On December 29, 2025, the U.S. Department of Health and Human Services (“HHS”), through the Assistant Secretary for Technology Policy (“ASTP”)/Office of the National Coordinator for Health Information Technology (“ONC”) (collectively, “ASTP/ONC”), issued a proposed rule to update its Health Data, Technology, and Interoperability (“HTI”) regulations, as well as a notice to withdraw prior proposals issued as part of the HTI-2 proposed rule. Continue Reading HHS Proposes Changes to the Health IT Certification Program and Information Blocking Regulations in HTI-5 Proposed Rule
5 Developments Digital Health Innovators Should Watch in 2026
With 2026 underway, signs point to another year focused on enhancing health IT and digital health innovation. From new payment models to deregulatory efforts, these developments show that digital health continues to be increasingly central to the healthcare and life sciences sectors. Below are five key developments to watch unfold
Continue Reading 5 Developments Digital Health Innovators Should Watch in 2026CMS & HHS Health IT Office Issue Request for Information on Digital Health Products and Health Technology Infrastructure
On May 13, 2025, the Centers for Medicare & Medicaid Services (CMS) and the Department of Health and Human Services’ Office of the Assistant Secretary for Technology Policy/Office of the National Coordinator for Health Information Technology (ASTP/ONC) announced a request for information seeking stakeholder input on the market of digital
Continue Reading CMS & HHS Health IT Office Issue Request for Information on Digital Health Products and Health Technology InfrastructureFDA Requests Comments on Substantial Proposed Changes to Data Standards
FDA has issued two Federal Register notices in under two weeks that seek comments on updates to FDA data standards.
Continue Reading FDA Requests Comments on Substantial Proposed Changes to Data Standards
Germany enacts stricter requirements for the processing of Health Data using Cloud-Computing – with potential side effects for Medical Research with Pharmaceuticals and Medical Devices
On 1 July 2024, Germany has enacted stricter requirements for the processing of health data when using cloud-computing services. The new Section 393 SGB V aims to establish a uniform standard for the use of cloud-computing services in the statutory healthcare system which covers around 90% of the German population. In this blog
Continue Reading Germany enacts stricter requirements for the processing of Health Data using Cloud-Computing – with potential side effects for Medical Research with Pharmaceuticals and Medical DevicesFTC, HHS, and FDA Update Tool to Help Mobile Health App Developers Understand Legal Requirements
On December 7, 2022, the Federal Trade Commission (“FTC”), along with the U.S. Department of Health and Human Services (“HHS”) and the U.S. Food and Drug Administration (“FDA”), announced updates to the Mobile Health App Interactive Tool—a questionnaire designed to help mobile health app developers identify federal laws and
Continue Reading FTC, HHS, and FDA Update Tool to Help Mobile Health App Developers Understand Legal RequirementsHITECH Amendment Provides Some Protection For Covered Entities and Business Associates that Adopt Recognized Security Standards
On January 5, 2021, an amendment to the Health Information Technology for Economic and Clinical Health (“HITECH”) Act was signed into law. The amendment requires the U.S. Department of Health and Human Services (“HHS”) to “consider certain recognized security practices of covered entities and business associates when making certain determinations” regarding fines, audit results, or other remedies for resolving potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). For organizations subject to HIPAA, the amendment provides substantial incentives to establish or improve their cybersecurity programs. While it does not establish a complete safe harbor from HIPAA enforcement, the amendment does offer organizations a chance to mitigate financial penalties and other negative regulatory actions that may result from a data breach.
Continue Reading HITECH Amendment Provides Some Protection For Covered Entities and Business Associates that Adopt Recognized Security Standards
HHS Launches New “Health Apps” Website to Highlight HIPAA Guidance for Mobile Health Applications
On September 2, 2020, the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) announced a new “Health Apps” feature on the HHS.gov website. The new website, which replaces the OCR’s Health App Developer Portal, highlights existing guidance for mobile health (“mHealth”) apps regarding the Health
Continue Reading HHS Launches New “Health Apps” Website to Highlight HIPAA Guidance for Mobile Health Applications
HHS Announces Enforcement Discretion Over the Implementation of Interoperability Final Rules Due to COVID-19 Public Health Emergency
On April 21, 2020, the Department of Health and Human Services (“HHS”) announced that, as a response to the COVID-19 public health emergency, it will exercise enforcement discretion to “permit compliance flexibilities” regarding the implementation of the interoperability final rules issued on March 9th, 2020. This joint announcement was made
Continue Reading HHS Announces Enforcement Discretion Over the Implementation of Interoperability Final Rules Due to COVID-19 Public Health Emergency
Patient Access to Electronic Health Data at the Forefront of Two HHS Proposed Rules
On March 4, 2019, the Department of Health and Human Services (HHS) published two proposed rules to improve patient access to personal health data. The two rules, issued by the HHS Centers for Medicare & Medicaid Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC),
Continue Reading Patient Access to Electronic Health Data at the Forefront of Two HHS Proposed Rules