By Marilee Benson
If you’re busy and haven’t been tracking what CMS is saying and doing about health tech lately, your 2026 strategy could be built on assumptions that are about to become obsolete.
I’m not being dramatic. The scope of what’s shifting right now is comparable to the start of Meaningful Use in 2009, which virtually created the Health Tech space. Now it’s acceleration time!
Here’s what’s shifting across four fronts, and what you should do about it.
Shift 1: Regulation Refocuses from Features to Data Sharing
CMS is talking about “deregulation” of certified technology, but that’s not quite right. The shift is not less regulation – it’s refocused regulation. The emphasis is moving away from EMR feature checklists and toward demonstrable interoperability and data sharing.
At the same time, the Administration is increasing enforcement of Information Blocking rules. This raises the stakes for health tech vendors and their provider customers. If your solution creates friction in data exchange, that’s no longer just a competitive disadvantage, it’s a compliance risk with significant penalties at stake.
The bottom line: If your solution creates friction in data exchange, that’s now a compliance risk – and is a likely competitive weakness for your solution.
Shift 2: A New Payment Model Changes the ROI Conversation
CMS is launching the ACCESS payment program for Medicare – a new mechanism that creates outcomes-based revenue for tech-enabled care.
Read that again. Health tech that supports the ACCESS model can now point to direct ROI for provider users. That’s a fundamentally different sales conversation than “efficiency gains” or “patient satisfaction.”
And there’s more: CMS is building a directory of health tech vendors supporting ACCESS. When was the last time CMS offered you free marketing?
Separately, CMS recently confirmed that they’ll process claims from the telehealth shutdown period – a signal that they’re committed to keeping telehealth options available for Medicare recipients long-term.
The bottom line: Health tech supporting ACCESS can show direct ROI to providers – and get free marketing from CMS while doing it.
Shift 3: Interoperability Gets Real
The new CMS Interoperability Framework pulls together several health tech initiatives that will reshape how data moves over the next few years.
The centerpiece is TEFCA and CMS is putting serious pressure on providers and EMR vendors to remove the remaining barriers to consumer access to health data. TEFCA is CMS’s preferred mechanism for doing this at scale. If you’re in health tech and you’re not thinking about how TEFCA affects your data exchange strategy, you’re behind.
The bottom line: TEFCA is the path for Health Tech to provide access to health data at scale. If it’s not on your roadmap, you’re already behind.
Shift 4: HIPAA Expands to Follow the Data
Senator Bill Cassidy’s pending HIPAA legislation aims to close a significant gap: Currently, consumer-facing apps and private-pay providers often fall outside HIPAA requirements. (If you’re like most, you didn’t know that. But it’s true.)
The proposed change would make HIPAA protections follow the protected health data itself – not the type of organization holding it.
This is good news for trust. One of the most common objections to data sharing is “I don’t know if they’re HIPAA-compliant.” That objection loses its teeth when everyone handling PHI plays by the same rules.
So, if your digital health app has been flying under the HIPAA radar, those days are likely numbered.
The bottom line: HIPAA Expansion is great for trust across the ecosystem. But if you’ve been flying under the HIPAA radar, that window is closing.
So What Does This Mean for You?
Any one of these shifts would be worth paying attention to. Together, they represent the most significant recalibration of the health tech landscape since HITECH.
The companies that move now – getting aligned with ACCESS, getting ahead on TEFCA, and shoring up HIPAA compliance – will have a meaningful head start. The ones that wait will spend 2026 playing catch-up.
Here’s where to start:
Action 1: Get Up to Speed, Personally
If you don’t understand exactly how your company supports data exchange with other healthcare systems, now is the time to dig in. Your current strategy may not hold up in a “data sharing is mandated” environment.
Action 2: Sign Up for ACCESS Notices
Get on CMS’s radar early so you can be added to the vendor directory when it launches – and so you can answer provider questions when they start asking. Here’s the form you can fill out to get future ACCESS model updates.
Action 3: Get Serious About HIPAA & TEFCA
Whether it’s TEFCA participation requirements or the upcoming HIPAA rule changes, your compliance posture needs to be airtight. If you’ve been operating in a gray area, make a plan to get fully compliant.
Action 4: Make Interoperability Your Top 2026 Priority
The CMS Interoperability framework has created a new “pledge” category called “Friend of the Ecosystem” – a voluntary commitment for health tech vendors who want to accelerate healthcare data exchange. Any vendor can join, regardless of what problem you solve.
And while you’re at it, assess TEFCA for exchange use cases that align with your solution. Don’t let your competitors get the inside track while you’re still figuring out what changed.
Perhaps this section below is in some sort of different format than above? In a Box or something?
Not Sure Where You Stand?
Most of the health tech leaders we talk to aren’t starting from zero – they’re trying to figure out which of these shifts actually affects their roadmap, and how urgently.
That’s exactly what our Interop Workshops are for.. No pitch, no pressure – just a quick conversation to help you sort signal from noise. We’ve been doing this work since before TEFCA had a name.
Request an invite to a Zen Interoperability Workshop by emailing us at info@zenhealthcareit.com.
Want to go deeper?
Book a free 15-minute call with a Zen interoperability expert
