Artificial Intelligence

Microsoft Copilot+ PC: AI-Powered Tools for Healthcare Productivity

Microsoft’s Copilot+ PCs bring secure, on-device artificial intelligence to healthcare organizations, combining faster diagnostics and automated documentation with built-in privacy controls designed to meet HIPAA standards.

Nathan Eddy

Nathan Eddy works as an independent filmmaker and journalist based in Berlin, specializing in architecture, business technology and healthcare IT. He is a graduate of Northwestern University’s Medill School of Journalism.

Microsoft Copilot+ PCs — Windows devices equipped with neural processing units (NPUs) — are transforming how healthcare organizations manage diagnostics, documentation and administration.

With artificial intelligence (AI) running directly on the device, clinicians can process medical images, generate clinical notes and analyze patient data in real time without relying on cloud computing. This local processing enables faster, more accurate decision-making while helping physicians spend less time on paperwork and more time with patients.

Beyond productivity gains, the Copilot+ PC architecture offers significant benefits for data privacy and regulatory compliance.

Because sensitive information is processed locally on the device’s NPU, patient health data never leaves the secure environment — a major advantage for healthcare organizations operating under HIPAA and other strict privacy laws.

The devices also include built-in protections such as Microsoft Pluton security, TPM 2.0 and enterprise-grade encryption to safeguard clinical and operational data. These security layers help ensure AI tools can be used safely in regulated medical environments where patient confidentiality is paramount.

DISCOVER: Microsoft Copilot+ PCs can help healthcare organizations revolutionize their workplaces.

When deployed within a properly configured Microsoft 365 enterprise environment covered by a Business Associate Agreement, Copilot services can support HIPAA compliance.

“We understand the sensitivity of data across regulated industries,” says Rob McGilvrey, director of CoPilot+ PC at Microsoft. “There is certain information that can’t or shouldn’t go to the cloud due to privacy, security and compliance considerations.”

He points to Microsoft’s Phi Silica small language model as an example of how localized AI can keep data grounded and compliant.

“You can connect Phi Silica to an organization’s approved information — say, a journal of clinical data — and ask it questions based on that trusted set,” he says. “That way, you’re getting responses grounded in verified medical research rather than from a public cloud model that might pull unverified or inaccurate information.”

The result is a technology stack that delivers the speed and intelligence of AI without compromising trust.

For hospitals and clinics, that means faster workflows, reduced burnout among clinicians and more secure, efficient care delivery — a balance of innovation and compliance designed for the future of healthcare.

Click the banner below to read the new CDW Artificial Intelligence Research Report.

Secure, Local AI Processing for Healthcare

By keeping data within the organization’s own infrastructure rather than transmitting it to the cloud, on-device AI significantly reduces exposure to external threats and compliance risks.

“Healthcare organizations are pretty comfortable and confident with data stored locally on their PC,” McGilvrey says. “It’s usually encrypted on the SSD — Microsoft’s solution for that is BitLocker — and protected by identity management systems that verify who’s accessing the data.”

Those safeguards let healthcare providers process confidential patient information internally rather than sending it beyond the organization’s secure perimeter.

McGilvrey adds that local AI can take several forms, from large language models running on-premises servers to smaller models executing directly on the Copilot+ PC.

“It allows organizations to benefit from AI-driven insights and automation while ensuring sensitive data never leaves their secure environment,” he says.

Copilot+ PCs also integrate the company’s Pluton security processor, a hardware feature designed to protect sensitive data such as credentials, encryption keys and biometrics directly within the system chip, making it far more resistant to cyberattacks.

“It’s a hardware element integrated into the CPU, which allows us to store things such as BitLocker keys, credentials and biometrics in better isolation away from bad actors,” McGilvrey says.

This design helps protect against common attack vectors such as stolen usernames and passwords by anchoring identity and encryption data in hardware rather than software.

“For industries like healthcare, that level of hardening really matters,” McGilvrey adds. “If I can log in using biometrics that are securely stored and can’t be extracted, I’ve just strengthened the overall security footprint of the organization.”

If I’m a physician, I want to practice medicine, not fill out forms or spend hours entering data into electronic health records.”

Rob McGilvrey Director of CoPilot+ PC, Microsoft

Reducing Administrative Burdens for Healthcare Staff

The Copilot+ PC platform is poised to help address one of healthcare’s most persistent challenges: the administrative burden on clinicians. By combining powerful local AI processing with the flexibility of the Windows AI Foundry, healthcare organizations can develop and deploy custom AI solutions tailored to their unique workflows. Running directly on the device, these solutions can offer faster response times and enhanced data privacy, a critical consideration in HIPAA-compliant environments.

“Just think of the possibilities of having these capabilities local, on a PC, processing in real time,” McGilvrey says. “If I’m a physician, I want to practice medicine, not fill out forms or spend hours entering data into electronic health records.”

He explains that local AI could handle ambient audio capture during consultations, automatically generate clinical notes, and allow physicians to quickly review and approve them before uploading them to patient systems.

“Think about how these small language models residing in Copilot+ PC could take some of that burden off the physician so they can just practice medicine,” McGilvrey says.

Brought to you by: