CMS Innovation Center Posts FAQs on New WISeR Model. The Centers for Medicare & Medicaid Services (CMS) Innovation Center posted new frequently asked questions (FAQs) for the recently-released Wasteful and Inappropriate Service Reduction (WISeR) model. Questions include whether the WISeR model changes Medicare coverage policy, whether it applies to all Medicare items and services, how it protects patients, how technology will be used to improve accuracy and efficiency in claims review as they relate to prior authorization, and how it will prevent inappropriate claims denials, along with other topics. The goal of the WISeR model is to streamline the prior authorization process and improve its accuracy using technology. WISeR will support compliance with existing coverage policy in statutes, regulations, National Coverage Determinations, and Local Coverage Determinations.

OCR Publishes HIPAA Privacy Rule FAQs. The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published FAQs as additional sub-regulatory guidance on the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. One new FAQ addresses whether the HIPAA Privacy Rule applies to sharing of protected health information (PHI) for treatment purposes in value-based care arrangements. A second updated FAQ revises guidance on the personal health information individuals have a right to from their providers and health plan under HIPAA. The HIPAA Privacy Rule establishes national standards to protect individually identifiable health information, defines the uses and disclosures of PHI, and gives individuals certain rights to their PHI.

ASTP Designates Netsmart as Tenth TEFCA QHIN. Netsmart has received designation as a Qualified Health Information Network (QHIN). Announcement of the designation came from The Sequoia Project, which is the Trusted Exchange Framework and Common Agreement™ (TEFCA^™) Recognized Coordinating Entity^®, on behalf of the Assistant Secretary for Technology Policy (ASTP). QHINs are networks of organizations that facilitate authorized sharing of health information between providers and other appropriate users. The goal of QHINs is to increase access to patient health information, which seeks to improve patient care delivery and reduce administrative burden. 

NIST Hosting Webinar on Digital Identity Guidelines. The National Institute of Standards and Technology (NIST) is hosting a webinar open to the public on August 20 at 12:00 pm ET to review the final version of Special Publication 800-63, Digital Identity Guidelines, Revision 4. Other topics planned for the webinar include changes to the full suite of Digital Identity Guidelines documents, requirements for meeting digital identity assurance levels, requirements for security and privacy, and improvements to customer experience with digital identity solutions and technology. Go here to register for the webinar. 

ONC Health IT Certification Program Developer Roundtable on September 10. Registration is now open for the ONC Health IT Certification Program Developer Roundtable event being held by ASTP/Office of the National Coordinator for Health Information Technology (ONC) on September 10 from 12:00 – 1:00 pm ET. This meeting is open to all health IT developers, including those not currently participating in the ONC Health IT Certification Program. The agenda for the meeting includes the Health Data, Technology, and Interoperability: Electronic Prescribing, Real-Time Prescription Benefit and Electronic Prior Authorization (HTI-4) final rule, Standards Version Advancement Process, enforcement discretion, Insights Condition and Maintenance of Certification, and Inferno 101. Other topics may include Certification Program updates, program deadlines, and other developer requirements. 

CDC to Hold ICD-10 Coordination and Maintenance Committee Meeting September 9-10. The Centers for Disease Control and Prevention’s (CDC’s) National Center for Health Statistics announced it is holding its next ICD-10 Coordination and Maintenance (C&M) Committee meeting September 9-10 from 9:00 am to 5:00 pm ET. The ICD-10 C&M Committee is a public forum for the presentation of proposed modifications to the International Classification of Diseases, Tenth Revision, Clinical Modification (ICD-10-CM) and ICD-10 Procedure Coding System. The meeting is open to the public and online registration is required. Go here to register for the meeting.

New Tax Law Reinstates Telehealth First Dollar Coverage for HDHPs. Section 71306 of the recently enacted tax law permanently extends the safe harbor allowing health plans to provide first dollar coverage, prior to meeting deductibles, for telehealth services. Changes during the COVID-19 pandemic waived various requirements related to telehealth services, one of which allowed high-deductible health plans (HDHPs) to provide coverage for telehealth services prior to the deductible requirement being met. This waiver expired on January 1, 2025, but has now been retroactively and permanently reinstated with the signing of the new tax law on July 4.

Winners of ARPA-H and DARPA AI Cyber Challenge Announced at DEF CON 33. The Advanced Research Project Agency for Health (ARPA-H) and Defense Advanced Research Projects Agency (DARPA) announced the top three finishers of the AI Cyber Challenge (AIxCC) at the recent DEF CON 33 conference. AIxCC was launched as a competitive challenge, lasting two years, to develop AI-enabled software to identify and patch weaknesses in source code. The final seven projects that competed for the top prize are open-source software designed specifically for critical infrastructure systems that are vulnerable to cyberattacks, which include hospitals. All seven of the final cyber reasoning systems are being made available as open-source software under a license approved by the Open Source Initiative. Five of the programs are already available. Team Atlanta scored the highest and took the top prize of $4 million, followed by Trail of Bits in second place receiving $3 million, and Theori in third place with $1.5 million. The goal of the challenge was to develop better software tools for cyber defenders to protect health care organizations and other critical public systems.