New Executive Orders On Regulations and DOGE Force Reductions

This post goes over two recent executive orders and what it means for health IT developers, as well as the impact of recent DOGE force reductions at HHS.

First, the administration’s February 18, 2025, Ensuring Accountability for All Agencies Executive Order has the potential have serious impacts on the health IT community. In short, it will change the rulemaking process and use the Office of Management and Budget (“OMB”) as a gatekeeper for proposed and final rules. Specifically, it states that “all executive departments and agencies, including so-called independent agencies, shall submit for review all proposed and final significant regulatory actions to the Office of Information and Regulatory Affairs (OIRA) within the Executive Office of the President before publication in the Federal Register.” The current Director of the OMB is Russel Vought. The goal is to ensure all regulatory and de-regulatory actions are consistent with the White House’s policy and political priorities. It will invariably interrupt certain cyclical rule making cycles, like the Medicare Physician Fee Schedule (where certain technology programs are regulated), but it opens a window move the needle on them that is not present in most annual cycles.

In addition, it definitively assigns makes the interpretation of law prescribed by the Department of Justice – subject to the “President’s supervision and control,” the “authoritative interpretation of law for the executive branch.” This means that to the extent that, say, any Office of the Inspector General opinion conflicts with one provided by the DOJ with respect to whether a particular practice constitutes a kickback, the DOJ’s will control. I raise that specific fact pattern for a reason. If you read the DOJ’s allegations against EMR vendors with respect to the Anti-Kickback Statute, you will find a very blunt legal approach to whether a practice constitutes a kickback. In contrast, the OIG focuses a balancing test with multiple factors. The DOJ’s would now control, and reliance on an OIG advisory opinion unblessed by the DOJ may be very misplaced. I would be remiss if I did not note that the current United States (and former Florida) Attorney General, Pam Bondi, is well known in Florida for prosecuting healthcare fraud, waste, and abuse issues. A sampling of prior national EMR settlements is provided below, and I expect the DOJ’s interpretations of law as posited in those cases to hold given who is running it today:

• https://www.justice.gov/archives/opa/pr/electronic-health-records-vendor-pay-145-million-resolve-criminal-and-civil-investigations-0
• https://www.justice.gov/archives/opa/pr/electronic-health-records-vendor-pay-155-million-settle-false-claims-act-allegations
• https://www.justice.gov/usao-ma/pr/athenahealth-agrees-pay-1825-million-resolve-allegations-it-paid-illegal-kickbacks
• https://www.justice.gov/archives/opa/pr/modernizing-medicine-agrees-pay-45-million-resolve-allegations-accepting-and-paying-illegal

Next, President Trump signed the “Ensuring Lawful Governance and Implementing the President’s Department of Government Efficiency Deregulatory Initiative” executive Order late on Wednesday. This order requires that all agency heads, in coordination with their DOGE counterparts, “initiate a process to review all regulations subject to their sole or joint jurisdiction for consistency with law and Administration policy.” The following classes of regulations are specifically flagged: 

1. Unconstitutional regulations and regulations that raise serious constitutional difficulties, such as exceeding the scope of the power vested in the Federal Government by the Constitution;
2. Regulations that are based on unlawful delegations of legislative power;
3. Regulations that are based on anything other than the best reading of the underlying statutory authority or prohibition;
4. Regulations that implicate matters of social, political, or economic significance that are not authorized by clear statutory authority;
5. Regulations that impose significant costs upon private parties that are not outweighed by public benefits;
6. Regulations that harm the national interest by significantly and unjustifiably impeding technological innovation, infrastructure development, disaster response, inflation reduction, research and development, economic development, energy production, land use, and foreign policy objectives; and
7. Regulations that impose undue burdens on small business and impede private enterprise and entrepreneurship.

This exercise is not just limited to formal regulations but all federal guidance documents. If you’re commenting on regulations that are currently in the hopper, and you should be if you are an EMR developer, then these should be your new “policy pillars” and your arguments should be centered on those points. Russ Vought has a paper trail on his policy preferences, and I recommend reading up on them and framing your issues around his priorities, as they are likely quite reflective of the administration’s as a whole.

EMR developers have opportunities here. The information blocking regulations, expanding certification criteria and the pace of their implementation, and the corresponding physician payment programs associated with the certification program are ripe with opportunity for burden reduction. Way back in 2021 I wrote about what happens when certification goes wrong, and listed eight (!) different sources you might consult when trying to figure out if your technology conforms with the certification criteria.

If I am an EMR vendor thinking about what’s ripe for comment, there are several regulations that are going to have to go to OMB that might be up for grabs. HTI-4 has a closed comment period, but I bet late comments may still catch attention given all the new changes and the new executive orders. Also, as I noted, that rule is definitely going to get another look anyways because it deals with abortion rights. The proposed HIPAA security rule is a big deal, and now is a good time to submit a comment on it because the comment window is open until March 7, 2025. The FTC’s Negative Option Rule, which is now effective after a legal challenge to stay its enforcement, may be another area of interest. While no formal proposal exists to unwind it, a comment on the final rule itself may get noticed under these conditions. There is a proposal to finalize and adopt certain NCPDP for retail pharmacy transactions. And there is a lot more coming, including all of the 2026 proposed fee schedules, a new rule on interoperability standards and prior authorizations for drugs, a proposed resiliency and modernization rule, and more.

Finally, DOGE force reductions are finally touching health IT, although how meaningful they will be is hard to say. The most immediate impact is probably the reported layoffs in the Centers for Medicare and Medicaid Innovation (“CMMI”). This is one of those things that might set off a lawsuit because it implicates physician payments. CMMI pilots new payment programs with the idea to find out new ways to pay for care other than by the volume of procedures provided to a patient. A lot of providers made technological investments in their organizations in order to participate, like installing certified electronic health record systems. Whether the layoffs will affect the providers’ participation of those programs is something that will bear out over time. The layoffs in the FDA have also reportedly hit those working on AI-related issues. CMS has also suffered force reductions, however, how that will affect the agency and whether it will impact rulemaking remains unclear to me.