et to go into effect on February 8, 2024.Other Updates and Upcoming RulemakingIn addition to the new predictive DSI requirements and information blocking updates, ONC finalized several other requirements, including:Revisions to Certification Program criteria and standards, including adoption of USCDI v3 as the new baseline standard (beginning January 1, 2026).Creation of the Insights Condition and Maintenance of Certification within the Certification Program to provide transparent reporting of certified health IT, starting with the adoption of seven measures related to interoperability.As indicated by the rule’s acronym, ONC intends to follow HTI-1 with HTI-2. Although ONC has not provided a specific timeline as to when the HTI-2 proposed rule will be published, the agency indicated in a January 4, 2024 information session that this rule is under development.1 Health Data, Technology, and Interoperability: Certification Program Updates, Algorithm Transparency, and Information Sharing, 89 Fed. Reg. 1192 (Jan. 9, 2024) (to be codified at 45 C.F.R. pts. 170, 171) [hereinafter HTI-1].2See HTI-1, 89 Fed. Reg. 1426 (to be codified at 45 C.F.R. § 170.102).3See HTI-1, 89 Fed. Reg. at 1244.4See HTI-1, 89 Fed. Reg. at 1244-45.5See HTI-1, 89 Fed. Reg. at 1244, 1247.6See HTI-1, 89 Fed. Reg. at 1247-48.7 HTI-1, 89 Fed. Reg. at 1431-32 (to be codified at 45 C.F.R. §170.315(b)(11)(iv), (vi)).8HTI-1, 89 Fed. Reg. at 1431-32 (to be codified at 45 C.F.R. §170.315(b)(11)(vi)).9HTI-1, 89 Fed. Reg. at 1267-68 (to be codified at 45 C.F.R. § 170.315(b)(11)(iv)(B)).10HTI-1, 89 Fed. Reg. at 1431 (to be codified at 45 C.F.R. §170.315(b)(11)(v)(B)).11 45 C.F.R. pt. 171.1245 C.F.R. § 171.103.13 Grants, Contracts, and Other Agreements: Fraud and Abuse; Information Blocking; Office of Inspector General’s Civil Money Penalty Rules, 88 Fed. Reg. 42,820 (Jul. 3, 2023). Enforcement against providers is on hold pending finalization of a rule proposed by the Centers for Medicare & Medicaid Services (CMS) in November. See 21st Centur

of Labor, Department of Justice, Consumer Financial Protection Bureau, Department of Education, Department of Homeland Security, Department of Health and Human Services, and Equal Employment Opportunity Commission, JOINT STATEMENT ON ENFORCEMENT OF CIVIL RIGHTS, FAIR COMPETITION, CONSUMER PROTECTION, AND EQUAL OPPORTUNITY LAWS IN AUTOMATED SYSTEMS, April 4, 2024; Federal Trade Commission, Privacy and Data Security Update, 2023.[xiv] 21 U.S.C. § 360j(o)(1)(E).[xv] U.S. Food and Drug Administration, Artificial Intelligence and Medical Products: How CBER, CDER, CDRH, and OCP are Working Together, March 15, 2024; Clinical Decision Support Software, September 28, 2022.[xvi] U.S. Food and Drug Administration, Clinical Decision Support Software, September 28, 2022, pp. 4-6.[xvii] Office of the National Coordinator for Health Information Technology, Health Data, Technology, and Interoperability: Certification Program Updates, Algorithm Transparency, and Information Sharing (HTI-1) Final Rule, 89 FR 1192, March 11, 2024.[xviii] CMS Final Rule (CMS-4201-F), 88 Fed. Reg. 22120, April 12, 2023; Frequently Asked Questions related to Coverage Criteria and Utilization Management Requirements in CMS Final Rule (CMS-4201-F), February 6, 2024.[xix]Utah S.B. 149 “Artificial Intelligence Amendments”; The Artificial Intelligence Policy Act defines generative AI as “an artificial system that: (i) is trained on data; (ii) interacts with a person using text, audio, or visual communication; and (iii) generates non-scripted outputs similar to outputs created by a human, with limited or no human oversight.”[xx] Colorado Artificial Intelligence Act, S.B. 24-205; The Colorado Artificial Intelligence Act defines algorithmic discrimination as “any condition in which the use of an artificial intelligence system results in an unlawful differential treatment or impact that disfavors an individual or group of individuals on the basis of their actual or perceived age, color, disability, ethnicity, genetic infor

e that the uncontrollable event had a negative impact on the actor’s ability to fulfill the request for access, exchange, or use of EHI.Second, ONC added the “Third Party Seeking Modification Use” condition (45 C.F.R. § 171.204(a)(3)) to the Infeasibility Exception. This condition applies in situations where the actor is asked to provide the ability for a third party to modify EHI that is maintained by or for an entity that has deployed health IT and maintains EHI through such health IT. This condition does not apply when a health care provider is requesting such modification from an actor that is the provider’s business associate (as defined within ONC’s new definition discussed above). ONC noted that this condition “does not operate to change a business associate’s rights or responsibilities under their business associate agreement (BAA) with any HIPAA covered entity” nor do the information blocking regulations “require actors to violate BAAs or associated service level agreements.” 89 Fed. Reg. 1192, 1376 (January 9, 2024).Third, ONC added the “Manner Exception Exhausted” condition to the Infeasibility Exception. Specifically, this condition applies if the actor: (1) could not reach agreement with a requestor or was technically unable to fulfill a request for EHI in the manner requested; (2) offered at least two alternative manners, one of which must either be certified health IT or via published content and transport standards; and (3) does not provide the same access, exchange, or use of the requested EHI to a substantial number of individuals or entities that are similarly situated to the requestor. ONC stated that this change was meant to address uncertainty expressed by actors regarding whether they have sufficiently met the “infeasibility under the circumstances” condition. Also, this new condition is meant to reduce inappropriate or unnecessary diversion of actor resources such that actors could reasonably allocate their resources towards interoperable, standards-based manners.TEFCA Manner Except

ices. OIG recommended that CMS enhance its oversight of states’ compliance with MH/SUD parity requirements and ensure that States improve monitoring of MCOs’ ongoing adherence to these standards. In response, CMS acknowledged the recommendations and outlined plans to strengthen monitoring procedures, verify state compliance with parity analyses, and issue guidance to states to uphold ongoing compliance by MCOs.III. Other Health Policy NewsOn March 27, 2024, the Office of the National Coordinator for Health Information Technology (ONC), released the draft 2024–2030 Federal Health IT Strategic Plan for public feedback. This strategic plan aims to enhance access to health data, promote a more equitable healthcare experience, and modernize the nation’s public health data infrastructure. The plan supports recent initiatives, such as the recently finalized entitled, Health Data, Technology, and Interoperability: Certification Program Updates, Algorithm Transparency, and Information Sharing (89 FR 1192/2024). The rule aims to improve the exchange of electronic health information and foster transparent and equitable care. Additionally, the plan underscores the significance of common standards such as United States Core Data for Interoperability (USCDI) and Fast Healthcare Interoperability Resources (FHIR) in enhancing data accessibility and usefulness. The draft plan also addresses the need to modernize public health data infrastructure and ensure equitable access to health IT benefits for all communities, including the use of technologies like artificial intelligence (AI) in healthcare. The public comment period for the draft plan runs until May 28, 2024. A press release with more information is available here. The strategic plan is available here.On March 29, 2024, the Federal Trade Commission (FTC) and HHS announced an extension of the public comment period for a joint RFI aimed at understanding the potential contributions of group purchasing organizations (GPOs) and drug wholesal