Home Business Healthcare HHS Proposes Major Overhaul of...

HHS Proposes Major Overhaul of Health IT Certification Rules

Healthcare

HHS Proposes New Health IT Certification Rules Now

Business Honor
15 January, 2026

HHS plans to simplify health IT certification in order to improve innovation, this raises concerns about data sharing, cybersecurity and privacy protections.

The US Department of Health and Human Services (HHS) announced major changes to the federal health IT certification program. Suggesting an important change in the way electronic health records (EHRs) and related technology are governed. The rule is issued by the Office of the National Coordinator for Health Information Technology (ONC) and would remove 34 current certification standards while modifying seven others. With the aim to reduce the legal load, lower prices, and promote innovation in the health IT sector.

According to the ONC, the current certification system was complex and expensive, especially for smaller developers. Simplifying the program makes it easier for new companies to enter the market, improve competition, and speed the use of advanced digital technologies for healthcare professionals. This also updates information blocking laws to cover advanced technologies like AI and robotic process automation.

Despite these goals, the move caused worry throughout the sector. Stakeholders worry that lowering certification standards could have a major effect on connectivity, cybersecurity, and clinical implementation. One of the most problematic changes is data-sharing exclusions. Under the new rule, vendors that claim that a data request is impossible must document alternate options in an accurate request. Industry groups, like the Electronic Health Record Association, claim that this technique adds unnecessary administrative procedures while not improve data exchange because technical teams often evaluate all solutions at once.

Another major focus area is privacy and security. Where some safety-related certification requirements may be removed, while few audit and control systems will remain to avoid fraud. According to experts, the healthcare organizations are still legally bound to safeguard patient data under laws like HIPAA, despite changes to certification standards. However, many people are calling for more specific instructions to guarantee that simplification does not compromise cybersecurity measures. The success of this reform will be based on whether reduced laws will allow a future-ready, AI-based healthcare system while maintaining trust, security, and simple data interchange.