Health Law Advisor

On July 23, 2025, the president signed three AI-related Executive Orders (“E.O.s”) to accompany the recently released White House’s Artificial Intelligence (AI) Action Plan (“AI Action Plan”). These E.O.s seek to add clarity to, and drive forward, federal policy in the AI space.

While they all relate to AI, the E.O.s otherwise vary considerably in subject matter: “Accelerating Federal Permitting of Data Center Infrastructure”; “Promoting the Export of the American AI Technology Stack”; and “Preventing Woke AI in the Federal Government.”

As we noted in our July 24 blog, the White House is clearly determined to outpace other countries so that the U.S. benefits from any gains provided by AI through building AI infrastructure and bolstering AI-related exports. The Center for Data Innovation, from its perspective, stated in a press release that the actions pursued by the executive orders will advance U.S. goals of global AI dominance and enable the U.S. to better compete with China.

The long-awaited White House Artificial Intelligence (AI) Action Plan (“AI Action Plan”) is here, setting forth the Trump administration’s policy recommendations to achieve the goal of “global AI dominance.”

The White House released the AI Action Plan on July 23, 2025, and delivered remarks on the plan during an AI summit. The same day, the president signed three AI-related Executive Orders to further the AI Action Plan, relating to: 1) “Accelerating Federal Permitting of Data Center Infrastructure”; 2) “Promoting the Export of the American AI Technology Stack”; and 3) “Preventing Woke AI in the Federal Government.” Yet it remains to be seen whether and how successfully the AI Action Plan will unfold—particularly with respect to impacts on incongruous state regulatory action.

Likening the global AI race to the space race during the Cold War, the introduction to the 28-page AI Action Plan emphasizes the need “to innovate faster and more comprehensively than our competitors in the development and distribution of new AI technology across every field and dismantle unnecessary regulatory barriers that hinder the private sector in doing so.” 

It’s July, and the White House Artificial Intelligence (“AI”) Action Plan (“Action Plan” or “the plan”) is almost here.

In Executive Order 14179 of January 23, 2025—entitled “Removing Barriers to American Leadership in Artificial Intelligence”—President Donald Trump directed federal officials to develop an Action Plan to achieve the policies of sustaining and enhancing America’s dominance in global AI. The plan is expected to drop by July 23, to coincide with an address by the President outlining his vision for American AI.

The release of the Action Plan will follow a number of recent developments in AI at the state and federal levels that show no signs of abating. On July 15, for instance, the White House announced $90 billion in energy and data center investments in Pennsylvania, according to Reuters. Bloomberg reported the same day that President Trump is planning to sign another executive order to implement the Action Plan upon its release to push the policy forward.

On May 17, 2024, Colorado Governor Jared Polis signed Colorado’s historic artificial intelligence (AI) consumer protection bill, SB 24-205, colloquially known as “Colorado’s AI Act” (“CAIA”), into law. As we noted at the time, CAIA aims to prevent algorithmic discrimination in AI decision-making that affects “consequential decisions”—including those with a material, legal, or similarly significant effect with respect to health care services and employment decision-making. The bill is scheduled to take effect February 1, 2026.

The same day he signed CAIA, however, Governor Polis addressed a “signing statement” letter to Colorado’s General Assembly articulating his reservations. He urged sponsors, stakeholders, industry leaders, and more to “fine tune” the measure over the next two years to sufficiently protect technology, competition, and innovation in the state.

As the local and national political climate steers toward a less restrictive AI policy, Governor Polis drafted another letter to the Colorado legislature. On May 5, 2025, Polis—along with Attorney General Phil Weiser, Denver Mayor Mike Johnston, and others—requested that CAIA’s effective date be delayed until January 2027.

New York State appears poised to become the fourth state to explicitly regulate consumer health data not covered by the federal Health Insurance Portability and Accountability Act (HIPAA). In May of 2023, Washington State enacted the My Health My Data Act; in June of 2023, Connecticut amended its Data Privacy Act; and in March of 2024, Nevada passed Senate Bill 370. In many respects, NY HIPA is broader in scope and effect than its three predecessors.

New York’s S929 (Health Information Privacy Act or NY HIPA), sponsored by state Senator Liz Krueger (D), establishes requirements for communications to individuals regarding the disposition of their health information; and requires written consent or a designated necessary purpose for the processing of such health information. NY HIPA addresses vulnerabilities unaddressed by HIPAA because it applies to a broader range of private companies and protects health information at risk of disclosure through the commercialization of health data.

HRSA’s “Audit Reporting Requirement Attestations” arrived in inboxes on Friday, March 22, 2024, and require a response by Friday, April 5, 2024.  The government is under pressure to show that the money distributed under the CARES Act and the American Rescue Plan was used responsibly.  These notices are frustrating and frightening, and a two-week turnaround may seem a bit callous, but the situation could certainly be worse—the government could have simply demanded a return of the funds.  If an organization expended more than $750,000 in a single fiscal year and does not comply ...

On October 30, 2023, President Joe Biden signed the first ever Executive Order (EO) that specifically directs federal agencies on the use and regulation of Artificial Intelligence (AI). A Fact Sheet for this EO is also available.

This EO is a significant milestone as companies and other organizations globally grapple with the trustworthy use and creation of AI.  Previous Biden-Harris Administration action on AI have been guidance of principles (e.g., the AI Bill of Rights) or have been targeted guidance on a particular aspect of AI such as the Executive Order Addressing Racial ...

Throughout the course of the pandemic, the Health Resources and Services Administration (HRSA) distributed $178 billion in Provider Relief Funds (PRF) to hospitals and health care providers.  The Public Health Emergency has ended, and HRSA is now turning an eye to how the money was spent, and whether it was spent properly. 

PRF funds were distributed with nearly no-strings-attached; hospitals and providers had to simply agree to a few terms and conditions.  Yet a number of facilities and providers have received one of two types of letters from HRSA: (1) a Final Repayment Notice stating the money must be returned, or (2) a letter stating that HRSA will be conducting an audit.  

On March 22, 2023, the U.S. Department of Health and Human Services’ Office of Inspector General (“OIG”) updated its Frequently Asked Questions (“FAQs”), drafting 13  FAQs aimed at easing the transition from COVID-era flexibilities to the end of the Public Health Emergency (“PHE”) on May 11, 2023. These FAQs arrive on the tail of OIG’s March 10, 2023 COVID-19 Public Health Emergency policy statement, which announced that the expiration of the PHE in May also marks the end of flexibilities extended during the crisis.  The updated FAQs offer a glimpse into how OIG investigations and enforcement might play out after the end of the PHE.  These FAQs address subjects including “General Questions Regarding Certain Fraud and Abuse Authorities,” the “Application of Certain Fraud and Abuse Authorities to Certain Types of Arrangements,” and “Compliance Considerations.”  

The vast majority of the principles articulated in the updated FAQs will undoubtedly be familiar to many.  Generally speaking, the updated FAQs restate or clarify longstanding OIG policy.  The updated FAQs are more than reiteration, however; they offer condensed policy and explanation in a single location, and demonstrate that for the most part, investigations and enforcement may return to the pre-PHE status quo. 

On April 20, 2022, the Department of Justice (DOJ) announced a nationwide coordinated enforcement action targeting COVID-19-related fraud involving charges against 21 individuals across nine federal districts, and over $149 million in alleged false claims submitted to federal programs.[1]

This marks the first significant DOJ enforcement action since Attorney General Merrick Garland named Associate Deputy Attorney General Kevin Chambers as the Director for COVID-19 Fraud Enforcement on March 10, an appointment President Biden previewed in his State of the Union address on March 1.