CHIME Cheat Sheet on President's FY25 Budget Request
Date
Mon, Mar 18, 2024, 07:00 AM
DOWNLOAD PDF
Health IT Highlights from the President’s Budget Request – Fiscal Year (FY) 2025
The Biden administration released its annual budget request for fiscal year (FY) 2025 on March 11, 2024 which you can find here . Additional information for funding under the U.S. Department of Health and Human Services (HHS) can be found in a supplemental document called “ HHS Budget in Brief.” Below you will find health IT highlights from the budget request that may be of interest to CHIME members.
Please note that the President’s budget request outlines the administration’s policy priorities. Spending decisions are ultimately up to Congress.
Cybersecurity- HHS
$1.3 billion for a Medicare Incentive Program to encourage hospitals to adopt essential and enhanced cybersecurity practices and penalties for non-compliance. Essential practices: $800 million from the Medicare Hospital Insurance (HI) Trust Fund over FY 2027 and FY 2028 to approximately 2,000 high-needs hospitals to implement essential cybersecurity practices.
* Enhanced practices : $500 million from the Medicare Hospital Insurance (HI) Trust Fund for all hospitals to implement enhanced cybersecurity practices, available for FY 2029 and FY 2030.
* More information on HHS’ Cybersecurity Performance Goals (CPGs), including information on what are considered essential and enhanced goals, can be found here .
$141 million for cybersecurity initiatives in the Office of the Chief Information Officer (OCIO), an increase of $41 million above FY 2023. $20 million to maintain Department cybersecurity operations activity including threat analytics, assessment, and intelligence.
* $37 million, an increase of $5 million above FY 2023, to continue funding for the infrastructure, licenses, and maintenance of Department-level cybersecurity tools and enterprise solutions.
* $7 million for maturing cybersecurity public and private health sector activities.
* $36 million, an increase of $1 million above FY 2023, to maintain a Department cybersecurity strategy and continue engagement, risk, governance, compliance, and privacy management activities.
* $15 million, an increase of $7 million above FY 2023, to support continuation of the Department’s Zero Trust initiative.
* $15 million, an increase of $12 million above FY 2023, to support the continuation of the Department’s security event logging and data sharing initiative.
* $11 million to modernize the Department’s Health Insurance Portability and Accountability Act breach prevention and response efforts.
$12 million for Administration of Strategic Preparedness and Response (ASPR) for Sector Risk Management Agency (SRMA) functions. ASPR is the agency designated to coordinate cybersecurity incident prevention and response in the Healthcare and Public Health (HPH) Sector.
Office of the National Coordinator for Health IT (ONC)
The FY 2025 President’s Budget requests $86 million for ONC, an increase of $20 million above FY 2023. $10 million for ONC’s Policy Development and Coordination work, $5 million for ONC’s Standards, Interoperability, and Certification work, and $5 million to support pay and non-pay inflationary costs for operational and administrative functions.
* Legislative Proposal: As in previous years, the FY 2025 budget re-proposes legislation that would allow ONC to issue advisory opinions for information blocking, which would permit HHS to issue public, legally binding advisory opinions for the information blocking regulations.
HHS Office for Civil Rights (OCR)
The FY 2025 President’s Budget requests $57 million for OCR, an increase of $17 million above FY 2023 to address OCR’s increased caseload. OCR received a 101% increase in large breach reports from FY 2018 to FY 2022.
* OCR will also use $10 million in civil monetary settlement funds to support Health Insurance Portability and Accountability Act of 1996 (HIPAA) enforcement activities.
* Legislative Proposal: To strengthen OCR’s enforcement of the HIPAA rules, the FY 2025 budget includes a legislative proposal that would increase civil monetary caps for breaches and would authorize OCR to work with the U.S. Department of Justice to seek injunctive relief in federal court for HIPAA violations.
Please email [email protected] with questions.
CHIME PP PBR FY25 Health IT Highlights
Recommended for you
post
Innovation Summit: Mid-Atlantic Executive Summary Report
Jun 18, 2025
CHIME Innovation Summit: Moon Shots in Digital Health Innovation Mid-Atlantic Executive Report
post
TLRT: Championing Patient Access: Bridging the Gap Between Digital Capabilities and Operational Realities
Jun 24, 2025
This Thought Leadership Roundtable covers the complex healthcare landscape, including the imperative to reduce fragmentation, overcome cultural barriers, and leverage digital tools more efficiently to shift to a fully patient-centric model that prioritizes seamless experiences and timely interactions with care teams.
post
CHIME Responds to CMS & ASTP/ONC's RFI on the Health Technology Ecosystem
Jun 16, 2025
CHIME has submitted our response to the Centers for Medicare & Medicaid Services (CMS) and Assistant Secretary for Technology Policy (ASTP)/Office of the National Coordinator for Health Information Technology (ONC) (collectively, ASTP/ONC), request for information (RFI) on the Health Technology Ecosystem.
post
Unveiling the Future of Healthcare with CHIME's AI Principles
Jul 30, 2024
CHIME's AI Principles serve as a beacon, promoting patient safety, administrative efficiencies, regulatory oversight, innovation, and equity.
audio
From Chaos to Clarity: Data Strategies for Scalable AI in Healthcare
Apr 08, 2025
This episode covers the evolving role of AI and data infrastructure in healthcare, the importance of building robust, scalable data foundations before implementing AI, and advanced analytics to ensure measurable outcomes.