💊Key Medicare and Medicaid Regulatory Changes for 2026
This final rule revises the Medicare Advantage (Part C), Medicare Prescription Drug Benefit (Part D), Medicare cost plan, and Programs of All-Inclusive Care for the Elderly (PACE) regulations to implement changes related to prescription drug coverage, the Medicare Prescription Payment Plan, dual eligible special needs plans (D-SNPs), Part C and D Star Ratings, and other programmatic areas, including the Medicare Drug Price Negotiation Program. This final rule also codifies existing sub-regulatory guidance in the Part C and Part D programs.
Learn More🏥Proposed Rule for Marketplace Integrity Under the ACA
This proposed rule would revise standards relating to past-due premium payments; exclude Deferred Action for Childhood Arrivals recipients from the definition of "lawfully present"; the evidentiary standard HHS uses to assess an agent's, broker's, or web-broker's potential noncompliance; failure to file and reconcile; income eligibility verifications for premium tax credits and cost-sharing reductions; annual eligibility redetermination; the automatic reenrollment hierarchy; the annual open enrollment period; special enrollment periods; de minimis thresholds for the actuarial value for plans subject to essential health benefits (EHB) requirements and for income-based cost-sharing reduction plan variations; and the premium adjustment percentage methodology; and prohibit issuers of coverage subject to EHB requirements from providing coverage for sex-trait modification as an EHB.
Learn More🔐Proposed HIPAA Security Rule Enhancements for Cybersecurity Compliance
The Department of Health and Human Services (HHS or "Department") is issuing this notice of proposed rulemaking (NPRM) to solicit comment on its proposal to modify the Security Standards for the Protection of Electronic Protected Health Information ("Security Rule") under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act). The proposed modifications would revise existing standards to better protect the confidentiality, integrity, and availability of electronic protected health information (ePHI). The proposals in this NPRM would increase the cybersecurity for ePHI by revising the Security Rule to address: changes in the environment in which health care is provided; significant increases in breaches and cyberattacks; common deficiencies the Office for Civil Rights has observed in investigations into Security Rule compliance by covered entities and their business associates (collectively, "regulated entities"); other cybersecurity guidelines, best practices, methodologies, procedures, and processes; and court decisions that affect enforcement of the Security Rule.
Learn More