How to Build a Law Firm AI Policy for Medical Record Tools in 2026
A law firm AI policy for medical records is no longer optional.
State bar advisories, malpractice carriers, and clients now expect written rules covering how attorneys use AI to read, summarize, and chronologize protected health information.
This guide walks through what your policy must include, where the legal duties come from, and how to make it specific enough to actually defend in a deposition.
You will find a sample policy framework, a vendor due-diligence checklist, and the HIPAA-specific clauses most firms miss.
Why a written AI policy is now a baseline expectation
Three forces converged in 2025 and 2026.
The American Bar Association issued Formal Opinion 512 on generative AI in legal practice.
State bars in California, Florida, New Jersey, and New York published their own guidance.
Malpractice carriers started asking about AI use on annual renewals.
The result is straightforward. A firm without a written AI policy looks careless. A firm with a generic policy that does not name medical records as a special category looks unprepared.
What the duty of competence now covers
Model Rule 1.1 requires lawyers to maintain competence in relevant technology.
Comment 8 to that rule has been interpreted to include AI tools used in client work. The duty extends to understanding what the tool does, where the data goes, and what its known failure modes are.
You do not need to be an engineer.
You do need to be able to answer a basic question from a client: “What AI did you use on my case, and how do you know it did not invent anything?”
For background on why generic chatbots cannot answer that question, see our breakdown of why ChatGPT and general AI fall short on medical record review.
What the duty of confidentiality requires
Model Rule 1.6 prohibits disclosing client information without consent.
Uploading a medical record to a consumer-grade AI chatbot is a disclosure to that vendor.
Whether it is a permitted disclosure depends on three things:
- The terms of service for the tool
- The data retention policy of the vendor
- Whether a Business Associate Agreement is in place
If any of those answers is unfavorable, the upload is a confidentiality breach.
The HIPAA layer most policies skip
HIPAA does not regulate law firms directly in most cases. It regulates Business Associates of covered entities.
But medical records in your firm’s possession often carry contractual obligations from the provider that produced them. Your clients also expect their PHI to be handled to HIPAA standards regardless of the technical reach of the statute.
A defensible policy treats medical records as if HIPAA applied, even when the firm is not technically a Business Associate.
Where PHI lives in a typical PI matter
| Location | Risk level | Policy requirement |
|---|---|---|
| Email inbox | High | Encrypt at rest; auto-purge after matter close |
| Case management system | Medium | Role-based access; audit log |
| AI summarization vendor | High | BAA in place; zero data retention or contractual deletion |
| Attorney laptop downloads | High | Full-disk encryption; no local copies after sync |
| Cloud file share | Medium | MFA enforced; sharing permissions reviewed quarterly |
Each location needs a named owner in the policy.
Without a named owner, the rule is aspirational.
The Business Associate Agreement question
Any AI vendor that processes medical records on your firm’s behalf should sign a Business Associate Agreement.
If a vendor refuses, that is a hard stop.
The refusal tells you the vendor has not built its infrastructure for PHI.
Read the BAA carefully. The clauses that matter most are subcontractor flow-down, breach notification timeline, and what happens to PHI on termination.
Five clauses every firm policy must contain
A policy that says “use AI carefully” is not a policy.
Each rule below should appear as a separate, enforceable clause with a named responsible party.
Clause 1: Approved tools list
Name the specific products attorneys are allowed to use for medical record work.
Prohibit all others by default.
Update the list quarterly.
The list should distinguish between three categories:
- AI for legal research
- AI for drafting non-PHI documents
- AI for medical record analysis
The risk profile differs significantly across the three.
Clause 2: Attorney verification requirement
No AI output goes to a client, opposing counsel, or the court without an attorney reviewing the source documents.
The policy should specify the form of verification — initialed worksheet, sign-off field in the case management system, or comparable artifact.
This clause is what makes the policy defensible against a malpractice claim.
See our piece on medical record summary mistakes in personal injury cases for the categories of errors verification is designed to catch.
Clause 3: Source-linking mandate
Every fact in an AI-generated medical summary or chronology must be traceable to a page in the underlying record.
If the tool cannot produce a source link, it cannot be used for that purpose.
This single rule eliminates most hallucination risk.
It also gives you a defensible answer when a witness disputes a fact in your chronology — you can show the page.
Clause 4: PHI handling rules
The clause should specify firm rules with no ambiguity:
- No copy-paste of PHI into consumer AI tools
- No use of personal accounts for case work
- No AI processing of records before a signed engagement letter and HIPAA authorization
- No use of records for vendor model training under any circumstance
The “no training” rule matters most.
Check the vendor’s terms of service. If the contract permits the vendor to use your firm’s data to improve its models, the data is no longer confidential.
Clause 5: Incident response and breach notification
Define what counts as an incident.
Define who gets notified, on what timeline, and who decides whether to inform the client.
Define who decides whether to inform the regulator or the malpractice carrier.
The policy should reference your existing incident response plan rather than create a parallel one. AI incidents are a subset of data incidents.
Vendor due-diligence checklist
Before any AI tool is added to the approved list, complete this review.
Document who did it and when.
Keep the artifact for the malpractice tail.
Security and infrastructure questions
- Is the vendor SOC 2 Type II certified? Request the report.
- Where is data stored geographically? Are records ever sent outside the U.S.?
- Does the vendor encrypt data at rest and in transit?
- What is the data retention default, and can it be set to zero?
For a deeper dive on the technical controls, see our guide on building for security in legal AI.
Contractual posture questions
- Will the vendor sign a BAA without redlines?
- Does the master agreement permit use of firm data for model training?
- If yes, can model training be turned off contractually?
- What is the breach notification window?
- What happens to data on termination — deletion, return, or both?
Quality and explainability questions
- Does the tool produce source links to the underlying record?
- Is there a human QA layer, or is the output model-only?
- Can the vendor provide accuracy benchmarks on medical record tasks?
- How are errors reported and resolved?
InQuery is purpose-built for this use case.
It signs BAAs, retains zero PHI by default, source-links every fact to a page in the record, and includes a human QA layer on every chronology and summary.
Comparing AI tool categories by policy fit
Not every AI tool is appropriate for medical record work.
The table below groups categories by what your policy should permit.
| Category | Examples | PHI permitted? | Policy notes |
|---|---|---|---|
| Purpose-built medical AI (with BAA) | InQuery, Supio, Wisedocs, DigitalOwl | Yes | Approved tools list |
| AI case management | Filevine, CasePeer, CaseFleet | Yes, with BAA review | Verify AI features have separate data handling |
| AI legal research | Westlaw AI, Lexis+ AI | Limited | Strip PHI before queries |
| General-purpose chat AI | ChatGPT, Claude.ai, Gemini | No | Block on firm devices |
| Consumer drafting AI | Free-tier writing assistants | No | Block on firm devices |
The first row is where defensible chronology and summary work happens.
Compare options in our AI medical chronology platforms comparison and our best medical summary software guide.
Why source-linking belongs in the policy
A chronology without source links is unverifiable.
An attorney signing off on it has no efficient way to check the AI’s work.
That fails Clause 2 of the policy in practice, even if it passes on paper.
Tools that produce source links transform attorney verification from a rereading exercise into a spot-check. The time savings make the policy actually followable.
Training, governance, and enforcement
A written policy without training is a piece of paper.
Three governance pieces make the policy stick.
Mandatory annual training
Every attorney and staff member who touches medical records should complete an annual AI training session.
Topics include the approved tools list, the verification requirement, the source-linking mandate, the PHI handling rules, and how to report an incident.
Document attendance.
Keep records for at least the length of the malpractice tail.
Designated AI governance lead
A partner or senior associate owns the policy.
They approve new tools, review vendor BAAs, conduct quarterly audits, and field questions.
In a small firm this can be a part-time role.
In a large firm it is usually housed in the office of general counsel or the chief operating officer.
Audit cadence
Quarterly tasks:
- Review the approved tools list
- Check that BAAs are still current
- Sample five matters and verify the source-linking and sign-off artifacts exist
Annual tasks:
- Full policy review
- Vendor reauthorization
- Training refresh and attendance audit
For broader workflow context, see how chronologies feed into intake-to-settlement workflows.
Ethical opinions and authority you should cite
A policy that references the underlying ethical authority is harder to attack.
Include citations to:
- ABA Model Rules of Professional Conduct — Rule 1.1 competence and Comment 8 on technology
- ABA Model Rule 1.6 — confidentiality
- ABA Model Rule 5.3 — supervision of non-lawyer assistance, which extends to AI
- Your state bar’s most recent AI advisory
- HIPAA Privacy Rule for PHI handling
- NIST AI Risk Management Framework for general controls
California, Florida, New York, and New Jersey have published the most detailed state-level guidance.
Texas, Illinois, and Pennsylvania have committee opinions in circulation.
Your policy should cite the advisory in your home state. Note that the firm follows the most restrictive applicable rule when attorneys are admitted in multiple jurisdictions.
What a workable policy looks like
A practical policy fits on five to seven pages.
Longer than that, and nobody reads it.
The structure below works for most PI and bodily injury firms.
| Section | Content | Length |
|---|---|---|
| Scope and definitions | Who the policy applies to; what counts as AI; what counts as protected information | 1 page |
| Approved tools | The list with intended use for each; statement that all others are prohibited | 1 page |
| PHI handling rules | The five clauses with named responsible parties | 2 pages |
| Vendor management | Due-diligence checklist as an internal procedure | 1 page |
| Training and governance | Cadence, ownership, audit schedule | 1 page |
| Incident response | Reference to firm’s incident plan with AI-specific triggers | 1 page |
| Sanctions | Consequences for policy violations | 1 page |
The sanctions section is the one people skip.
Skipping it makes the policy unenforceable.
How AI-assisted work product holds up in litigation
A judge or opposing counsel may ask how a medical chronology or summary was produced.
The firm that can answer “we used a tool that signs a BAA, retains zero PHI, produces source links to every page, and includes a human QA layer reviewed by Attorney X on Date Y” is in a strong posture.
The firm that says “we asked ChatGPT” is not.
This is the practical payoff of the policy. Defensibility in the moment when it matters most.
For more on accuracy and verification, see our piece on AI medical record review accuracy benchmarks.
Calculating the cost-benefit of a policy
A written policy takes a partner three to five days to draft, plus ongoing audit time.
The cost of a malpractice claim from an unreviewed AI output runs into six or seven figures.
The cost of a HIPAA-related breach event averages well into the millions when remediation, notification, and reputational damage are counted.
The math is not close.
If your firm processes medical records, the policy pays for itself the first time an attorney is asked under oath how AI was used. Estimate the ROI with our value calculator.
Frequently Asked Questions
Do I need an AI policy if my firm only uses one AI tool?
Yes. The policy is not about how many tools you use — it is about documenting the controls around the tool you do use. A single-tool firm still needs a BAA, a verification process, and a training record. Without those artifacts, you cannot answer the basic ethical questions when they are asked.
Does HIPAA actually apply to a law firm?
HIPAA applies directly when the firm is a Business Associate of a covered entity, which is common in healthcare litigation defense and less common in plaintiff PI work. Even when HIPAA does not apply directly, courts and bar regulators expect PHI in firm custody to be handled to HIPAA standards. Treat it as if it applied.
What is the single most important clause in the policy?
The source-linking mandate. If every AI-generated fact must trace to a page in the record, hallucinations cannot survive attorney review. This one rule eliminates most of the malpractice risk, which is why InQuery builds source-linked chronologies as the default rather than an option.
How often should the policy be updated?
Annually at minimum, plus an out-of-cycle update whenever a new state bar advisory is issued in a jurisdiction where the firm practices, or when a vendor changes its terms of service. Document each update with a version number and effective date.
Can paralegals run AI tools without attorney sign-off?
Paralegals can run the tools. The policy should require that no output leaves the firm or is used in a filing without attorney review. ABA Model Rule 5.3 makes the supervising attorney responsible for non-lawyer work product, including AI-generated work. This is also why a human QA layer matters at the vendor level.
What should we do about attorneys using personal AI accounts on case work?
Block it. The policy should require all AI work to run through firm-approved accounts with firm-managed BAAs. Personal accounts have consumer terms of service, which usually permit the vendor to retain and train on the data. That is a confidentiality breach regardless of intent. Start your evaluation with our get-started page.
Erick Enriquez
CEO & Co-Founder at InQuery