[Still running light as on clinical]

Michigan nurses bargained AI guardrails into their union contract.

Nurses at Munson Medical Center in Traverse City ratified a three-year deal — by a 93% margin — that writes a contractual definition of AI into the agreement and creates a formal channel to raise concerns before a new tool is deployed (Spectrum News). “Giving us contractual language that allows us to speak with the medical center about our concerns when these new tools are introduced,” is how the bargaining team described it. The CNO framed it as balancing staff input against the system’s need to move. If you build clinical tools, the deployment surface just grew a new stakeholder with signing authority.

😤 “Great, now a union committee can veto my rollout.” That’s the wrong read. A channel to surface concerns early is the cheapest user research you’ll ever get — the nurses are the ones who’ll find the failure mode at 3 AM whether or not there’s contract language. The systems that treat this as a veto will fight it; the ones that treat it as a free QA loop will ship better tools.

The small systems are out-governing the big ones — without an AI team.

Becker’s talked to CIOs at four small and midsize systems running serious AI footprints with no chief AI officer and no data science group. Reid Health (Richmond, Ind.) has 318 AI tools live generating ~$7.2M in annual value — governed by an AI Clinical and Innovation Committee that scores every tool against a framework aligned to the NIST AI Risk Management Framework before anything goes live. Willis Knighton stood up its governance council in a 90-day sprint and reports zero failed deployments. “AI decisions at the bedside are not IT decisions,” Reid’s CIO said. The constraint was never headcount. It’s a process no tool gets to skip.

😤 “Sure, but they’re just buying everything from vendors.” They said so out loud — and named the actual risk: “vendor dependence without accountability.” They track utilization, measure outcomes, and hold vendors to documented performance. That’s the move a clinician-builder should copy whether you’re buying or building: define the value you’re chasing before you evaluate the tool, and write down what “working” means so you can tell when it isn’t.

UCLA Health stood up a center just to evaluate AI tools. INOVAi — the Innovations and Outcomes Validation of AI Center — will test AI across its full lifecycle: usability, workflow fit, clinical trials, implementation studies (news release). UCLA says it’s among the first programs in the country built specifically for AI evaluation and implementation science. This is the same thesis this newsletter keeps circling: the durable moat isn’t the model, it’s the independent, real-world eval. Now an academic system is building the institution around it.

A pediatric EM doc makes the case for clinicians in IT leadership.

Kopal Seth, MD, associate CMIO at Phoenix Children’s, writes that she trained for the trauma bay, got pulled into the 2010 EHR rollout, and never left — because “physicians already possess many of the foundational skills required for IT leadership: systems thinking, pattern recognition, communication under pressure.” Her warning on AI: “without physician insight, AI tools risk becoming another layer of burden that is well intentioned, expensive and ultimately ignored.” Her advice to clinicians eyeing the path: start with the biggest workflow pain points, get involved across teams, stay connected to patient care. The trauma bay taught her to respond to crises; informatics taught her to prevent them.

💡 BTW

The FBI built a fake town to practice saving hospitals. Its Kinetic Cyber Range at Redstone Arsenal in Huntsville, Ala. is a 22,000-square-foot simulated town — houses, a hotel, a power company, a gas station, and a fully wired mock hospital — with real networks, servers, Active Directory, and firewalls behind every facade. In one drill, a simulated ransomware attack locks down the hospital network, alarms sound, and role players respond as if patient care is on the line. It’s trained 1,400+ people since opening in February 2025, and it lands at a moment when healthcare was the No. 1 cybercrime target among U.S. critical-infrastructure sectors last year — 460 ransomware attacks in 2025 alone, per FBI data cited by Becker’s. Somewhere in Alabama there’s a hospital that only exists to get attacked, so the real ones don’t have to learn on the job.

What are you building this week? Email and tell me (kevin@clinicians.build) — I read every one.

— Kevin