PACS · AI & Knowledge Governance
01 / 06

Governance before the breach.

AI & Knowledge Governance at PACS — a proposal for responsible adoption, lifecycle control, and the function that owns it.

Presented by
David Hunter · Regional Director of Engineering
Audience
PACS Technology Leadership
Companion Reference
Full dossier & controls — linked throughout
Use or scroll to advance · six slides
The Contract
02 / 06
What I'm going to tell you

In the next 30 minutes,
five things.

The Moment
03 / 06
Why this matters now

AI is already inside PACS.
The governance has not caught up.

01 · INSIDE THE TENANT
392Copilot users

AI is operating at scale inside PACS today.

Microsoft 365 Copilot assigned to 392 licensed users. Microsoft Copilot Studio, Power Automate, and embedded vendor AI are also active. No formal inventory. No defined owner. No lifecycle.

Source: PACS M365 Admin Center · licenses verified May 26, 2026
02 · THE REGULATORY CLOCK
May 1,2025

HHS Section 1557 AI provisions are already enforceable.

Covered entities must identify AI tools using protected characteristics, mitigate discrimination risk, train staff, and audit AI performance. The compliance window closed thirteen months ago. The HIPAA Security NPRM contemplates AI inventory as a required control.

Source: HHS Section 1557 Final Rule
03 · WHAT IT COSTS WHEN IT GOES WRONG
$9.77Mavg breach · healthcare

Peer organizations are already paying — and being sued.

Healthcare averages $9.77M per data breach (IBM, 2024). UnitedHealth is currently defending a class action over an AI tool used to deny skilled-nursing coverage — Estate of Lokken v. UnitedHealth Group, filed November 2023. The case is directly post-acute.

Source: IBM Cost of a Data Breach 2024 · Lokken v. UnitedHealth, D. Minn. 0:23-cv-03514
This function works alongside the Vendor AI Committee, Compliance, Privacy, InfoSec, and Internal Audit — not over them. Its role is to close the lifecycle gap none of them owns end-to-end.
The Role & The Plan
04 / 06
The proposed function

Director of AI & Knowledge Governance.

PACS equivalent of Microsoft's Lead Responsible AI Champ + Office of Responsible AI functions. One function. Four operational pillars. Anchored to NIST AI RMF 1.0 and ISO/IEC 42001-aligned posture.

PILLAR 01

Policy

PACS Responsible AI Standard. AUP. AI incident response. Vendor & BAA posture.
PILLAR 02

Lifecycle

Intake. Risk classification. Approval gates. Versioning. Rollback. Retirement.
PILLAR 03

Knowledge

KB · SharePoint · ServiceNow governance. Source validation. The substrate AI reads.
PILLAR 04

Enablement

Tiered training. AI Champions network. Internal literacy. Adoption metrics.
90-day, 12-month, 24-month trajectory People · Tools · Outcomes
NOW · MAY 2026
Function approved · task force named
Entra Agent ID enabled (zero cost) · DSPM for AI audit mode
DAY 30 · JUN
Intake live · tenant inventory baseline
All 392+ agents triaged · risk classification draft
DAY 90 · AUG
Lifecycle SOP · Responsible AI Standard v1
NIST AI RMF training complete · AIGP exam scheduled
+6 MO · NOV 2026
Recurring audit cadence · KB governance live
First quarterly report to leadership
+12 MO · MAY 2027
Mature reporting · measurable adoption + risk metrics
All medium/high-risk agents under Sensitive Uses Review
+18–24 MO
ISO/IEC 42001-aligned posture
External readiness assessment · audit-defensible program
Why internal first. No PACS employee currently holds a complete AI governance credential stack — by design, this proposal includes a 90-day commitment to close that gap. The real choice is not credentialed internal vs. uncredentialed internal. It is an external governance hire who must learn PACS over 12–18 months, or an internal PACS operator on a documented credentialing path who can start immediately. Internal mobility has been signaled as preferred.
PROPOSED LEAD
David Hunter · Director of AI & Knowledge Governance
Practitioner-level fluency with Copilot Studio agents, parent/child architecture, evaluation sets, and knowledge governance. Years of PACS context. NIST AI RMF training scheduled May 26 · IAPP AIGP within 90 days · ISO/IEC 42001 Lead Implementer in Y2.
DETAIL → dossier · skill assessment & credential roadmap
The Financial Case
05 / 06
What it costs · what it saves

Govern now at low cost,
or remediate later at high cost.

What it costsThis costs almost nothing today.

$0
net-new tooling required for Phase 1 (≤ 90 days).
  • Microsoft Entra Agent IDincluded in existing Entra licensing. Zero-cost shadow-agent inventory.
  • Purview DSPM for AI — audit mode — within existing Purview scope. No enforcement, full visibility. [verify E5/Purview scope]
  • M365 Agent 365 registry — surfaces in admin center alongside existing M365 administration. [verify per-user pricing]
  • Copilot Admin Portal extract — already available to existing administrators. included
  • Internal-led Phase 1 — no external recruiting cost or onboarding ramp. $0 add
  • Major tooling spend — explicitly deferred until inventory and risk classification produce a defensible recommendation.
Source: M365 admin · Entra · Purview · existing PACS licensing posture

What it costs to not do thisNot doing this is materially more expensive.

$9.77M
average healthcare data breach (IBM Cost of a Data Breach 2024).
  • Healthcare breach — sector average $9.77M per incident. Healthcare is the costliest sector for the 14th consecutive year. (IBM/Ponemon, 2024.)
  • Lokken v. UnitedHealth — class action over AI denying skilled-nursing coverage. Directly post-acute. Damages TBD · ongoing.
  • Section 1557 enforcement — no published cap on civil money penalties. Unbounded regulatory exposure.
  • OCR HIPAA settlements — recent multi-million-dollar resolutions for inventory and risk-assessment failures (Anthem · Premera · Excellus precedents).
  • Litigation hold cost — when AI lifecycle records do not exist, discovery becomes forensic. Cost compounds against insurer caps.
  • Reputational cost in SNF licensure — state surveys, CMS conditions of participation, and corporate compliance reviews all probe AI use.
Source: IBM 2024 · Lokken v. UnitedHealth Group, D. Minn. 0:23-cv-03514 · HHS OCR enforcement bulletins
The bottom line Phase 1 produces the inventory and risk classification that makes every subsequent dollar defensible. The cost of starting is tooling we already own. The cost of not starting is paid in incident, enforcement, or litigation — at peer-organization rates.
The Ask
06 / 06
Recap & decision requested

Five things told.
Three decisions to make.

What I told you

  • AI is operating inside PACS today — 392 Copilot users, no formal inventory, no lifecycle.
  • AI and knowledge governance are one function — the data is what trains the AI; both must be owned together.
  • The role, the plan, the lead — Director of AI & Knowledge Governance, four pillars, 90-day commitments, internal lead on a documented credential path.
  • It uses tools we already own — Entra Agent ID, Purview DSPM, Agent 365. Remediation later is materially more expensive — $9.77M average per healthcare breach.
  • Now: the decision. Three asks. Each independent. Each reversible. Each defensible.

Decisions requested

01
Approve the AI & Knowledge Governance function Establish the role, scope, and reporting line. NIST AI RMF + ISO/IEC 42001-aligned posture. Works alongside Vendor AI Committee, Compliance, Privacy, InfoSec, Internal Audit.
02
Approve internal-led Phase 1 buildout David Hunter as named lead pending formal role definition. 90-day commitment includes NIST AI RMF training, IAPP AIGP, and documented credentialing roadmap. Internal mobility signaled as preferred.
03
Defer major tooling spend until Phase 1 produces inventory, risk classification, and recommendations Use Microsoft-native capabilities already owned. Any net-new tooling investment defended on Phase 1 findings — not on vendor pitch.
Full reference materials · controls · BAA matrix · regulatory floor · agent lifecycle · environment build → companion dossier