As healthcare continues to evolve rapidly, staying on top of the latest advancements in public policy is crucial. In a recent This Just In Radio Show episode, hosted by Justin Barnes, we explored this critical topic with two leading experts: Mari Savickis, Vice President of Public Policy for CHIME, and Chelsea Arnone, Director of Federal Affairs for CHIME. Together, they shared their insights on the challenges and opportunities healthcare organizations face as they adapt to new policies and technologies.
Cybersecurity: Addressing Emerging Threats in Healthcare
Cybersecurity remains a top priority for healthcare leaders, as hospitals and health systems increasingly rely on digital platforms. However, this reliance comes with heightened vulnerability to cyberattacks. Mari and Chelsea emphasized that the complexity of healthcare cybersecurity policies often leaves many CIOs and CISOs struggling to remain compliant and resilient against these threats.
Chelsea shared that CHIME’s public policy team is at the forefront of digesting complex regulations, simplifying them into actionable insights, and advocating for the healthcare IT community in Washington, D.C. “Our job is to translate thousands of pages of regulations into plain English for healthcare leaders,” Chelsea noted, highlighting the monumental task of ensuring that new rules and policies are understood and effectively implemented.
A major area of focus for 2025 is the CIRCIA law, passed in 2022, which mandates stricter reporting and compliance rules for cybersecurity incidents in hospitals with over 100 beds and critical access hospitals. The final regulation is slated to be released in September 2025, and CHIME has been actively engaging with policymakers to ensure the healthcare sector’s voice is heard. This law is expected to have a significant impact on how healthcare organizations report cybersecurity breaches
Justin highlighted the overall importance of healthcare leaders contributing to the legislative and regulatory process, saying, “Capitol Hill and the administration absolutely listen to all voices. You need to make your voice heard. Every piece of testimony, feedback, and response you submit is read and considered. This is why policy change can take time, but it ensures that all key stakeholders are part of building the best foundation for the future.”
AI in Healthcare: A Powerful Tool, But With Caution
Artificial intelligence (AI) continues to be a transformative technology with vast potential to improve healthcare delivery. However, its implementation raises significant regulatory and ethical challenges. In the discussion, Justin, Mari, and Chelsea explored the delicate balance between fostering innovation and ensuring patient safety and data privacy.
“There’s a lot of potential with AI to revolutionize healthcare. We all know that. But it brings up regulatory and ethical concerns.” said Mari. For many hospitals, especially small to mid-sized ones, the cost of deploying advanced AI models can be prohibitive. Large language models, for example, can cost hundreds of thousands of dollars a month, making it difficult for under-resourced providers to benefit from the technology.
Chelsea pointed out the potential for AI to deliver value through administrative savings and improved operational efficiencies. While AI may not be ready to replace clinical judgment, it can enhance decision-making and streamline processes. Yet, there’s a strong focus on ensuring AI adoption does not exacerbate the digital divide between well-funded healthcare organizations and those with fewer resources.
One of the primary concerns CHIME is addressing is the need for clearer policymaking around AI. Chelsea highlighted that many healthcare organizations are wary of investing heavily in AI without a more defined regulatory framework, which could impact their return on investment if too many stringent guidelines are introduced. Justin emphasized the need for a balanced approach to regulation, noting, “The government must avoid being overly prescriptive. While the technology innovators need flexibility, they also require clear guidance, because they can’t build products or write code with ambiguity. It’s a careful balance between issuing guidance without stifling innovation.”
Patient Privacy and Digital Health Policies
The discussion also delved into the importance of national privacy laws to protect patient data as the healthcare industry becomes more digital. With wearable devices and telemedicine platforms generating vast amounts of personal health data, protecting this information from being exploited by third parties is a critical issue.
Chelsea, Mari, and Justin all underscored the growing need for updated national privacy laws that address the nuances of today’s healthcare technologies. “Our data is our data,” Chelsea emphasized, reflecting the growing concern that consumer health data could be used inappropriately for marketing or other purposes. The need for tighter regulations around how data is collected, shared, and monetized is becoming a priority in Washington, D.C.
Looking Ahead: Policy Priorities for 2025 and Beyond
The healthcare policy landscape is always shifting, and the upcoming changes in government in 2025 will bring new challenges and opportunities for healthcare organizations. As Mari noted, “Funding the government is top priority, but we also need to focus on cyber funding and the telehealth extension, which ends at the end of this year.” With the upcoming elections, new faces in Congress, and evolving healthcare needs, the next few years will be pivotal for digital health and cybersecurity.
One of Justin and CHIME’s key initiatives for the future is ensuring the extension of telehealth flexibilities granted during the pandemic. The ongoing evolution of patient matching and digital identity initiatives also stands to reshape how healthcare systems manage data and identify patients across platforms securely.
CHIME is also advocating for the MATCH IT Act, a patient-matching bill that aims to standardize and improve patient identification, which is essential to patient safety by enhancing the accuracy and security of electronic health records (EHRs). This will play a crucial role in minimizing medical errors and improving the quality of care.
Conclusion: The Path Forward
As we move into 2025 and beyond, healthcare organizations need to remain vigilant and proactive in addressing the key policy areas that will shape the future of healthcare delivery. Cybersecurity, AI, and patient privacy will continue to be major focus areas, with leaders like CHIME playing an essential role in shaping policy and advocating for the healthcare community.
The Growth Performance team has over 20 years of experience leading healthcare and digital health discussions, as well as policy on Capitol Hill. Key discussions like these aim to offer valuable insights that highlight the importance of staying engaged in the policy process, ensuring that healthcare leaders are not only prepared for the future but are actively shaping it. We are committed to creating transparent discussions so that we help the industry, and certainly our clients, successfully navigate the future of healthcare.