The most common response I get when talking to Michigan practice managers about AI is some version of: "We'd love to — but HIPAA."
It's understandable. HIPAA compliance is serious, the penalties are real, and healthcare practices have been burned by vendors who didn't understand the rules. Caution makes sense.
But in 2026, the "HIPAA blocks AI" belief is outdated — and it's costing Michigan practices real money in administrative time they can't afford to lose.
The HIPAA Myth That's Keeping Practices Stuck
The widespread belief is that using AI requires sharing protected health information (PHI) with a third-party AI provider, which violates HIPAA.
This is not accurate. HIPAA explicitly allows healthcare providers to share PHI with third-party vendors who are "business associates" — as long as a Business Associate Agreement (BAA) is in place. A BAA is a contract in which the vendor agrees to safeguard PHI according to HIPAA requirements. This is the same mechanism your practice already uses with your EHR vendor, your billing company, your lab, and your answering service.
The question for AI is not "can we share PHI with an AI provider?" The question is "does this AI provider offer a BAA?"
Which AI Providers Offer HIPAA BAAs (In 2026)
| Provider | BAA Available | Notes |
|---|---|---|
| Anthropic (Claude API) | ✅ Yes | Enterprise API for healthcare use cases; required for PHI processing |
| Microsoft Azure | ✅ Yes | Covers Azure OpenAI Service for HIPAA-covered entities |
| Google Cloud | ✅ Yes | Vertex AI + Healthcare API; thorough compliance documentation |
| Amazon AWS | ✅ Yes | Covers most services; widely used in large health systems |
| ChatGPT.com (browser) | ❌ No | Consumer product — no BAA, do not use with PHI |
| Claude.ai (consumer) | ❌ No | Consumer product — no BAA, do not use with PHI |
The critical distinction is enterprise API with BAA vs. free consumer product without BAA. When your staff uses ChatGPT.com to draft a patient letter, that is a HIPAA problem. When your practice deploys a custom AI built under a BAA, it is not.
The Three Workflows Where Michigan Practices Are Losing the Most Time
1. Prior Authorization
Prior authorization is the single largest administrative burden in most practices — and the one with the highest AI ROI.
The current process at most practices: a staff member reads an incoming referral or order, extracts the relevant diagnosis codes, pulls the patient's insurance and history, fills out a payer-specific form or portal, submits, and then waits — checking back regularly for approval or denial, sometimes for days.
An AI-powered prior auth workflow can:
- Read the incoming referral and extract all relevant data automatically
- Pull the patient's record to build the authorization request
- Submit via payer portal integration or fax API
- Monitor for response and flag exceptions for staff review
- Escalate only the cases that need human judgment
Result at Michigan practices that have deployed this: prior auth time drops from 18–25 hours per week to 3–5 hours per week. Same staff, same patients — without the manual data handling.
2. Patient Communication and Follow-Up
After-visit follow-up, appointment reminders, no-show management, post-procedure check-ins, referral coordination. All of these are time-intensive communication tasks that are mostly templated and don't require clinical judgment — but they eat hours of staff time every week.
AI can handle the templated portions while flagging any patient responses that require actual clinical engagement. Practices using AI-assisted patient communication report 30–40% reductions in administrative time spent on communication.
3. Clinical Documentation
AI scribing — using AI to generate clinical notes from recorded or structured encounter data — is the fastest-growing use case in healthcare AI. Physicians typically spend 2–3 hours per day on documentation. That's 10–15 hours per week per physician that is not patient care.
AI documentation tools, properly configured under a BAA, can generate initial note drafts that physicians review and sign. Time savings of 60–90 minutes per physician per day are documented in published research.
What "HIPAA Compliant" Actually Means in Practice
For a Michigan practice deploying AI, HIPAA compliance means:
- Choose a vendor with a signed BAA. No BAA = no PHI. Period.
- Conduct a risk assessment. Adding AI is a new technology that should be included in your periodic security risk assessment.
- Document the deployment. Your compliance records should include what AI tool is deployed, what PHI it processes, the BAA, and training records.
- Train your staff. Your staff should know which AI tools are approved for PHI and which are not.
- Build an off-ramp. Your AI workflow should have defined exception handling for cases requiring human clinical judgment.
None of this is unusual or burdensome. It's the same diligence you already apply to any new vendor.
A Realistic AI Pilot for a Michigan Practice
The fastest path from "curious but cautious" to "running with data" is a 6-week pilot.
Pilot Structure
Week 1–2: Discovery and design. Map the prior auth workflow, identify the highest-volume payers, document the current process.
Week 3–4: Build and test. Deploy the AI layer, connect to existing EHR workflow (without replacing it), test with 10–15 cases under staff supervision.
Week 5–6: Live operation. Staff runs the workflow, AI handles the data, exceptions escalated. Track time vs. baseline.
What a Michigan 5-Provider Practice Typically Finds After 6 Weeks
Prior auth time: 22 hrs/week → 4 hrs/week (18 hours recovered)
Authorization turnaround: 3–5 days → same-day in 80% of cases
Labor cost savings at $22/hr: $396/week → $20,592/year
Project cost: $12,000–$18,000
Payback period: 7–11 months
The Michigan Grant Angle
Michigan practices can access two grant programs that directly apply to AI deployments:
Michigan Going PRO Talent Fund
Covers the training component of any AI project — staff instruction on using the new system. $2,000 per trained employee ($3,500 per USDOL Registered Apprentice). Applied through your local Michigan Works! office. Applications must be submitted before training begins.
Michigan Health Endowment Fund
Grants for Michigan healthcare organizations implementing patient care technology. Accepted quarterly. $10,000–$500,000 range. Focus on underserved communities and smaller organizations.
For a $15,000 AI pilot, grant funding commonly reduces the net cost to $8,000–$10,000.
Your HIPAA Questions Answered — Before You Commit to Anything
Book a free 30-minute strategy call. We'll walk through your specific compliance situation, identify which workflows have the clearest AI ROI, and show you exactly which Michigan grants apply. Written summary within 48 hours.
Book a Free Strategy CallAmerican AI Solutions LLC · Southgate, Michigan · david04calderon@gmail.com
American AI Solutions LLC builds HIPAA-compliant AI systems for Michigan healthcare practices under Business Associate Agreements with Anthropic, Microsoft Azure, and Google Cloud. We specialize in prior authorization automation, patient communication AI, and clinical documentation support for private practices and specialty clinics across Michigan.