Every physician practice and community health clinic in the United States currently has at least one AI tool live. The initial phase of vendor pitches and experimental buying is over. The more pressing operational question is whether healthcare organizations can defend the AI already running in their businesses.
In Texas, this transition carries a specific deadline: enforcement of two new responsible AI laws—the Texas Responsible Artificial Intelligence Governance Act (TRAIGA) and SB 1188—opens September 1, 2026. For mid-market healthcare organizations, the pressure is mounting on chief information officers (CIOs) and chief operating officers (COOs) to move from regulatory uncertainty to oversight that boards can trust.
Chris Calitz, Founder and Chief Executive Officer (CEO) of Amplify Impact Consulting, a Dallas-based AI advisory firm serving mid-market healthcare organizations, works at the center of that pressure. “You cannot govern what you cannot name,” states Calitz. “The discovery process is the start of visible governance.” Calitz defines Visible Governance as an observable and audit-proof AI oversight document that regulators and clinicians can see and trust, rather than a forensic reconstruction after an incident.
From Friction to Disciplined Velocity
A common misconception in executive suites is that governance is a secondary activity that slows down deployment. In practice, the organizations converting AI projects into measurable value fastest are those that can answer risk questions today, not after a six-month delay.
Avoiding these questions does not create speed; it accumulates Deployment Drag. This is the operational cost of governance decisions you have not yet made, which eventually surfaces as rework and regulatory exposure.
Disciplined Velocity is an operating framework designed to move faster under visible accountability. It is not a bureaucratic hurdle but a method to remove the friction that ungoverned adoption generates downstream.
Operationalizing the Disclosure Mandate
Under TRAIGA and SB 1188, Texas healthcare providers face specific obligations to disclose AI use to patients when the technology informs diagnosis or treatment. Moving this from a policy statement to an operational reality requires a four-step framework:
- Step One — AI Inventory: Conduct a one-time audit to identify exactly what AI vendor tools are live and what tools staff are using. This surfaces Shadow AI, or the unsanctioned tools employees use to solve workflow frustrations.
- Step Two — The Decision Pack: Create a one-page document for each tool covering its function, data access, and the human reviewer responsible for its output.
- Step Three — Disclosure Policy: Document how AI use is communicated during patient encounters.
- Step Four — Workflow Validation Controls: Implement front-desk scripts, patient consent forms, and electronic health record (EHR) fields to document that disclosure occurred.
The Path to Operational Readiness
Beginning September 1, 2026, a Texas healthcare organization may receive a notice from the Attorney General regarding a potential violation, triggering a 60-day cure period. While many executives view this as a threat, it is more effective to treat the requirement as an operational drill. Organizations that run quarterly drills can recover in days rather than months. The strategic purpose of these drills is verifying that AI vendor audits are current and that products remain accurate and safe. The executive who has documented and practiced these responses holds a board-defensible position that ensures a manageable remediation rather than an organizational fire drill.
The Fiduciary Playbook: Turning AI Controls into Board Value
The path to scaling AI without compromising patient care or board trust requires distinct actions from different leadership layers:
For CEOs: The most important action is to prepare a one-page board summary for every AI tool running across the organization. This summary converts technical uncertainty into visible controls and gives the board clarity on what the organization is running.
For CIOs and COOs: The priority is to establish the quarterly drill rhythm to ensure the organization can meet a 60-day remediation window with confidence. This discipline ensures that AI adoption strengthens the institution rather than creating liabilities.
“Visible governance is the grease the wheel needs to move,” Calitz reflects. The organizations that build these controls now will deploy with confidence, knowing their compliance gaps are closed before a regulator identifies them.
Follow Chris Calitz on LinkedIn for more insights on healthcare AI governance, regulatory readiness, and building the operating systems that let organizations deploy AI at speed without compromising patient care or board trust.
