Within a governmental framework, agencies may be delegated authority to provide oversight, administration, and enforcement of rules and regulations. This delegation of specific functions across separate Departments may impact how agencies respond and coordinate to make legislation and regulation effective.
Agencies may initiate the making of rules in response to laws enacted by Congress. The Department of Health and Human Services (HHS) serves as the principal agency for protecting health and providing essential human services for all Americans. Partners of Optum are invited and encouraged to stay up-to-date with understanding and aligning to existing and new regulations and trends within the healthcare and healthcare technology industry.
It is important to note that while regulations are not formed in the exact manner as the formal legislation that they are based off, a finalized regulation, or rule, may hold the same binding effect of law.
On January 20, 2025, President-elect Donald Trump signed an executive order establishing “the Department of Government Efficiency to implement the President’s DOGE Agenda, by modernizing Federal technology and software to maximize governmental efficiency and productivity.” Establishing And Implementing The President's "Department Of Government Efficiency" – The White House
The mission of the U.S. Department of Health and Human Services (HHS) is to enhance the health and well-being of all Americans, by providing for effective health and human services and by fostering sound, sustained advances in the sciences underlying medicine, public health, and social services.
Some HHS agency offices and divisions include: (navigation – click to jump to section)
The HHS Office for Civil Rights (OCR) enforces privacy, security, and breach notification rules for organizations covered by HIPAA.
The full HHS organizational chart of offices and agencies can be found on their website here.
On February 13, 2025, RFK, Jr. was sworn in as the 26th Secretary at HHS.
On December 13, 2024, a final rule was published by HHS: "Administrative Simplification: Modifications of Health Insurance Portability and Accountability Act of 1996 (HIPAA) National Council for Prescription Drug Programs (NCPDP) Retail Pharmacy Standards; and Modification of the Medicaid Pharmacy Subrogation Standard". Compliance with this final rule is required beginning February 11, 2028.
Go to Top
As part of the Office of the Secretary for HHS, ASTP is the principal federal entity charged with coordination of nationwide efforts to implement and utilize the most advanced health information technology and electronic exchange of health information. The position of National Coordinator was created in 2004, through an Executive Order, and legislatively mandated in the Health Information Technology for Economic and Clinical Health Act (HITECH Act) of 2009. Some key objectives of ASTP/ONC include advancing the development and use of health IT capabilities and establishing expectations for data sharing. To learn more about ASTP/ONC, visit their website.
Back to top
On January 20, 2025, Micky Tripathi left the role of Assistant Secretary for Technology Policy and National Coordinator for Health Information Technology of HHS. Passing the Baton - Health IT Buzz
On September 30, 2024, HHS finalized the Federal IT Strategy to Drive Systemic Improvements in Health and Care 2024-2030 Federal Health IT Strategic Plan
On July 25, 2024, HHS reorganizes technology, cybersecurity, data, and artificial intelligence strategy and policy functions 2024 HHS Reorganization of Strategy and Policy Functions
CMS is the federal agency that provides health coverage to more than 160 million through Medicare, Medicaid, the Children's Health Insurance Program, and the Health Insurance Marketplace. CMS works in partnership with the entire health care community to improve quality, equity and outcomes in the health care system.
As part of burden reduction, the National Standards Group (NSG) within CMS enforces Administrative Simplification. National standards for electronic transactions, code sets, unique identifiers, and operating rules have been set by The Health Insurance Portability and Accountability Act (HIPAA) of 1996 and subsequent legislation. To learn more, visit their website.
The Health Informatics and Interoperability Group (HIIG), within the Office of Healthcare Experience and Interoperability (OHEI), oversees the Centers for Medicare & Medicaid Services’ (CMS) interoperability efforts. OHEI is the home of the CMS Chief Health Informatics Officer. CMS partners with FIHR
On January 17, 2024, CMS released the CMS Interoperability and Prior Authorization Final Rule (CMS-0057-F)
This final rule emphasizes the need to improve health information exchange to achieve appropriate and necessary access to health records for patients, healthcare providers, and payers. This final rule also focuses on efforts to improve prior authorization processes through policies and technology, to help ensure that patients remain at the center of their own care.
The rule enhances certain policies from the CMS Interoperability and Patient Access Final Rule (CMS-9115-F) and adds several new provisions to increase data sharing and reduce overall payer, healthcare provider, and patient burden through improvements to prior authorization practices and data exchange practices.
Impacted payers are required to implement certain provisions by January 1, 2026. However, in response to stakeholder comments on the proposed rule, impacted payers have until primarily January 1, 2027, to meet the application programming interface (API) requirements in this final rule. Link to more CMS References Here
As part of HHS, the Food and Drug Administration is responsible for protecting the public health by ensuring the safety, efficacy, and security of human and veterinary drugs, biological products, and medical devices. The FDA also regulates the safety of food, cosmetics, devices that emit radiation, and tobacco products.
Draft Guidance is now available for industry review and commentary:
“This guidance provides recommendations to sponsors and other interested parties on the use of artificial intelligence (AI) to produce information or data intended to support regulatory decision-making regarding safety, effectiveness, or quality for drugs. Specifically, this guidance provides a risk-based credibility assessment framework that may be used for establishing and evaluating the credibility of an AI model for a particular context of use (COU).”
Considerations for the Use of Artificial Intelligence To Support Regulatory Decision-Making for Drug and Biological Products | FDA
The Department of Defense (DoD) is America’s largest government agency and provides coordination and supervision across agencies as they relate to national security and military health functions.
On October, 15, 2024, a final rule was released by the Department of Defense (DoD): Department of Defense Office of the Secretary, 32 CFR Part 170, “Cybersecurity Maturity Model Certification (CMMC) Program”. The CMMC Program implements an annual affirmation requirement that is a key element for monitoring and enforcing accountability of a company's cybersecurity status. This rule will be updated as needed, using the appropriate rulemaking process, to address evolving cybersecurity standards, requirements, threats, and other relevant changes.
The mission of the Department of Justice (DOJ) is to uphold the rule of law, to keep our country safe, and to protect civil rights.
One highlighted agency of the DOJ that promotes drug safety is:
The full list of DOJ agencies organized under the Office of the Attorney General may be found on their website here.