Value-based enterprises depend on timely, accurate data, yet the rules that govern how that data moves between the Centers for Medicare & Medicaid Services (CMS), accountable care organizations, payors, and providers remain complex and often inconsistent.

On this episode, Epstein Becker Green attorneys Kevin Malone and Karen Mandelbaum unpack the regulatory frameworks shaping data exchange in value-based care. They outline how federal privacy laws, CMS rules, the Health Insurance Portability and Accountability Act (HIPAA), and state requirements intersect; why CMS-sourced data operates under a different regime than Medicare Advantage; and where organizations face the biggest operational hurdles when using, sharing, and governing data across large networks.

Key Takeaways:

• Distinct Legal Frameworks: CMS data is controlled by the Privacy Act, while Medicare Advantage data falls under HIPAA.
• Disclosure Tracking Requirements: CMS data use agreements demand strict tracking and downstream compliance.
• Operational Data Challenges: Silos and uneven data quality remain major barriers to effective value-based care.

Tune in to learn how today’s rules shape data access, data quality, and the real-world mechanics of value-based care.