May Monthly Review - And There Was A Firefight Edition
Plus A User's Manual for Regulation and Litigation
Let’s. F!@#ing. Go.
If the past few months have had you thinking “man, there hasn’t been enough financial, litigative and regulatory action in health technology - I really wish thing would pick up”. We have digital health IPOs. We have bold, impactful new court cases. We have the CMS standing up and saying “bring out your ideas - we’re open for business”.
Taking a look ahead, the schedule is pretty juicy and action-packed.
June 2025
June 9: PointClickCare must file motion to dismiss (Real Time Medical Systems v. PointClickCare)
June 13: Cognizant must supplement interrogatory answers (Cognizant v. Infosys case)
June 16: CMS RFI comments are due
July 2025
July 9: Real Time Medical Systems' opposition brief due
July 14: Epic’s answer or motion to dismiss due (CureIS v. Epic )
July 17: Baby Keeler #2 due (Brendan v. Sleep, Time, and All Previously Enjoyed Freedoms, jointly and severally)
July 23: PointClickCare's reply brief due
August 2025
August 4: Fact discovery cut-off (Intus Care v. RTZ)
August 25: Expert disclosures due (Intus Care v. RTZ)
August 29: Case Management Conference (Cureis v. Epic)
Sometime this summer
TBD but you better believe it’s coming: Judge decision on dismissal or discovery (Particle v. Epic)
And the stakes are very high. As a reminder:
CMS Request for Information: A sweeping 27-page RFI seeking input on transforming the health technology ecosystem, with questions ranging from expanding Blue Button 2.0 data access and strengthening information blocking enforcement to creating nationwide provider directories and aligning certification requirements with value-based care. The RFI signals potential aggressive regulatory moves to break through interoperability barriers, with comments due June 16, 2025.
RTMS v. PointClickCare: A crucial case that will determine the scope of information blocking and how business associate applications can interact with the EHRs of their willing customers. Is screenscraping really protected by information blocking?
Intus Care v. RTZ: A potential broadening of the principles in the RTMS v. PCC case to include actors beyond certified EHRs.
Particle v. Epic: A watershed antitrust case with unique market definition tests that could determine whether dominant EHR vendors can leverage their dominance to monopolize adjacent markets and exclude competitors.
Cognizant v. Infosys: A trade secret dispute that has spawned antitrust counterclaims by Infosys, raising questions about whether Cognizant itself engages in anticompetitive practices while protecting its dominant position in healthcare claims processing software.
CureIS v. Epic: Another information blocking adjacent case where Epic allegedly denied data access to force customers to abandon CureIS's managed care solutions. With a positive verdict, could establish how point solutions can challenge EHR vendors' exclusionary conduct through unfair competition and tortious interference claims.
Is it an overstatement to say that these are the marquee matchups and primetime events that will have America riveted all summer long? Yes, it is! What is true, though, is that the things that happen the next three months will dramatically influence the future of healthcare in America and the outcomes we’ll start to see will reshape the industry in ways unlike any other vertical or country before. The similarities and overlap of themes and complaints combine to form truly novel legal theory about the power of enterprise B2B software, the boundaries of intellectual property law, businesses’ ability to choose the software they want, and the fundamental question of who controls healthcare data - the platforms that store it or the providers and patients who create and need it.
Regulation and litigation aren’t just drama to be followed for entertainment. There’s extreme, raw alpha in being able to understand the cutting edge of policy and wield it to your advantage. At a minimum, you cover your ass from the liability of rules you didn’t know about. While I’ll certainly keep you updated on all the twists and turns, you should feel empowered to both come to your own conclusions yourself and also to shape the future of what will come. So to that extent, here’s exactly how:
Amateur Court Reporting
There are 204 federal courts in the United States: 94 district courts (at least one in each state), 13 courts of appeals (12 regional circuits plus the Federal Circuit), 1 Supreme Court, and 96 bankruptcy courts. Additionally, there are specialized courts like the Court of International Trade and the Court of Federal Claims.
Historically, accessing federal court documents was a laborious, expensive, and often impossible task. Researchers, lawyers, and journalists had to physically visit each courthouse where a case was filed, wait in line at the clerk's office, request specific documents by docket number, and then either view them in person or pay for photocopies (often at 50 cents or more per page). If you needed documents from a case in New York while sitting in Los Angeles, you either had to fly there yourself or hire a local "runner" service to retrieve and mail copies. Following multi-district litigation or circuit appeals meant traveling to multiple courthouses across the country. You could sometimes get courts to fax documents by the 1980s-90s, but it was expensive ($1-2 per page), required knowing exactly what to request, and many courts wouldn't fax lengthy documents or required prepayment and formal written requests.
Enter scene: PACER. Public Access to Court Electronic Records was created by the federal judiciary in the late 1980s and launched online in 1996 to modernize court records management and provide public access to federal case information. While groundbreaking for its time, technology calcifies as it becomes ubiquitous. PACER was built with 1990s technology infrastructure and has remained largely unchanged, creating a system that feels frozen in time.
I’m thankful it exists (it does not for state courts), but I have gripes. This is the official repository for federal court documents, a tremendous repository of the legal sediment and human knowledge built by years of steadfast resolution of altercation, confrontation, and pugnacious behavior. Making this available to the public is a social good - it should be a shining beacon of democratic transparency, a library of justice accessible to every citizen who wants to understand how their courts work, how precedent is built, how power is checked and balanced through litigation. Instead, we get a paywall around public documents, a 1990s interface that makes research feel like punishment, and a system that treats the public's own judicial records as a revenue source. The federal judiciary generates about $150 million annually from PACER fees, charging citizens to access documents created by tax-funded courts, documenting tax-funded proceedings decided by tax-funded judges.
I am all for the government covering costs, but the pricing here is unconscionable. The $0.10 per-page fee structure, while designed to be cheaper than the legacy methods, is simply nonsensical from first principles when applied to the Internet world of near-zero marginal costs and quickly becomes expensive for anyone seriously tracking litigation (following a single complex case can cost hundreds of dollars).
Beyond that, there are many other flaws:
Audio is inconsistently available and often scattered across different access points, while transcripts take up to 90 days to be posted.
It lacks robust search or alerting to do more involved sleuthing and discovery of emergent cases (such as all health technology, antitrust, or information blocking cases).
The registration process is fairly outdated, including them mailing you an activation code (although perhaps there’s a comforting familiarity to that process for people in healthcare)
Like all enterprise software, it has customer (court) specific variations that mean the data is not uniform or standardized. It (surprisingly) has an API that’s not half bad, but still constrained by the underlying pricing and functionality issues.
CourtListener, created by the nonprofit Free Law Project, offers a modern, free alternative that addresses many PACER shortcomings. It provides free access to millions of court documents crowdsourced through the RECAP browser extension (when PACER users upload documents they've purchased, they become freely available to everyone), plus advanced search features, email alerts, RSS feeds, and a clean interface. While PACER remains necessary for accessing the very latest filings or sealed documents, CourtListener at least allows you to check if documents are already available for free, set up monitoring alerts, and only turn to PACER as a last resort.
If you're trying to be tip of the spear for various cases, you'll likely need to bite the bullet and use PACER directly for same-day filings in high-stakes litigation—but even then, install RECAP so your purchases benefit everyone else following behind you. The ecosystem works best when early birds pay PACER fees but share the documents, creating a commons that democratizes access to legal knowledge while you're getting your competitive intelligence edge.
Regulation Comments
While those summer 2025 court cases determine what's legal under current rules, these comments shape what rules emerge next. As executive agencies like the CMS and HHS look to transmute law into reality, they face a fundamental challenge: Congress writes broad statutes like "promote interoperability" or "prevent information blocking," but agencies must expand these aspirational goals into specific, enforceable rules. On top of that, the Administrative Procedure Act requires agencies to gather public input through formal channels before they can do so. This injects real-world experiences into a federal system that is somewhat divorced from boots-on-the-ground empathy and understanding, creating a fascinating dynamic where ICU doctors explain why Epic's proposed "reasonable access" definition would crash their workflows, rural clinics detail how certification costs cascade through their budgets, and startups demonstrate how data moats kill innovation. Thus, from an optimistic point of view, the comment process forces agencies to confront the gap between DC conference rooms and hospital emergency rooms. On the other hand, the comment process can perversely create a fascinating, oft-debated dynamic where the regulated industry helps write its own rules to its benefit (also known as regulatory capture).
Enter the Federal Register and Regulations.gov, two sides of the same coin. The Federal Register is the official daily journal where all proposed rules must be published to have legal effect. These dense, two-column formatted legal notices have appeared daily since 1935 (and electronically since 1994), providing the official record of federal agency actions. It can be challenging to navigate and use, given the self-citations and
Regulations.gov, launched in 2003, is where that formality becomes conversation: a modern platform where you can search proposals, download attachments, and submit comments that become part of the official record. When CMS publishes that 27-page RFI on information blocking, it appears in both places: the Register provides the legally citable version, while Regulations.gov hosts the actual dialogue where Epic argues screen-scraping threatens security, Particle counters that it's essential for competition, and thousands of providers describe what "interoperability" means when you're trying to discharge a patient at 3 AM. The platform democratizes access to rulemaking, though whether it democratizes influence remains an open question.
Regulations.gov is the federal government's central portal where agencies post proposed rules, requests for information (RFIs), and policy notices for public comment. It's remarkably straightforward: agencies publish a document, set a comment deadline (usually 30-90 days), and anyone can submit feedback. You can search by agency (CMS, HHS), docket number, or keywords like "information blocking" to find relevant proposals. Each docket contains the main proposal plus supporting documents and all public comments, which is lowkey one of the best ways to understand stakeholder positions.
If that sounds like a lot to you, I have two solutions:
They have a solid API (weird document IDs aside) that is quite useful for pulling down all the comment content and feeding it into your LLM of choice
I love nothing more than reading comments and will be live analyzing them as they’re reviewed and released to Regulations.gov (the agency does light filtering to make sure comments are relevant to the proposed rule, don't contain inappropriate or offensive content, etc, although plenty of raucous and obscene ones make it through).
Ongoing thread for the RFI here.
Agencies must legally respond to substantive comments, creating a paper trail that courts scrutinize if rules face challenges. Well-crafted comments have forced rewrites, carved out exceptions worth billions. Well-crafted comments have genuinely improved regulations, identified unintended consequences, and helped create more workable policies that better serve both the industry and public interest. The
The comment process itself is straightforward but strategic. Search for the docket, click "Comment," and submit your response within the deadline (typically 30-90 days). Tactically:
Submit a PDF attachment. It allows you more flexibility for formatting and has a bit more polish.
Don't do anonymous unless you have a reason. What’s a good reason? The main one would be that you work for the government. The second would be that you want to comment something that your employer may not (but you feel hesistant to comment publicly as an individual).
Don’t comment on everything. Companies say something about everything (looking at you, EHRs) end up closer to saying nothing. It’s hard to wade through mega-comments and understand the novel proposals.
Cement your comment in real-world experience. It should be obvious, but real stories and narratives carry weight. Effective comments translate abstract principles into operational specifics: not just "this is burdensome" but "Section 3.2's authentication requirements would force us to maintain six different credentialing systems, costing $200,000 annually and adding 4 minutes to each patient encounter."
Here is May’s monthly review. As a reminder, this is a regular round-up of various short(er) form content on social media (LinkedIn with a smattering of reposting to Twitter) is to surface things you may have missed across regulation, litigation, interoperability, and beyond.
Regulatory:
Administrative Priorities for Health Tech: Policy recommendations include inviting payers into TEFCA with zero-cost reciprocity, finalizing UDAP provisions for scaled patient access networks, completing FHIR Subscriptions and CDS Hooks standards, and maintaining information blocking enforcement with private right of action, focusing on ubiquity over perfect standards. Nice pre-work for the RFI that’s now out.
ASTP Insights Conditions Enforcement Discretion: The Trump administration announced enforcement discretion for most "Insights Conditions" in health IT certification, choosing to enforce only FHIR app usage reporting while dropping requirements for C-CDA reconciliation, bulk FHIR metrics, and immunization reporting - signaling selective deregulation while maintaining focus on FHIR adoption.
Regulatory Trade-offs in the Age of the EHR: Regulation inherently favors incumbents through resource advantages and entry barriers. True EHR market competition would require either reducing switching costs and barriers for new entrants, or accelerating the platform shift that makes traditional EHRs obsolete through AI agents and workforce changes.
Information Blocking Complaint Data Breakdown: Analysis of federal data shows providers are the most common targets of information blocking complaints (with patients as primary claimants), followed by certified EHRs. Despite consistent complaint volumes over time and a spike in September 2024 (possibly due to Particle v. Epic case), the federal government has yet to address the backlog beyond light filtering.
CMS RFI Signals and Analysis: The new CMS Request for Information shows the Trump administration intends to strengthen and enforce information blocking provisions, with questions PR-12 through 14 specifically focused on enforcement. The RFI also shows fingerprints of Leavitt Partners' "Kill the Clipboard" initiative and indicates TEFCA isn't dead yet.
Reddit Meets Regulations.gov: Wall Street Bets-style subreddit campaigns attempting to influence CMS policy through mass commenting on behalf of Clover Health represent an unprecedented intersection of retail investor activism and healthcare regulatory processes. Make sure to check out the comments - I somehow incited the horde to come after me.
TEFCA Survives in Federal Budget: The HHS FY2026 budget brief asks for TEFCA funding to continue under the new administration, though priorities, structure, and mission may still face significant changes as the program evolves. This does not necessarily mean they’ll get it (Congress routinely allocates differently than the HHS or other agencies want) but it is a signal of regulators’ views.
Court cases:
Takings Clause Implications for Healthcare: Apple's potential appeal on App Store policies raises Fifth Amendment takings questions that could impact healthcare. PointClickCare already included takings arguments in their information blocking appeal, suggesting that judges forcing EHRs to provide RPA access without compensation could violate constitutional property rights.
RTZ Fumbles Defense in IntusCare Case: RTZ Systems made a shocking strategic error by skipping the obvious defense that they're not a certified EHR (and thus not an "actor" under information blocking rules), instead fighting solely on exceptions. This waiver of their strongest argument mirrors the failed PointClickCare strategy and virtually guarantees a loss.
CureIS Files Comprehensive Lawsuit Against Epic: Quinn Emmanuel filed another suit against Epic on behalf of CureIS Healthcare, alleging multi-faceted schemes to stifle competition including an "Epic-First" policy blocking third-party tools, false advertising of equivalent products, and misappropriation of trade secrets under the guise of integration efforts.
CureIS Case Stronger Than Particle's Approach: Unlike Particle's antitrust-focused case, CureIS uses information blocking combined with state law claims (similar to RTMS v. PointClickCare), making it potentially stronger. The complaint includes allegations of direct IP theft and could succeed even if information blocking claims were dismissed, though it's light on details about recent negotiations for access.
Legal Representation in Epic Cases: While Cravath represents Epic in Particle Health litigation, Akin Gump appears to be representing them in the CureIS case. While I thought this suggested different legal strategies for information blocking versus antitrust cases, it’s more likely just them as local co-counsel. Akin Gump is notably representing the EHR Association in their amicus briefs for RTMS v. PointClickCare, though.
Judge Maxine Chesney Assigned to CureIS v. Epic: The case was assigned to Judge Chesney, whose judicial history makes her well-suited for the complex litigation - she has deep experience with healthcare merger and antitrust disputes (State of California v. Sutter Health), technology sector trade secret cases (including trials on Chinese industrial espionage for semiconductors), and unfair competition claims, making her ideal for managing the sprawling 40-page, seven-count complaint.
CureIS v. Epic Customer Investigation: I went full CSI on the redacted parts of the complaint and identified the most likely Epic customers at the center of the case: Sutter Health, Cedars-Sinai Medical Center, Sharp HealthCare, and University of Florida Jacksonville Physicians. It seems CureIS had strong product-market fit alongside IDX systems, with many staff from GE/IDX backgrounds, suggesting their business declined as IDX waned in the market - potentially exacerbated by Epic's alleged anticompetitive conduct.
Cognizant-Infosys Trade Secret Battle Continues: Despite misleading media reports claiming the case is nearly over, the Dallas court's discovery management order merely directs routine dispute resolution. The case remains active with denied protective relief for Cognizant's CEO documents, upcoming expert disclosures, and summary judgment deadlines approaching.
EHRs:
AWS-Abridge Acquisition Rumors: Speculation about Amazon Web Services potentially acquiring the AI medical scribe company Abridge reflects strategic positioning against Microsoft/Nuance, potential synergies with AWS Healthscribe, and the race to capture Epic's ecosystem partnerships in the rapidly commoditizing AI scribe market.
Oak Street Health's Epic Migration: Oak Street Health is switching from Greenway to Epic after years of consideration, marking a major loss for Greenway (their largest client) and for tech-enabled care builders. Oak Street's award-winning custom EHR "Canopy" will likely be sunset, representing a shift from innovative tech-enabled care to traditional enterprise consolidation.
Outdated EHR Code of Conduct: The Electronic Health Record Association's Code of Conduct, last updated in 2016, focuses on CCDA exchange and lacks concrete obligations around modern interoperability standards like FHIR APIs, AI capabilities, and patient-directed exchange - highlighting the need for updated industry self-governance.
Industry Analysis
Bulk FHIR Community Building: We launched a community of bulk FHIR applications to share tips, troubleshoot together, and accelerate usage of this novel, very useful exchange pattern. Message if interested!
Grindr Launches Telehealth Service: The LGBTQ dating app launched "Woodwork" telehealth service for erectile dysfunction, raising interesting questions about whether users' dating history could become Electronic Health Information subject to information blocking provisions, depending on how the service is structured.
AI Accelerates B2B Centralization: The rise of AI reinforces centralization over decentralization in enterprise software. Systems of record with consolidated data have extraordinary competitive advantages in the AI era, as data aggregation enables better AI models. Smart incumbents will shift to platform approaches while laggards face regulatory and competitive reckoning.
Cross-industry Comparisons:
Healthcare Leading Banking in Data Access: While healthcare professionals bemoan being "behind," the potential rollback of banking's open APIs demonstrates healthcare's superior position with FHIR APIs and information blocking rules providing unprecedented data access rights that parallel industries lack.
Business Model Evolution in Healthcare Tech: Matt Brown's framework explains the shift from pure SaaS (VC model) to tech-enabled services, differentiating General Catalyst's hospital acquisition (crown jewel model) from Headway's approach (Business in a Box) versus traditional SaaS plays, though AI copilots show SaaS resurgence.
Ubiquity Beats Technical Superiority: Microsoft CTO Kevin Scott independently concluded the thesis of my HIMSS keynote - that B2B networks are judged primarily on ubiquity rather than technical perfection. The parallel thinking validates that healthcare should pick paths and sprint toward ubiquitous networks for prior authorization, referrals, and other workflows rather than endlessly optimizing technical details.
Healthcare's Unique Information Blocking Superpower: Unlike any other vertical, healthcare has federal information blocking laws that can force incumbent systems to provide data access. This regulatory backstop means point solutions can't be completely blocked by dominant EHRs - a unique competitive advantage not seen in other industries. Given that, people should use this to their advantage! This (fairly straightforward) call-to-action caused more debate in the comments than I thought it would.
Section 1033 Open Banking Rule Falls: The CFPB's open banking rule, which would have required banks to provide standardized APIs for consumer financial data access, is being rolled back under the new administration. This parallel to healthcare's Cures Act highlights the fragility of consumer access rights and the need to protect existing healthcare interoperability regulations from similar dismantling.
Other News:
VP of Product Seeking New Role: A rock star product friend is seeking a VP of Product/senior Product leader role, bringing strategic product vision, deep financial product management expertise, interoperability implementation experience, vendor relationship skills, and proven leadership abilities.
Director/Head of Partnerships Available: A talented friend with over a decade of experience seeking a Director/Head of Partnerships role at a healthcare startup.
ChatGPT's Minimalist Design Dominance: OpenAI convinced the world that bland, minimal chat interfaces represent peak LLM UI, leading to depressing aesthetic copycats across the industry. I somehow managed to post this hours before the Jony Ive / OpenAI collab dropped - was Altman listening?!?!
Portland May Meetup: May's Portland digital health meetup at Wayfinder Brewery brought together the local health tech community including out-of-town guests like David Tousignant, John Lynn and Luke Hedlund.
Friend Seeking Client Success/Strategic Operations Role: Another awesome person I know is on the market - looking for opportunities in Client Success or Strategic Operations. She is local to Portland and has experience spanning healthcare operations, project management, and health equity initiatives.
External Media:
126 AI Scribes and Market Saturation (Digital Health Inside Out): The proliferation of AI scribes represents both the "Ferraris and Priuses" of ambient tools - while they offer clear user happiness benefits and potentially ROI through reduced documentation burden, the sheer number of competitors raises questions about market sustainability and differentiation. Some fun differences of opinion on this one.
Code Blue for Tech: The Case for Clinician-Led Startups (Planetary Health First Mars Next): I joined Drew Lungquist and Adam Glassifer to discuss why startups need clinician input from day one, emphasizing the importance of understanding clinical workflows, the empathy gap between builders and users, and strategies for successful healthcare IT implementation.
Drama, Disputes, and Disruption (Availity Connects): I was invited to speak at Availity’s annual conference on Amelia Island, Florida. I spoke for an hour about the current state of health technology regulation and litigation (and was immediately out of date, as it was the day the RFI dropped and a day before CureIS case came out). Can’t win them all 🤷♂️. Hoping the recorded content is released soon to share with you all
Posts I Liked:
Good Neighbor Initiative for Bulk FHIR (Ken Mandl): Ken Mandl, Aneesh Chopra, and I launched Good Neighbor, a community site for sharing FHIR Bulk Data implementation experiences. Current EHR implementations show "checkbox compliance" without meaningful performance, shifting data mapping costs to customers and limiting innovation.
(Pawan Jindal, MD): Pawan has been putting out a ton of great interoperability content with a regular drumbeat. My favorite recently was this post that cleanly articulated how different regulated capabilities fit into the ecosystem.
Agent-to-Agent Prior Authorization (Josh Mandel, MD): Josh has similarly been on an absolute tear on LinkedIn. This demo of prior authorization using Agent-to-Agent protocols is the type of next generation infrastructure architecture that we’ll be wishing we chose to use instead of rigid DaVinci protocols (thematically what I discussed in my HIMSS presentation).
Product Leaders in Healthcare Slack (Dhruv Vasishtha): Dhruv’s Slack community is a nice balance of size and quality, hitting different than some of the larger groups. If you’re a digital health or health tech CPO or Head of Product, it’s a great place to mingle and chat with peers
Greate recap.
PS-The PACER hurdles are a painful irony when working to promote more effective and efficient authorized access, lower costs, interoperability and tamp out "information blocking". I'm still waiting on my PACER snail mail access auth!