In this episode of The Dish on Health IT, host Tony Schueth, CEO of Point-of-Care Partners (POCP), is joined by colleagues Mary Griskewicz, Regulatory Resource Center Lead, and Janice Reese, Senior Consultant and Program Manager of FHIR at Scale Taskforce (FAST), for a wide-ranging discussion on two major proposed rules released in mid-December 2025: the HTI-5 proposed rule from the Assistant Secretary for Technology Policy (ASTP) and CMS’s latest proposal on healthcare price transparency. Rather than treating these rules as abstract policy exercises, the conversation focuses on what the government is trying to accomplish, how these proposals may reshape the interoperability and data access landscape, and why stakeholder participation during the comment period is not optional if the industry wants workable outcomes. Setting the Stage: How Proposed Rules Become Reality The episode opens with a level set for listeners who do not spend their days in the Federal Register. Mary walks through how proposed rules originate, typically from legislation or executive policy, and how they move from proposal to public comment to either a final rule, an interim final rule, or, in some cases, a complete pause or reset. She emphasizes a point that often gets overlooked: every public comment is read and reviewed. The agencies group and analyze the comments section by section and respond to themes and concerns in the final rule text. Janice builds on this by explaining that the comment period is where high-level policy intent meets operational reality. The most effective comments are not lengthy manifestos, but specific, experience-based feedback that highlights feasibility issues, sequencing challenges, and unintended consequences. HTI-5: From Experimentation to Execution The discussion then turns to HTI-5, with Mary outlining the core problem the rule is trying to address. Prior certification requirements placed a significant burden on vendors, often locking innovation into long development cycles while the market waited for updates. HTI-5 seeks to modernize this approach by reducing prescriptive certification requirements and relying more on modern, open architecture, particularly FHIR-based APIs, to enable faster, more scalable data exchange. Janice frames HTI-5 as a clear signal that the industry is moving out of the experimentation phase and into execution. By reinforcing a “FHIR-first” direction while pulling back on some certification detail, the rule implicitly raises expectations for real-world performance. As FHIR becomes the default, security, identity, consent, and trust cannot be treated as optional or inconsistently implemented components. From a FAST perspective, this shift is critical. HTI-5 creates the regulatory space, but the infrastructure and implementation guidance needed to make trusted interoperability work at scale must come from industry-led collaboration. Janice explains that FAST’s work on security, identity, consent, and national directory services is about operationalizing trust so organizations are not reinventing these foundations on their own. Information Blocking, Automation, and Trust at Scale A pivotal moment in the conversation centers on HTI-5’s clarification that information blocking explicitly includes automated and AI-driven access. Mary underscores that automation is now central to how data moves across the healthcare ecosystem. When access decisions are embedded in APIs, workflows, and algorithms, trust becomes the defining requirement. Janice expands on this by noting that the issue is not just whether data can be accessed, but whether access is appropriate, provable, and governed. As automation increases, expectations shift toward accountability, auditability, and consistent enforcement of identity and consent. FHIR APIs, once viewed as certification checkboxes, are becoming the primary channel for data exchange across networks, including consumer-facing applications. Stakeholder Impacts: Vendors, Providers, and Payers The episode then walks through how HTI-5 affects different stakeholder groups. For health IT vendors and digital health companies, Janice describes a trade-off: fewer certification guardrails provide flexibility but also remove a layer of protection. Vendors will be judged less on formal compliance artifacts and more on how their systems perform across networks at scale, including security, identity management, and reliability. Mary cautions that vendors should not interpret HTI-5 as traditional deregulation. With HTI-6 already on the horizon, organizations that underinvest now risk facing more stringent outcome-based expectations later. Tony reinforces this point, arguing that the real risk is collective. A single high-profile failure due to weak security or identity practices could undermine trust across the ecosystem and invite a regulatory response that affects everyone. For providers and health systems, the shift means becoming more informed consumers of technology. Certification alone will no longer guarantee interoperability or trustworthiness. Providers will increasingly need to ask vendors how solutions perform in environments beyond a single one and how identity, consent, and security are handled across organizational boundaries. From a payer perspective, Mary explains that while HTI-5 does not directly change prior authorization requirements, it fundamentally reshapes the data access environment. As FHIR APIs become the default, plans will be expected to exchange data more dynamically and through automated workflows. This raises expectations around timeliness, quality, and trust, and accelerates a shift from managing transactions to managing trust at scale. Price Transparency: Compliance Without Clarity The conversation then transitions to CMS’s proposed price transparency rule, with Tony noting the absence of POCP’s usual price transparency expert and setting expectations for a higher-level discussion. Mary explains that this tri-agency proposal builds on earlier rules by clarifying standards, easing some reporting burdens, and refining requirements around machine-readable files, metadata, and reporting timelines. While these changes offer some relief to plans, Janice highlights a deeper challenge. Making pricing data available does not make it meaningful. Without consistent ways to connect clinical concepts to billing codes and pricing structures, patients and employers are left with technically accurate but practically unusable information. True transparency will require better integration of pricing data into real-time workflows, supported by APIs, governance, and trust frameworks. Mary also reminds listeners that employers are a critical stakeholder often overlooked in these discussions. As purchasers of coverage, they rely on usable pricing data to understand utilization and manage costs, making their perspective essential during the comment period. The Closing Message: Comment, Participate, Get Involved The episode closes with a strong call to action. Mary urges listeners to “get off the bench” and engage, regardless of which rule is at issue. Comment periods directly affect compliance programs, product roadmaps, and competitive positioning. Janice reinforces that policy alone cannot solve interoperability challenges. Progress depends on shared implementation guidance, testing, governance, and sustained participation in standards organizations and multi-stakeholder initiatives, including FAST. The final takeaway is clear: HTI-5 and the price transparency proposal are not just regulatory events. They are inflection points. Organizations that participate now can help shape outcomes that are achievable, scalable, and trusted. Those that sit out will be left reacting to decisions made without their operational realities at the table. Listeners are reminded that both proposed rules have comment deadlines in late February, and that POCP is available to support organizations in understanding the implications and crafting effective comments. The episode closes, as always, with the reminder that Health IT is a dish best served hot.
