Request for Information; Health Technology Ecosystem

<NOTICE> DEPARTMENT OF HEALTH AND HUMAN SERVICES <SUBAGY>Centers for Medicare & Medicaid Services</SUBAGY> <DEPDOC>[CMS-0042-NC]</DEPDOC> <RIN>RIN 0938-AV68</RIN> <SUBJECT>Request for Information; Health Technology Ecosystem</SUBJECT> <HD SOURCE="HED">AGENCY:</HD> Centers for Medicare & Medicaid Services (CMS), Assistant Secretary for Technology Policy (ASTP)/Office of the National Coordinator for Health Information Technology (ONC) (collectively, ASTP/ONC), Department of Health and Human Services (HHS). <HD SOURCE="HED">ACTION:</HD> Request for information. <SUM> <HD SOURCE="HED">SUMMARY:</HD> Effective and responsible adoption of technology can empower patients to make better decisions for their health and well-being. This request for information (RFI) seeks input from the public regarding the market of digital health products for Medicare beneficiaries as well as the state of data interoperability and broader health technology infrastructure. Responses to this RFI may be used to inform CMS and ASTP/ONC efforts to lead infrastructure progress to cultivate this market, increasing beneficiary access to effective digital capabilities needed to make informed health decisions, and increasing data availability for all stakeholders contributing to health outcomes. </SUM> <DATES> <HD SOURCE="HED">DATES:</HD> To be assured consideration, comments must be received at one of the addresses provided below, by June 16, 2025. </DATES> <HD SOURCE="HED">ADDRESSES:</HD> In commenting, refer to file code CMS-0042-NC. Comments, including mass comment submissions, must be submitted in one of the following three ways (please choose only one of the ways listed): 1. <E T="03">Electronically.</E> You may submit electronic comments on this regulation to <E T="03">https://www.regulations.gov.</E> Follow the “Submit a comment” instructions. 2. <E T="03">By regular mail.</E> You may mail written comments to the following address ONLY: Centers for Medicare & Medicaid Services, Department of Health and Human Services, Attention: CMS-0042-NC, P.O. Box 8013, Baltimore, MD 21244-8013. Please allow sufficient time for mailed comments to be received before the close of the comment period. 3. <E T="03">By express or overnight mail.</E> You may send written comments to the following address ONLY: Centers for Medicare & Medicaid Services, Department of Health and Human Services, Attention: CMS-0042-NC, Mail Stop C4-26-05, 7500 Security Boulevard, Baltimore, MD 21244-1850. For information on viewing public comments, see the beginning of the <E T="02">SUPPLEMENTARY INFORMATION</E> section. <FURINF> <HD SOURCE="HED">FOR FURTHER INFORMATION CONTACT:</HD> <E T="03">HealthTechRFI@cms.hhs.gov</E> . </FURINF> <SUPLINF> <HD SOURCE="HED">SUPPLEMENTARY INFORMATION:</HD> <E T="03">Inspection of Public Comments:</E> All comments received before the close of the comment period are available for viewing by the public, including any personally identifiable or confidential business information that is included in a comment. We post all comments received before the close of the comment period on the following website as soon as possible after they have been received: <E T="03">https://www.regulations.gov</E> . Follow the search instructions on that website to view public comments. CMS will not post on <E T="03">Regulations.gov</E> public comments that make threats to individuals or institutions or suggest that the commenter will take actions to harm an individual. CMS continues to encourage individuals not to submit duplicative comments. We will post acceptable comments from multiple unique commenters even if the content is identical or nearly identical to other comments. <HD SOURCE="HD1">I. Background</HD> The enactment of the 21st Century Cures Act (Pub. L. 114-255) in 2016 authorized the Centers for Medicare & Medicaid Services (CMS), the Assistant Secretary for Technology Policy/Office of the National Coordinator for Health Information Technology (ASTP/ONC), <SU>1</SU> <FTREF/> and the National Institute of Standards and Technology (NIST), to implement certain policies to enhance the amount of health data available through digital channels and give patients secure, electronic access to their personal health information. These policies are the building blocks of a digital ecosystem in which patients can view, manage, utilize, and share their health information through digital applications (apps) and other modern solutions. This digital ecosystem could ultimately expand access to personalized health guidance for patients to improve prevention and chronic disease management. <FTNT> <SU>1</SU>  On July 29, 2024, notice was posted in the <E T="04">Federal Register</E> that ONC would be dually titled to the Assistant Secretary for Technology Policy and Office of the National Coordinator for Health Information Technology (89 FR 60903). </FTNT> On January 12, 2017, President Trump issued Executive Order 13813, “Promoting Healthcare Choice and Competition Across the United States” (82 FR 48385), which directed Federal agencies to implement policies that enhance patient access to healthcare data and empower individuals to make informed decisions about their care. In 2018, CMS led payers by example and released Blue Button 2.0, its own Fast Healthcare Interoperability Resources (FHIR®)-based Patient Access application programming interface (API) with the goal of increasing beneficiary access to their data and improving patient outcomes. This project initiated an ecosystem of patient-facing applications that allowed beneficiaries to authenticate using their Medicare.gov credentials and then to authorize applications to receive their Medicare claims and benefit information. At this time, 75 third-party apps are connected to the Blue Button 2.0 API, giving beneficiaries a variety of services for viewing their health data, sharing their data with digital services, providers, pharmacies, and caregivers, and making decisions related to their healthcare. Currently, Blue Button 2.0 includes Medicare Part A, B, and D claims information, patient demographics, and coverage information. Additionally, in 2019, CMS launched the Data at the Point of Care API pilot to give providers access to claims data for Medicare Fee-For-Service (FFS) beneficiaries they treat. On May 1, 2020, CMS published the “Medicare and Medicaid Programs; Patient Protection and Affordable Care Act; Interoperability and Patient Access for MA Organization and Medicaid Managed Care Plans, State Medicaid Agencies, CHIP Agencies and CHIP Managed Care Entities, Issuers of Qualified Health Plans on the Federally-Facilitated Exchanges, and Healthcare Providers” final rule (CMS Interoperability and Patient Access final rule) (CMS-9115-F) (85 FR 25510). The rule established standards and requirements for payers regulated by CMS to advance interoperability and data exchange throughout the health system and to signal our commitment to the vision set out in the 21st Century Cures Act and Executive Order 13813 to improve quality and accessibility of information that Americans need to make informed healthcare decisions, including data about healthcare prices and outcomes, while minimizing reporting burdens on affected healthcare providers and payers. The CMS Interoperability and Patient Access final rule built on the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, which established the patient's right of access to their protected health information (PHI), including a right to inspect and/or receive a copy of PHI held in designated record sets by covered entities and their business associates as detailed at 45 CFR 164.524. Among other provisions, the 2020 CMS Interoperability and Patient Access final rule required impacted payers to implement and maintain (Health Level Seven (HL7®) FHIR-based APIs that would allow patients to use an app of their choosing to access PHI held by or on behalf of a HIPAA covered entity. On May 1, 2020, ASTP ONC published the “21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health Information Technology (IT) Certification Program” final rule (ONC Cures Act final rule) (85 FR 25642). This final rule strengthened patients' electronic access (including via a third-party app) to their health information at no cost and added a certification criterion under the ONC Health IT Certification Program to support the availability of FHIR-based APIs in electronic health records and other certified health IT to enable patients and providers to view electronic health information using smartphone applications. Subsequent ASTP/ONC regulations finalized provisions to advance interoperability, enhance health IT certification, and support the access, exchange, and use of electronic health information. Specifically, the ASTP/ONC “Health Data, Technology, and Interoperability: Certification Program Updates, Algorithm Transparency, and Information Sharing” final rule (HTI-1 final rule), which adopted version 3 of the United States Core Data for Interoperability (USCDI) standard  <SU>2</SU> <FTREF/> and expanded access to more data via FHIR APIs that meet standards adopted by ASTP/ONC (89 FR 1192); and the “Health Data, Technology, and Interoperability: Trusted Exchange Framework and Common Agreement” final rule (HTI-2 final rule), which implemented provisions related to the Trusted Exchange Framework and Common Agreement <SU>TM</SU> (TEFCA <SU>TM</SU> ) that support information sharing as well as network reliability, privacy, security, and trust (89 FR 101772). <FTNT> <SU>2</SU>   <E T="03">https://www.healthit.gov/isp/united-states-core-data-interoperability-uscdi</E> . The United States Core Data for Interoperability (USCDI) is a standardized set of health data classes and constituent data elements for nationwid ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Preview showing 10k of 48k characters. Full document text is stored and available for version comparison. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━