Over the last year, states have increasingly been enacting legislation to regulate the use of artificial intelligence (AI) and large language models (LLMs) in healthcare in an attempt to keep pace with these technologies, even as activity at the federal level has been limited. An Avalere Health analysis found that as of August 2025, at least 29 states and the District of Columbia (DC) have passed at least one bill addressing the use of AI in healthcare (Figure 1). 

Figure 1. States with Enacted Bills Related to AI in Healthcare

Most enacted legislation falls into three categories: 

Prior authorization/claims laws govern how health plans manage their utilization management or claim processing programs. State legislation and oversight of prior authorization varies across states, and most often span across Medicare Advantage, Medicaid, Exchange, and Employer Sponsored Insurance. Most of the laws in this category limit the extent to which a plan can include this technology in reviewing claims or prior authorizations. Some states specifically restrict the use of AI and algorithms as the sole source of adverse determinations. Other states require that a licensed physician make final adverse determinations and not specifically mention the use of AI or algorithms. Regardless of whether the regulation names AI specifically, these regulations have a direct impact on the use of AI tools.  

Disclosure and operations laws require that patients and members are made aware that they are communicating with or receiving information generated by AI or a chatbot. Some states have stricter requirements. For example, New York prohibits “AI companions” from operating without a protocol to detect and address crisis services. 

Scope of practice laws limit the clinical or administrative tasks where AI can be used. In Nevada, for example, AI cannot be used to provide direct behavioral health care. In Texas, licensed practitioners can use AI for diagnosis and treatment planning if it is within the scope of their licensure, but the practitioner must review the AI-generated records to make the ultimate medical decision. 

The state AI oversight landscape continues to evolve, and at least 10 states have pending legislation that could further shape the use of AI in healthcare. All 10 of those states have already enacted some form of healthcare-related AI legislation. 

The federal government has also expressed interest in how AI is deployed in healthcare, although it remains to be seen what approach the federal government will take. The Senate removed a proposed federal moratorium on state regulation of AI from the draft One Big Beautiful Bill Act, and the current administration has taken more of an industry-led response, as seen with the latest Health Tech Ecosystem Initiative announced at the end of July 2025. 

As AI technologies become more mature and policymakers become more familiar with them, we expect that the regulatory landscape will evolve further to ensure balance between innovation and patient protection and interests. 

Impact to Plans, Providers, and AI Companies 

As the application of AI solutions to healthcare continues to rapidly evolve, it is critical to stay abreast of state and federal policies to prevent violations. AI companies that are creating and selling products to health plans and providers must build them with compliance in mind. This will prevent adoption from being hindered. Health plans and providers will not adopt new technologies if their use puts them at risk of non-compliance. Likewise, health plans and providers must ensure that any tools they use, either those they build or those they purchase, follow all state and federal regulations. For example, health plans must ensure that they have the appropriate reviews in place to comply with state regulations that require physician review of prior authorization or claim denials. 

Maintaining regulatory compliance is essential when considering AI solution implementation, however, it is one of many other considerations that health plans and providers must analyze when evaluating AI solutions, including data privacy and security, workflow integration, strategic alignment, and member preferences. 

At Avalere Health we help health plans, providers, and technology companies translate policy and regulatory activity into strategic and operational action. If you are interested in learning more about how we can be a long-term partner, connect with us here.