On July 30, 2025, the U.S. Department of Health and Human Services (HHS) Centers for Medicare & Medicaid Services (CMS) announced a new Health Technology Ecosystem Initiative—a collaborative effort between government and industry to unlock innovation by modernizing healthcare data flows among patients, providers, payers, and technology platforms. The new initiative does not contemplate any new regulations; instead, it is a CMS-led effort intended to empower and accelerate innovation by the private sector through (i) the development of public digital infrastructure and data standards and (ii) voluntary commitments from industry to deliver new technology solutions based on a common data-sharing framework.

It is too early to predict how successful the Health Technology Ecosystem will be—the stubborn prevalence of data silos, lack of interoperability between systems, and challenges with using data for secondary purposes have long been a hurdle to innovation—yet, with 60 organizations, including leading tech firms, already pledging support for the new initiative, the broader industry may see this as an occasion for renewed focus and expanded efforts to bring health technology solutions to market at scale. For life sciences and digital health companies, this new initiative may present a strategic opportunity to better serve patients, empower providers, improve real-world evidence generation, and support innovation leading to better healthcare outcomes.

In particular, the following two focus areas for the life sciences sector are likely to benefit from successful industry alignment around the Health Technology Ecosystem:

1. Patient- and Provider-Facing Solutions

Life sciences and digital health companies have already invested heavily in developing connected care platforms, electronic health record (EHR)-integrated solutions, and other digital tools to facilitate the collection, management, and exchange of information between providers and patients. The Health Technology Ecosystem specifically seeks to engage and empower app developers building these types of solutions, including through a new “CMS Interoperability Framework.” The Interoperability Framework is a voluntary, standards-based “blueprint” that sets out data-sharing principles and other criteria to facilitate alignment on secure data sharing, leveraging the existing USCDI v3 and FHIR data classification and exchange standards. CMS is actively seeking early adopters of the Interoperability Framework, which affords an opportunity for life sciences and digital health companies to accelerate the development, deployment, and adoption of patient- and provider-facing solutions, including by collaborating with other companies executing against the Interoperability Framework.

Notably, the CMS initiative expressly calls for an increase in AI-powered patient support and other chronic disease management tools and, if successful, promises to clear the way for easier integration into existing healthcare ecosystems. Companies with digital therapeutics or companion apps, and companies developing digital tools (including AI/ML models) to support disease detection and diagnosis, may also be able to leverage additional integrations to both enhance product performance as well as to scale market penetration.

2. Enhanced Real-World Data (RWD) Access for Evidence Generation

In its Request for Information earlier this year, CMS asked for comments on how the Health Technology Ecosystem effort could enhance clinical research and the “generation of actionable evidence.” If improvements in interoperability and integration translate to greater availability of data from EHRs, health apps, and patient-facing platforms, life sciences companies could see new opportunities for RWD-enabled evidence generation across a variety of use cases, including label expansion, value-based contracting, and post-market surveillance. Life sciences companies already routinely partner with health systems, data providers, and other sector companies to license and analyze RWD sourced from existing records and are increasingly leaning on data aggregators and digital health companies to support prospective observational studies, where retrospective data is insufficient. Partnerships to source data from wearables, devices, and connected apps, including in the context of decentralized clinical trials (DCTs), have offered an additional channel for generating RWD, including patient-reported outcomes. But lack of standardization and interoperability has resulted in technical friction and limited the scalability of these efforts.

Increased industry adoption of a common standards-based interoperability framework could result in more timely and complete longitudinal patient records, enabling a wider scope of quality real-world evidence (RWE) studies. Further, wide adoption of digital credentialing could facilitate broader direct-to-patient data collection, by making such efforts more seamless, trustworthy, and user-friendly. Finally, as systems that generate and collect RWD become more sophisticated, and as the industry aligns around a common set of standards, regulators may be more likely to accept this data for regulatory purposes, especially if the framework leads to other standard practices relating to data integrity and auditability.

*            *            *

CMS’s primary objective with the Health Technology Ecosystem Initiative is to catalyze immediate innovation and build momentum. For those life sciences and digital health companies looking to leverage the moment, having a nimble legal and compliance strategy in place, and implementing a pragmatic and actionable approach to risk management will be critical. Issues that will need to be addressed include:

  • Data and AI Considerations. As companies look to integrate with interoperable platforms, contracts will need to address data rights, permitted uses, and de-identification standards and also provide assurances as to data provenance. The potential of data use for AI training will require careful consideration and a consistent approach. Securing contractual commitments around data quality, integrity and security will be critical, as will a cooperative approach to addressing potential data security breaches.
  • Application Programming Interface (API) Access. Given the emphasis on leveraging FHIR APIs for data exchange, companies building or accessing interoperable platforms will need to become proficient in negotiating software-as-a-service (SaaS) contracts, including service level agreements (SLAs). Standard provisions for procurement contracts may not be suitable depending on the use case, and companies will need a negotiation playbook that properly balances risk exposure (including reputational risks) against commercial priorities.
  • Compliance. HIPAA governs covered entities and their business associates, but as data increasingly moves into third-party tools and patient-authorized apps, companies may need to adapt to consumer privacy laws (e.g., CCPA, Washington MHMDA, and other state-level laws) and comply with standards mandated by the Office of the National Coordinator for Health IT (ONC). The overlay of emerging AI regulation adds another level of complexity that risk management frameworks and contract templates will need to address. And if companies offer digital tools that will be reimbursed by federal healthcare programs to providers or patients, they must ensure compliance with the Anti-Kickback Statute (AKS) and HHS Office of Inspector General (OIG) guidance.
  • U.S. Food & Drug Administration (FDA)-Regulatory Considerations for Digital Health Tools and RWD. New digital health tools or RWD use cases can raise important FDA considerations. Evaluating whether a digital health tool, including patient- or provider-facing software, is regulated by FDA as a medical device is a critical consideration in development. In addition, the use of EHRs and other health data to support drug or device development can implicate evolving FDA policies on RWD. For example, as we reported a few months ago, FDA is considering updated requirements for the data standards used to submit RWD study data to FDA. If this results in the development and adoption of FHIR-based standards, this could result in a significantly more streamlined process for collecting, analyzing, and submitting data to FDA. There are other important regulatory requirements and FDA scientific expectations for RWD studies, including (under certain conditions) FDA access to the source records used in a study. Further clarification of how current FDA requirements will apply in the context of RWD collected in the new HHS-led “Ecosystem” could encourage greater use of RWD for high-value regulatory purposes.

The CMS Health Technology Ecosystem has the potential to accelerate innovation and advance the industry towards an increasingly digitally connected healthcare environment. Those companies that get ahead of the likely legal, compliance, and regulatory issues—and put in place a framework for rapid contracting and partnership—will be best positioned to seize the moment.

Photo of David Wildman David Wildman

David Wildman specializes in complex transactions involving technology, intellectual property, and data. In this role, he regularly advises clients on issues relating to data commercialization, IP licensing, software development, and information technology services (such as cloud services, IT procurement, and outsourcing). David, who…

David Wildman specializes in complex transactions involving technology, intellectual property, and data. In this role, he regularly advises clients on issues relating to data commercialization, IP licensing, software development, and information technology services (such as cloud services, IT procurement, and outsourcing). David, who is a registered Patent Attorney and former electrical engineer, also advises on the intellectual property aspects of mergers, acquisitions, and strategic investments. David represents clients in a wide array of industries, including health technology, travel, and finance.

In addition to his broader practice, David is a member of Covington’s Digital Health Initiative. In that capacity, he counsels pharmaceutical, medical device, and technology companies on the complex commercial and intellectual property considerations that arise at the intersection of information technology, life sciences, and healthcare. These considerations include patient privacy and data security, ownership of data and derived insights, service levels, the development and exploitation of “Big Data” analytical tools and predictive models, and FDA-readiness, as well as other commercial issues that arise when entering into a partnership, collaboration or other strategic arrangement with participants in the digital health sector.

David also has extensive experience in the management and strategic development of patent portfolios in a variety of technical disciplines, which he leverages to help clients develop holistic intellectual property strategies that align to business objectives.

Before joining the firm, David worked at another leading law firm prosecuting patent applications in the U.S. and abroad, representing clients in post-grant proceedings at the United States Patent & Trademark Office (USPTO), conducting due diligence analyses, and rendering opinions on patent validity, infringement, and freedom-to-operate. David holds a degree in Electrical Engineering from Columbia University and obtained his J.D. from New York University School of Law. Prior to his legal career, David worked as a wireless design engineer in the mobile device industry.

Read more about David Wildman
Show more Show less
Elizabeth Brim

Elizabeth Brim is an associate in the firm’s Washington, DC office. She is a member of the firm’s Health Care and Data Privacy and Cybersecurity Practice Groups, advising clients on a broad range of regulatory and compliance issues. In addition, Elizabeth maintains an…

Elizabeth Brim is an associate in the firm’s Washington, DC office. She is a member of the firm’s Health Care and Data Privacy and Cybersecurity Practice Groups, advising clients on a broad range of regulatory and compliance issues. In addition, Elizabeth maintains an active pro bono practice.

Read more about Elizabeth Brim
Show more Show less
Photo of Anna D. Kraus Anna D. Kraus

Anna Durand Kraus has a multi-disciplinary practice advising clients on issues relating to the complex array of laws governing the health care industry. Her background as Deputy General Counsel to the U.S. Department of Health and Human Services (HHS) gives her broad experience…

Anna Durand Kraus has a multi-disciplinary practice advising clients on issues relating to the complex array of laws governing the health care industry. Her background as Deputy General Counsel to the U.S. Department of Health and Human Services (HHS) gives her broad experience with, and valuable insight into, the programs and issues within the purview of HHS, including Medicare, Medicaid, fraud and abuse, and health information privacy. Ms. Kraus regularly advises clients on Medicare reimbursement matters, the Medicaid Drug Rebate program, health information privacy issues (including under HIPAA and the HITECH Act), and the challenges and opportunities presented by the Affordable Care Act.

Read more about Anna D. Kraus
Show more Show less
Photo of Joe Franklin Joe Franklin

Joe Franklin’s practice includes emerging medical technologies, research uses of real world and clinical trial data, and the deployment of artificial intelligence in healthcare and biopharma. He brings experience in both government and the health tech sector to advise clients on the unique…

Joe Franklin’s practice includes emerging medical technologies, research uses of real world and clinical trial data, and the deployment of artificial intelligence in healthcare and biopharma. He brings experience in both government and the health tech sector to advise clients on the unique challenges and opportunities posed by evolving regulatory frameworks for novel technologies.

Joe was at Verily, Alphabet’s precision health company, from 2021-2024, where his roles included Chief Counsel for Regulatory and Strategic Affairs.

During his years of federal service, Joe held several senior policy roles at FDA, including as policy director for FDA Principal Deputy Commissioner Amy Abernethy. At FDA, Joe played a central role in the Agency’s technology and data modernization strategy and had responsibilities for a broad portfolio of regulatory and scientific programs. While in FDA’s Center for Drug Evaluation and Research (CDER), Joe built and led the biosimilars policy staff in the Office of New Drugs (OND). Joe was FDA’s Deputy Chief of Staff in 2015.

While serving in FDA’s Office of the Chief Counsel, Joe advised CDER and the Office of the Commissioner on biosimilars, emergency use authorizations, user fees, and controlled substances, among other issues. During the COVID-19 pandemic, Joe worked within the HHS General Counsel’s Immediate Office to advise on the federal response.

Read more about Joe Franklin
Show more Show less