Why Public Health Needs AI Policies Now
The reality is straightforward: your staff are using AI tools whether you have a policy or not. The question isn’t whether AI will be used in your department—it’s whether it will be used safely and responsibly. Without clear guidance, well-meaning staff may inadvertently expose protected health information, violate public records requirements, or rely on inaccurate information in enforcement actions.
Public health departments face unique challenges:
- Regulatory compliance: HIPAA, public records laws, and state-specific regulations create a complex legal landscape
- Limited resources: Every efficiency gain matters, but not at the cost of compliance
- Public trust: Communities need to know that AI augments—not replaces—human expertise
- Rapid technological change: AI capabilities evolve faster than traditional policy cycles
What Makes an Effective AI Policy
A comprehensive AI policy needs to address 11 key areas: scope and coverage, defining AI, training and awareness, AI tool approval process, access and request process, permitted and prohibited uses, data privacy and security, ethical considerations, monitoring and accountability, policy governance, and violations and enforcement.
The most effective AI policies approach these areas from a perspective of possibility rather than prohibition. Like highway guardrails, good AI policies don’t stop progress—they prevent crashes while allowing staff to reach their destinations safely.
Our Approach: Collaborative Policy Development
At F&T Labs, we understand your constraints, compliance requirements, and operational realities. As former public health officials ourselves, we’re not consultants telling you what to do—we’re former colleagues helping you make informed decisions.
We facilitate three one-hour sessions where we work through the policy sections together. In each session, we tackle several areas with your team. You make all the decisions about what works for your organization—your risk tolerance, your capacity, your needs. We guide the discussion and capture what you decide. This ensures the policy actually reflects how your organization operates and what you can realistically implement.
After those sessions, we take everything your team decided and draft the complete policy document. Then you review it, give us feedback, and we finalize it. The whole process typically takes 4-6 weeks from start to finish.
What we need from you: A core working group of 4-8 people representing IT, privacy/legal, programs, and leadership who can participate in the sessions and provide one round of feedback on the draft.
Resources Available
Download our Step-by-Step AI Policy Development Guide to start the conversation at your health department. This practical workbook walks you through each policy section with discussion questions designed to help your team reach decisions that work for your specific context.
Ready to Get Started?
If you’re ready to develop an AI policy that protects your organization while enabling your staff to work more efficiently, we’re here to help.
Schedule a conversation to discuss your department’s needs, or download our guide to begin the discussion internally.
