A damning new report from the Department of Veterans Affairs’ Office of Inspector General (OIG) has found that VA clinicians used Microsoft Copilot Chat and a locally developed AI tool, VA GPT, in at least 79 patient-care scenarios without the agency putting any mechanism in place to monitor for AI errors or safety risks. The finding, buried in an otherwise routine audit, raises urgent questions about the speed at which large language models are seeping into clinical workflows—and whether Microsoft’s enterprise guardrails are sufficient when life-and-death decisions are on the line.
The OIG’s discovery: 79 prompts and a complete void
The OIG audit, which examined how the VA’s Office of Information and Technology had deployed two generative AI tools—VA GPT (an internal chatbot built on OpenAI’s models) and Microsoft Copilot Chat (the enterprise version of Copilot available through Microsoft 365)—uncovered that between May and November 2024 clinical staff submitted 79 prompts that directly related to patient care. These prompts ranged from summarizing medical histories and generating discharge instructions to suggesting differential diagnoses. Yet, the OIG found “no evidence that VA had established a mechanism to track, monitor, or evaluate the safety and effectiveness of these AI-generated outputs.” In other words, for nearly six months, clinicians were feeding sensitive patient data into AI systems and potentially acting on the outputs with zero institutional oversight.
Critically, the OIG did not claim that any veteran was harmed as a result of these AI interactions. But the report’s language is blunt: “VA should have ensured that the AI tools were not used for clinical purposes until appropriate safety reviews and monitoring capabilities were in place.” The audit also noted that neither tool had undergone a formal risk assessment or been cleared by VA’s cybersecurity and patient safety offices for clinical use—a breach of the agency’s own internal policies.
What this means for VA patients and providers
For veterans receiving care at VA facilities, the revelation is a stark reminder that AI is seeping into medical practice faster than regulators can track. Any use of an unvetted AI tool in a clinical setting introduces risks: hallucinated medical information, privacy leaks, or subtle biases that could affect diagnosis or treatment. The fact that VA staff apparently felt comfortable enough to adopt these tools for clinical work so quickly suggests either a lack of clear communication about approved use cases or an acute need for AI assistance in overburdened clinics.
For clinicians themselves, the OIG report serves as a warning. Using an enterprise chat tool like Microsoft Copilot Chat to look up drug interactions or draft a treatment plan might feel like a harmless efficiency boost—much like a web search—but the implications are profoundly different. Without proper audit trails, a physician cannot defend a decision based on AI-generated advice if something goes wrong. And from a liability standpoint, the VA may be on shaky ground: the report makes clear that these actions were not sanctioned.
Why Windows and IT administrators should pay attention
Even if you do not work in healthcare, this episode offers a masterclass in what happens when powerful AI tools land on enterprise desktops without meaningful configuration or governance. Microsoft Copilot Chat is included in many Microsoft 365 E3 and E5 licenses and is deeply integrated into Windows 11 and Edge. Admins can control its availability via the Microsoft 365 admin center, but the VA’s experience shows how quickly “turn it on and let people use it” can spiral into unmonitored, high-risk behavior.
For IT pros managing copilot deployments, the takeaway is clear: assume that users will push the tool into sensitive territory unless you explicitly block it. Microsoft offers a suite of compliance and Purview features to monitor Copilot interactions, including data loss prevention policies, audit logs, and eDiscovery, but these are not enabled by default. The VA’s failure was not that the tools were available—it was that no one had activated the monitoring capabilities or defined clear acceptable-use policies before rollout. Any organization deploying Copilot should immediately:
- Configure audit logging for all Copilot interactions (Microsoft Purview Audit Standard is a starting point).
- Establish a data classification scheme and apply sensitivity labels to prevent Copilot from processing regulated data (e.g., HIPAA-protected information).
- Define and communicate a clear acceptable-use policy, ideally with specific examples of prohibited activities.
- Set up alerts for prompts that match patterns of clinical or high-risk queries.
How the VA got here: A timeline of ambition over caution
The VA’s AI ambitions are not new. In 2023, the agency launched an AI strategy and stood up a National Artificial Intelligence Institute. By early 2024, it had begun piloting VA GPT as a secure, internal alternative to commercial chatbots, designed to tap into “VA-curated knowledge” while keeping data within the agency’s cloud environment. At the same time, the VA was rolling out Microsoft 365 Copilot to staff, touting its potential to automate administrative tasks like note-taking and scheduling. The trouble, according to the OIG, is that no one drew a hard line between administrative and clinical use. The tools were marketed broadly as productivity enhancers, and without explicit restrictions, clinicians naturally reached for them to tackle documentation—a major pain point.
The OIG’s findings echo a wider pattern in government and healthcare IT: the rapid adoption of generative AI tools has outpaced the ability of oversight bodies to certify them for safety. Just weeks before the VA report, the Government Accountability Office issued a separate memorandum urging federal agencies to develop “AI-specific risk management protocols,” and the Food and Drug Administration has been struggling to define how it will regulate AI-enabled clinical decision support. Against that backdrop, the VA’s missteps are less an outlier and more a preview of what every system could face.
What you should do now—and what the VA is being forced to do
The OIG made six specific recommendations to the VA:
- Immediately restrict clinical use of both VA GPT and Microsoft Copilot Chat until safety monitoring is established.
- Conduct a retrospective review of the 79 clinical prompts and, to the extent feasible, assess any resulting patient impact.
- Develop and implement a real-time monitoring system for all generative AI outputs that could affect patient care.
- Update training materials to clearly differentiate between allowed administrative uses and prohibited clinical uses.
- Require formal security and safety assessments before any AI tool is made available.
- Report back to the OIG within 90 days on progress.
The VA concurred with all recommendations and has already taken steps to temporarily disable clinical AI features. However, the genie is out of the bottle: staff have now experienced the convenience of AI-assisted documentation, and disabling the tools entirely could face significant pushback. The agency’s challenge—one shared by any organization in a regulated industry—is to find a sustainable middle ground where innovation does not leapfrog safety.
For individuals and smaller practices watching this, the lesson is to use only AI tools that have been explicitly approved for healthcare by a recognized authority (in the U.S., that often means FDA clearance or an institutional review board). For enterprise IT teams, the immediate action items are clear: revisit your Copilot deployment settings, enable all available audit and compliance features, and craft a policy that leaves no ambiguity about what Copilot must not be used for.
The bigger picture: Copilot’s clinical problem is everyone’s problem
The VA’s stumble is not just a government IT story. It exposes a fundamental tension inside Microsoft’s AI strategy. The company has invested billions in making Copilot an enterprise-ready, “responsible AI” platform, with detailed documentation on how to configure it for regulated industries. But the defaults remain permissive, and the training burden falls entirely on the customer. If an agency as large and resource-rich as the VA could not get it right, what hope does a small regional hospital network have?
As Microsoft embeds Copilot ever deeper into Windows and Office, the line between an innocent productivity tool and a clinical decision-support system will blur further. The company recently announced “Copilot for Healthcare,” a dedicated SKU with HIPAA compliance and content filters, but that product was not yet widely available during the VA’s pilot period. It remains to be seen whether such purpose-built tools will finally bridge the gap between AI’s promise and the hard realities of medical safety.
Outlook: Watch for the 90-day update—and Microsoft’s response
The clock is ticking. The VA’s 90-day deadline to report progress on the OIG’s recommendations falls in mid-2025. How the agency responds—and whether it publicly shares lessons learned—will be a bellwether for AI governance across the public sector. Meanwhile, Microsoft has yet to comment on the report. If the company truly wants to own the enterprise AI market, it may need to move from passive guidance to active, pro-active monitoring tools that prevent dangerous misuse before it happens. For now, the VA’s experience is a sobering reminder that in the rush to adopt AI, safety traceability must be built in from day one—not bolted on after the fact.