On May 29, 2026, VA posted RFI 36C10B26Q0485, market research for an enterprise AI buy meant to move a 540,000-person workforce from assistive tools to autonomous agents acting on veteran health data. The same document sends governance out of scope. Here is how VA earns the leadership it claims: sequence the agents by risk, put governance on the quarterly clock the price already runs on, and buy all four parts, the capability and the three preconditions that make it safe.
On April 20, 2026, the Defense Health Agency replaced thirty years of how it buys medical capability. A new portfolio-based acquisition model, a requirements process built to kill 'bring me a rock,' and an FY2027 budget that already voted on where the money goes. Here is what changed, who runs it, and how it shows up in live contracts.
No code. No exploit kit. Plain English. A security researcher pulled 60 pages of hidden instructions out of an AI doctor, rewrote them, made it triple a drug dose. The Defense Health Agency is fielding the same architecture in military exam rooms right now.
A credentialed third party generated evidence before the read. Twenty-one years later, that is the architecture CMS is shutting other modalities down for not having. The 2:47 a.m. stroke scene that proves the primitive, the OpenAI/MCP pattern radiology operationalized two decades early, and the federal procurement vehicle that has not yet been built.
The strongest detail in the HealthSplash case is a physical-exam test, documented as performed, on a patient the clinician had never met. The workflow was the fraud. How American healthcare keeps designing the same disaster, and the procurement language that closes the gap.