HHS Moves to Enforce Crackdown on Health Information Blocking

The Department of Health and Human Services (HHS) announced that it is increasing enforcement actions against providers, health IT developers, and health information exchanges found to be blocking patient data. The initiative is part of ongoing efforts under President Donald Trump’s HHS to strengthen interoperability and ensure the flow of health information across the healthcare system, especially tackling HHS Health Info Blocking.

The announcement follows a July effort in which the administration secured voluntary commitments from 60 healthcare and technology companies to work toward interoperability. These organizations pledged to participate in a framework to allow more consistent information sharing between patients, providers, and innovators.

According to a press release, HHS Secretary Robert F. Kennedy Jr. has “directed increased resources” toward investigating and enforcing information blocking rules. The Office of the Assistant Secretary for Technology Policy (ASTP/ONC) has begun reviewing reports of information blocking and is providing technical support to the HHS Office of Inspector General (OIG) for investigations. Assistant Secretary Thomas Keane, M.D., confirmed that his office is coordinating with OIG on these activities. These steps mark a more aggressive stance against HHS Health Info Blocking.

Violations carry penalties. Certified health IT developers and health information networks could face fines of up to $1 million per violation and risk termination of certification. Providers participating in Medicare and Medicaid could be subject to disincentives under those programs if found in violation. These penalties target improper HHS Health Info Blocking practices.

The department noted a shift in enforcement priorities compared to previous leadership. “Information blocking was not a priority under the Biden Administration,” HHS said. “That changed under President Trump and Secretary Kennedy.”

Responses to a request for information issued by ASTP/ONC and the Centers for Medicare and Medicaid Services (CMS) earlier this year indicated that information blocking continues to occur. Several commenters observed that, despite the 2016 21st Century Cures Act explicitly prohibiting the practice, it remains common.

Some organizations stated that electronic health record (EHR) vendors and other developers may view health data as a competitive asset. The Connected Health Initiative described health data as being “trapped in a limited number of competing vendor ecosystems.” Premier, in its own comments, said that large EHR companies often impose extensive technical and procedural requirements on outside digital health tools before allowing connectivity, which the group argued creates a disadvantage compared to those companies’ own applications.

Deputy Secretary of Health and Human Services Jim O’Neill stated: “Unblocking the flow of health information is critical to unleashing health IT innovation and transforming our healthcare ecosystem. We will take appropriate action against any health care actors who are found to be blocking health data for patients, caregivers, providers, health innovators, and others.” Again highlighting the administration’s resolve to end HHS Health Info Blocking.

The enforcement initiative will be overseen by ASTP/ONC and the HHS Office of Inspector General. Acting Inspector General Juliet T. Hodgkins said that patients must have full access to their health information under the law, and that providers and certain health IT entities are legally responsible for ensuring data moves where and when needed. She added that HHS-OIG would “deploy all available authorities” to investigate violations and hold responsible parties accountable. This underscores that HHS Health Info Blocking will be treated with legal seriousness.

The rules underpinning this enforcement were finalized during the first Trump administration in 2020. These required providers, health information exchanges, and certified health IT developers to share health data with patients and with one another. While the rules led to some progress in electronic sharing, data exchange has remained uneven across the country.

The Biden administration faced criticism for delays in implementing penalties. HHS finalized punishments for health IT vendors in 2023 and for providers in the summer of 2024. Officials attributed the delay to limited enforcement authority under the law and challenges in addressing established business practices that restrict data sharing.

Since the interoperability rules took effect in 2021, ASTP/ONC has received over 1,300 reports of possible information blocking, which were referred to OIG. Most involved providers, but enforcement did not apply to them until 2024, when penalties were finalized.

Penalties vary by entity. Providers found blocking information risk losing Medicare payments, while developers and networks could be fined up to $1 million per violation and may lose federal certification. This makes HHS Health Info Blocking not just a compliance issue but a financial risk.

Alongside enforcement actions, CMS introduced a voluntary interoperability framework. Healthcare organizations that align with it will be designated CMS Aligned Networks. This initiative builds on the voluntary pledges made by healthcare and technology companies in July.

HHS urged patients and innovators to report suspected cases of information blocking. Officials said new resources will be directed toward identifying and addressing violations through ASTP/ONC and OIG.

---

Additional Content (to extend article)

Looking Ahead: Tackling HHS Health Info Blocking in Practice

Moving forward, the success of this crackdown hinges on how well healthcare organizations adapt to stricter oversight. To stay ahead, providers and health IT developers will need to audit their workflows to identify where data access or exchange is unintentionally hindered. This includes reviewing technical barriers, authentication delays, and contractual restrictions that contribute to HHS Health Info Blocking.

Education and transparency will also become more important. Organizations should ensure that patients understand their rights to access their electronic health information, how requests are handled, and how long it may take. Transparency around fees (if any), response times, and exceptions will help build trust and reduce complaints tied to HHS Health Info Blocking.

Regulatory agencies are also likely to publish case studies or reports showing examples of what counts and what doesn’t under the law. These precedents will shape how future violations are interpreted. Entities should build defensible audit trails and documentation for all actions—and non-actions—related to health data requests, so they can demonstrate compliance and avoid penalties linked to HHS Health Info Blocking.

Another potential development is tighter integration between enforcement and technology standards. As health information exchanges and EHR vendors are increasingly required to meet interoperability and usability benchmarks, regulators may expand mandatory API usage requirements, enforce standardized data formats, and impose stricter certification renewal audits. These moves would directly reduce opportunities for information blocking.

Finally, with patient expectations rising, institutions that excel at rapid, full, and accurate health data sharing may gain competitive advantages. Those who lag may face not just penalties but reputational losses. The crackdown on HHS Health Info Blocking is thus not only a regulatory shift but a market signal: seamless health information flow is becoming part of what defines quality and trust in care.