Medicare App Library

Join the Movement to Transform Healthcare

For over 15 years, we've regulated healthcare technology – but regulation alone has not delivered the modern, connected experience Americans expect. We now have an opportunity to do something different.

The Medicare App Library is part of the CMS Digital Health Tech Ecosystem, a bold new vision built on collaboration, not just compliance. We are calling on health app developers, tech-enabled organizations, and innovators to voluntarily align around a shared framework for data and access that empowers people, improves care, and accelerates progress.

This is a movement, not a mandate. It is a call to action, not a regulation. Let's show what's possible when we work together – and finally bring healthcare into the modern era.

What is the Medicare App Library?

The Medicare App Library is a trusted, centralized directory where people with Medicare can discover and access vetted digital health care options. We use "apps" as an inclusive term that encompasses traditional mobile and web applications, technology-enabled care services, digital health platforms, and innovative care delivery tools. All care options in the library will have undergone rigorous evaluation to ensure they meet high standards for security, privacy, clinical evidence, usability, and equity.

Health Tech Ecosystem Apps

Modern, interoperable tools that integrate with CMS Aligned Networks deliver real-world value across three key use cases:

1. Kill the Clipboard

Objective:
Eliminate manual check-in forms by enabling FHIR-based data exchange at point of care, allowing seamless sharing of patient information.

App Requirements

• Digital credentials (IAL2/AAL2 via CMS-approved service)
• FHIR data transmission (QR code, Smart Health Card, or Smart Health Links)
• Visit summary retrieval in FHIR format
• CMS Aligned Network connection for health record retrieval

EHR Requirements

• Accept patient data via FHIR at check-in
• Provide visit record in FHIR format

• No portal credentials required when identity verified

2. Conversational AI Assistants

Objective:
Deliver AI-powered personalized health guidance through secure access to medical history.

App Requirements

• Personalized AI support (symptom checking, care planning, chronic disease support)
• CMS Aligned Network connection (direct or via PHR)
• Clear AI-generated result indicators with disclaimers
• Distinguish educational content from clinical guidance

3. Diabetes & Obesity Prevention and Management

Objective:
Provide personalized support for prevention and management powered by secure clinical data access.

App Requirements

• CMS Aligned Network connection (direct or via PHR)
• Clinical record integration for personalized coaching, reminders, and alerts
• Support for prevention and active management (medication, labs, nutrition/activity)
• Pre-diabetic resources
• HIPAA compliance when applicable

Ready to join the movement and deliver modern, connected healthcare tools to people with Medicare?

Learn More About Health Tech Ecosystem | Sign the Pledge

Why Participate?

Reach Millions of people with Medicare

• Access to 68+ million Medicare enrollees seeking trusted digital health solutions
• Placement in the Medicare.gov App Library
• Credibility through CMS recognition and third-party seals

Streamlined Vetting Process

• Single evaluation through DiMe or CARIN Alliance recognized for all use cases
• Clear, transparent requirements and timelines
• Dedicated partner support throughout the process

Special Benefits for Participants

• Negotiated identity verification pricing through ID.me and CLEAR, due to CMS's favorable rates secured to support better health outcomes for people with Medicare
• Access to CMS infrastructure, including the CMS Aligned Networks and modern identity services on Medicare.gov, as well as collaborative partnerships
• Opportunity to shape the future of digital health for Medicare

Be Part of the Transformation

Join a collaborative ecosystem of innovators proving that modern, connected healthcare is possible when we work together.

Health Tech Ecosystem Apps

Who Should Apply

Apps that integrate with CMS Aligned Networks and meet one of three use cases:

• Kill the Clipboard
• Conversational AI Assistants
• Diabetes & Obesity Prevention and Management

Patient-facing apps must meet these six core requirements:

Identity Verification:
Support secure patient identity verification using CMS-approved IAL2/AAL2 standards (e.g., mDLs, passkeys) to enable access to health records from CMS Aligned Networks

Medicare Connectivity:
Enable Medicare.gov notifications for Beneficiaries (notices, EOBs, fraud alerts)

CMS Review*:
Participate in CMS review process by disclosing data sources, terms/agreements, and completing a security checklist

Trial Access*:
Provide trial access for Medicare patients if the app charges a fee

Discovery Experience:
Allow the app to be featured in the Medicare.gov "app store" interface as a recommended option

HIPAA Compliance:
Operate consistent with HIPAA Rules when functioning as a covered entity or business associate

*ACCESS Model participants are exempt from CMS Review and Trial Access requirements, as these are addressed through ACCESS Model participation requirements.

Process Overview

Participation in the Medicare App Library follows a structured process designed to ensure applications align with Health Tech Ecosystem expectations for interoperability, security, privacy, and patient value.

1. Pledge

Sign the Health Tech Ecosystem pledge and apply to become an approved Health Tech Ecosystem Patient-Facing App participant, committing to meet program requirements and use-case criteria.

2. Identity Verification

Partner with ID.me or CLEAR to implement secure identity verification services meeting CMS-approved IAL2/AAL2 standards, enabling Medicare beneficiaries to securely access their health records.

3. CMS Aligned Network Connection

Connect to a CMS Aligned Network, either directly or via a Personal Health Record application, to enable secure FHIR-based health data exchange.

4. Third-Pary Review

Complete comprehensive evaluation with either DiMe or CARIN Alliance, covering clinical evidence, privacy, security, usability, equity, and technical standards.

5. Medicare App Library Application

Once pledge participation and vetting requirements are complete, submit the Medicare App Library developer application [insert link]

This submission includes developer information, ecosystem integration details, identity provider confirmation, vetting documentation, privacy disclosures, and materials needed for the App Library listing (logos, screenshots, promotional video, and app store links).

6. CMS Review

CMS validates Medicare-specific requirements, including use case alignment, CMS Aligned Network connectivity, data handling capabilities, and legal agreements.

7. Launch

Once approved, the app is featured in the Medicare App Library on Medicare.gov, where Medicare beneficiaries can discover and access trusted digital health tools.

Our Partners: Here to Help You Succeed

There are trusted partners available to support you at every step. We encourage you to explore conversations with each partner – they are here to help and guide you throughout your journey.

Identity Verification Partners

CLEAR

Who They Are:
CLEAR is a secure identity platform trusted by tens of millions of members for frictionless, verified experiences across industries.

Contact

Jason Sherwin
Sr Director, Healthcare Business Development
CLEAR
jason.sherwin@clearme.com
(401) 339-7300

ID.me

Who They Are:
ID.me is a trusted identity verification platform serving tens of millions of users, including government agencies and healthcare organizations

Contact

Wes Turbeville
Senior Vice President, Federal and Healthcare
ID.me
CMSHealthTechEco@id.me
540-640-2859

App Vetting Partners

DiMe (Digital Medicine Society)

Who They Are:
DiMe is a global non-profit advancing the ethical, effective, equitable, and safe use of digital medicine to redefine healthcare and improve lives.

How They Help:
DiMe evaluates apps across key pillars including clinical evidence, privacy and security, usability, equity, and technical standards.

Their Role:
Third-party certification body providing rigorous independent evaluation that serves as the qualifying credential for Medicare App Library inclusion.

Contact

Benjamin Vandendriessche
President & CSO
Digital Medicine Society (DiMe)
seal@dimesociety.org
216-777-9234

CARIN Alliance

Who They Are:
CARIN Alliance is a multi-sector collaborative working to advance consumer-directed exchange and trusted data sharing.

How They Help:

Organizations choosing the CARIN Alliance pathway must complete two steps:

1. Sign the CARIN Alliance Code of Conduct – Commit to transparent privacy, security, and data use standards for consumer-directed health data exchange
2. Obtain DirectTrust Accreditation – Complete independent third-party validation through DirectTrust Assessors who verify conformance to the CARIN Code of Conduct criteria

This combined approach provides both organizational commitment and independent verification.

Their Role:
Third-party certification body offering an alternative evaluation pathway that meets CMS requirements for Medicare App Library inclusion.

Contact

Susan Flynn
Director of Accreditation Operations
Direct Trust
Accreditation@DirectTrust.org
202.240.2741

Pathway to Medicare Payment: ACCESS Model

Organizations offering technology-supported chronic care may be eligible to participate in CMS's ACCESS Model (Advancing Chronic Care with Effective, Scalable Solutions), an Innovation Center model that introduces outcome-aligned payments for managing chronic conditions. Health Tech Ecosystem pledges that meet ACCESS Model requirements can apply for Medicare payment under this model.

ACCESS Model participants that pledge to join the Health Tech Ecosystem will be featured in the Medicare App Library with a special designation indicating their participation in ACCESS and Medicare coverage status.

ACCESS focuses on technology-supported chronic care across four clinical areas that affect more 70% of Medicare beneficiaries:

Early Cardio-Kidney-Metabolic (eCKM): hypertension, dyslipidemia, obesity, prediabetes
Cardio-Kidney-Metabolic (CKM): diabetes, chronic kidney disease, atherosclerotic cardiovascular disease
Musculoskeletal (MSK): chronic musculoskeletal pain
Behavioral Health (BH): depression, anxiety

ACCESS complements traditional care. Primary care and other clinicians can refer patients to ACCESS organizations, receive electronic progress updates, and bill a new co-management payment for care coordination with ACCESS participants.

Interested in Medicare payment for technology-supported chronic care services?

Learn More About ACCESS Model

Already Pledged with the Health Tech Ecosystem? 

Next Steps:

Connect with Identity Verification Partners
Reach out to ID.me and/or CLEAR to discuss identity verification solutions and special pricing

Choose Your Evaluation Partner
Contact DiMe and/or CARIN Alliance to begin the evaluation process

Prepare and Submit Your Application
Review detailed requirements for your chosen track(s).  Gather necessary documentation and submit your application once you’ve met the requirements

Stay Connected
If you’ve pledged for the Health Tech Ecosystem, be sure to participate in the Medicare App Library workgroups for collaboration and peer support.

Questions?

Our partners are here to help. Don't hesitate to reach out to ID.me, CLEAR, DiMe, or CARIN Alliance with questions about requirements, timelines, or the evaluation process.

CMS will do its part – launching key public infrastructure, enabling modern identity, and expanding data-sharing capabilities.

But the broader transformation depends on you stepping up to our challenge and delivering real results.

Together, let's bring healthcare into the modern era.

***

For clarity, nothing in this document is intended to contravene, supersede, or preempt federal or state healthcare or privacy laws, such as the Health Insurance Portability and Accountability Act of 1996 Privacy, Security, and Breach Notification Rules (HIPAA Rules), and the Privacy Act of 1974.