Medecision and Washington, D.C.-based advisors Maverick Health Policy hosted a discussion to share their insights about the many healthcare-related developments that the federal government and private sector organizations have driven thus far in 2024. 

In that webinar, Updates from Inside the Beltway: Analyzing Health Policy and Trends in an Election Year, Maverick Health Policy Founder and CEO Julie Barnes, JD, and Director Eric Schiavone, MPH, focused on a range of pressing policy topics that healthcare leaders should understand. The first article in this two-part series examines artificial intelligence (AI), utilization management (UM), and interoperability rules and regulations.

This article looks at initiatives in digital health, cybersecurity, data privacy, private equity (PE), mergers and acquisitions activity (M&A), and growing skepticism about Medicare Advantage (MA) programs. 


Digital Health: Several Proposals on the Table 

Congress is trying to make sure that Americans have access to digital health and telehealth services beyond 2024.  

To that end, U.S. Representative Doris Matsui (D-CA) and 31 co-sponsors reintroduced the Telemental Health Care Access Act in January 2024 to expand access to mental health care services by removing requirements for Medicare beneficiaries to see a provider in person within six months of receiving mental healthcare virtually. During that same month, U.S. Representative Michelle Steel (R-CA) and 17 co-sponsors introduced the Equal Access to Specialty Care Everywhere (EASE) Act, which would use CMMI funds to test new care delivery models via a national virtual network. 

Congress, the Executive Branch, and Collaboratives are Trying to Find Value in Digital Health

The Consumer Technology Association (CTA) and several U.S. Representatives hosted a briefing to introduce the Congressional Digital Health Caucus that is prioritizing digital health issues, including telehealth and remote patient monitoring, to ensure that all Americans are benefiting from the power of digital health tools. Also, U.S. Representative Earl “Buddy” Carter (R-GA) and a dozen co-sponsors introduced the Telehealth Modernization Act of 2024 to permanently extend the pandemic-era telehealth flexibilities for Medicare beneficiaries. Those include permanent access to telehealth coverage for patients, no matter where they receive care or how they access services.

Then in May, the U.S. House of Representatives’ Ways and Means Committee unanimously passed the Preserving Telehealth Hospital and Ambulance Access Act — which garnered many headlines; though, in reality, it was only the committee moving it along. “But for right now, it’s a pretty big deal that they at least addressed telehealth flexibilities and are looking to extend some of the pandemic-era waivers,” Barnes says.

Looking toward the future, The Joint Commission announced plans to launch a telehealth accreditation program on July 1, 2024, and the National Committee for Quality Assurance (NCQA) is going to release its own virtual care standards in July and allow applications for accreditation in November of this year. 

Schiavone also notes that in the White House’s fiscal budget for 2025, President Biden proposed that the U.S. Department of Health and Human Services (HHS)  permanently support the expansion of virtual care with a prohibition on telehealth facility fees.


Cybersecurity: Upshots to the Change Healthcare Attack
While much has been reported about the cyberattack against Change Healthcare, Barnes highlights some of the upshots. One is Senator Mark Warner (D-VA) calling for mandatory cyber hygiene standards for hospitals and health systems as well as their vendors.

“The cyberattack is one part of this. Another part is how exactly are we going to deal with the fact that UnitedHealth Group, which owns Optum, which owns Change, is so large that there were two Congressional hearings basically concluding that UnitedHealth is too big to fail?” Barnes says. 

Read Our New Independent Research Insights

To better understand the current state of care management, utilization management, and population health, Medecision commissioned Sage Growth Partners to independently survey 53 healthcare leaders about the most pressing opportunities and obstacles in 2024.

Read the Report


To help the healthcare and public health sectors address cyberthreats, HHS in January published new voluntary cybersecurity performance goals (PDF). HHS broke those into two categories. The essential goals are designed to address common vulnerabilities, improve response when cybersecurity events happen, and minimize residual risk. Enhanced goals help healthcare organizations build more mature cybersecurity capabilities and “reach the next level of defense” in protecting against attacks. 

“Despite currently being voluntary, when HHS proposes enforceable cybersecurity standards, they will be very much informed by those voluntary performance goals,” Schiavone says. “Much like Meaningful Use for EHRs, improving hospital cybersecurity is going to start with incentives and eventually transition to penalties.”


Data Privacy: A Bipartisan Bill 

Protecting patient data requires more than just cybersecurity protocols and technology. Data privacy also encompasses some ethical and legal aspects—and there have been a number of developments on this front as well.

In September 2023, Senator Bill Cassidy, the ranking member of the Senate HELP (Health, Education, Labor, and Pensions) Committee, solicited comments from stakeholders about HIPAA. Five months later, the Senator released a report about how to improve privacy protections for Americans’ health data that outlines several different proposals. One is to modernize the HIPAA framework, another is to safeguard health data that’s not covered by HIPAA, such as data residing in digital health apps. The report also contains a proposal to consider data that cannot be clearly defined as health or non-health data but relates to general privacy. 

Additionally, President Biden issued an Executive Order to protect Americans’ sensitive personal information from countries of concern: China, Cuba, Iran, North Korea, Russia, and Venezuela. “The data safeguarded from those countries includes genomic data, biometric data, personal health data, and other kinds of personally identifiable information,” Schiavone says. 

The Executive Branch and Congress Try to Ensure Data Privacy for Americans

In early April, Senate Commerce Committee Chair Maria Cantwell (D-WA) and House Energy and Commerce Committee Chair Cathy McMorris Rodgers (R-WA) jointly released a draft of the American Privacy Rights Act, with the goal of protecting consumer data by limiting the information covered entities can gather from individuals and dictating how they can use that data. Also in April, the Federal Trade Commission (FTC) updated one of its existing regulations, the Health Breach Notification Rule to clarify that it applies to digital health apps and other technologies that are not covered under HIPAA.


PE, M&A, and Medicare Advantage: Under Increasing Scrutiny

Amid an increase in private equity firm interest in healthcare and merger and acquisition activity, Barnes explains that the federal government is saying competition is good and anti-competitive behavior is bad. HHS, for example, appointed a new Chief Competition Officer to work with the FTC and Department of Justice on a strike force to focus on healthcare prices.

Enforcement agencies, for their part, are looking for public comment on M&A transactions by health systems, private payers, and private equity funds, to gain a sense of what’s not otherwise being reported. 

Medicare Advantage is yet another area under federal scrutiny with considerable skepticism about how well MA is working. “We’re in a very different moment in time in the healthcare system,” Barnes says. “While many plans are basically admitting that they’re about to have real trouble in the MA space, and others are exiting MA, even the small number that are gaining new members are saying they have to cut benefits because of the financials.”



Watch Playback

Read the article reporting on the previous webinar in our monthly series, Rethinking Care Management: Lessons from Banner|Aetna, Elevance, and Medecision, on the Medecision blog. Watch our entire webinar series here



We extend our thanks to Maverick Health Policy’s Julie Barnes and Eric Schiavone. Their expertise and insight have been critical in our effort to turn complex federal policy into practical, innovative solutions, helping Medecision’s customers confidently navigate the ever-changing healthcare landscape.

Subscribe to our blog

Don't forget to share this post!