Leaders from U.S. DOGE Service & CMS, ASTP/ONC and the private sector talk interoperability on Tuesday at HIMSS26
Photo: HIMSS Media
LAS VEGAS – Ahead of HIMSS26 week, we caught up with Dr. Thomas Keane, Assistant Secretary for Technology Policy and National Coordinator for Health IT.
Among the policy questions he answered during our Q&A was one about the goals and aims of the federal Health Technology Ecosystem, first unveiled in July 2025 by President Donald Trump, Health and Human Services Secretary Robert F. Kennedy, Jr., and Centers for Medicare & Medicaid Services Administrator Dr. Mehmet Oz.
The new API-focused data exchange framework – with participation from health IT vendors, Big Tech companies, and provider and payer systems – is meant to enable easier sharing of patient medical records via a new effort known as the CMS-Aligned Network.
How do the goals of the new CMS-led Health Tech Ecosystem jibe with the larger interoperability work of the Trusted Exchange Framework and Common Agreement (TEFCA), built out over the past decade by ONC? Are they in conflict with each other, or are they meant to be complementary?
Keane's answer echoed one put forth recently in blog post by his colleague, ASTP/ONC Principal Deputy Steve Posnack: "Where TEFCA looks to be a rising tide that lifts all boats, networks that have pledged to be a CMS-Aligned Network are more like speedboats shooting out ahead to achieve specific milestones."
At HIMSS26 here on Tuesday, Keane was joined by Amy Gleason, acting administrator of the U.S. DOGE Service and strategic advisor for CMS, who offered more insights about the structure, status and goals of the Health Technology Ecosystem.
In a conversation moderated by Leavitt Partners Principal Ryan Howells, Gleason noted that momentum for the interoperability network is building
"We started out with 60-ish companies, and we now have over 700 people participating in the work groups," said Gleason, who encouraged others to take the pledge on the CMS website that lays out the different categories for committing to the ecosystem.
"So if you're not quite ready to pledge or don't know exactly how you contribute yet, you don't fit one of those boxes, you can [still] come join us," she said. "We have about 12 workgroups in a Slack channel, with government and private sector, to collaborate."
Simply put, "we think patients should be able to get their information without having to use portals or without having to know all the providers they've been to – just using their identity to get all their records into whatever app they choose to use. And then they should also go to see who else is getting their data, like your credit report, where you can see who's checking your credit. You should go to see who's getting your data."
As for providers, "we wanted to enhance the things that weren't working super well, primarily around trust. So we're adding a provider directory that helps people know who's the provider, how to connect," Gleason said.
"And then the other part was payers," she added. "Providers aren't able to get claims data very easily today. The way providers get claims data, including for Medicare. And then having payers to be able to get quality data out of the network and to get clinical data for our claim that's been paid.
"But then the foundational goal we're trying to do is really patient-focused," said Gleason, eyeing a near future where "you can just show a QR code at a practice [and] share your medical records."
The FHIR-focused project is "not meant to be competing with TEFCA, which has the job of bringing people along and making sure that everyone is meeting," she added, echoing Posnack's analogy. "Where we're trying to be the speedboat going out ahead and trying to find ways to make this work, TEFCA raises the floor for everyone."
For his part, Keane also emphasized the complementary nature of the two initiatives.
"I get this question a lot," he said. "'Are they competing? Are they mad at each other?' No, they actually like each other. It's okay. They're going to be fine. And they both serve a specific purpose. It's almost like [ecosystem] is this massive connectathon: 'Let's try it, test it, figure it out, make sure that it's working and that it's operating and you're going to help to scale.'
"Amy is running an innovation accelerator, and working on things like patient identity and patient matching and provider director – very heavy lifts – and are doing them in a collaborative way to get the best from industry and the best from government collaborating to actually make it work," said Keane. "Whereas we're taking a regulatory approach. I'm the guy with the whip hand."
The regulatory cycle is "about 18 months to actually develop, release, process comments and then finalize a rule, followed by typically a two-year implementation timeline," Keane noted. "It's slow. What Amy is able to produce in under a year, and now I think in nine months, is pretty impressive. And all of those innovations are things we can adopt."
Lots of other news and updates were discussed in the wide-ranging discussion on Tuesday, but there were two items worth noting.
One was the announcement from CMS this month that it has released new Medicare enhanced login options – helping better manage their health information. When someone creates a new Medicare.gov account or verifies their identity, they now can choose among ID.me, with 24/7 chat support; CLEAR, to help with verification questions; or Login.gov, which also offers customer support.
Those free services are already in use by the Social Security Administration, Internal Revenue Service and the Department of Veterans Affairs, and now are available for Medicare patients.
"Already, just in the first five or six days, 25% of people just automatically picked one of those new modern credentials, 60% of new accounts that have been created are now using one of these modern credentials, and 90% of people that created a new account already had been identity-verified," said Gleason.
Some other big news was related to ASTP/ONC's information blocking enforcement, which the agency announced this past September has new resources behind it and would be a priority for 2026 and beyond.
"We have already issued notices of potential nonconformity to people under the Health IT Certification program," said Keane. "Those have gone out, and we're continuing to issue them. Those are all private, and so I can't talk about who's got them or when they were sent out. But we are sending them out.
"The way that process works is folks then respond to us and tell us if they think they are or are nonconformant," he explained. "We come up with a corrective action plan if we feel that they are nonconformant. And If they don't meet the strictures of the corrective action plan, we can pull their certification and their customers lose the ability to access CMS payment incentives.
"So what that means, Tom, is after nine years of waiting, this stuff is happening," said Howells.
"It's actually happening," said Keane.
Mike Miliard is executive editor of Healthcare IT News.
Email the writer: mmiliard@himss.org
Healthcare IT News is a HIMSS publication.
