clinical providers about the potential benefits of the technology.
At the same time, respondents recognised that AI implementation carries important risks that must be addressed.
Patient safety was identified by around half of respondents as the most significant risk associated with AI adoption.
Meanwhile, nearly half of respondents also expressed concerns about data privacy risks.
These findings suggest that healthcare professionals recognise both the transformative potential of artificial intelligence and the need for careful governance, clear guidance, and secure systems.
Addressing the rise of “shadow AI”
The report concludes that addressing the growth of shadow AI requires organisations to understand why staff are turning to unauthorised tools rather than focusing solely on restricting access.
According to the report:
“Ultimately, addressing shadow AI is not about restricting access to productivity tools. Leaders must understand why teams are using unsanctioned tools and which challenges they’re trying to solve, and then identify enterprise-level tools that can accomplish these goals safely and securely.”
As artificial intelligence becomes increasingly embedded in healthcare workflows, organisations may need to develop clearer policies, provide approved tools, and involve both clinical and administrative staff in governance decisions.
Such measures may help ensure that the benefits of AI can be realised while protecting patient safety, safeguarding sensitive data, and maintaining organisational trust.




