Legal questions are an inevitable byproduct of significant technology change in health care such as that underway as a result of health information technology (HIT). This article examines several important existing and emerging legal questions in a Medicaid context. First, do the Centers for Medicare & Medicaid Services (CMS) and State Medicaid agencies, have a fiduciary obligation to adopt and fully use health information technology given its potential to improve health care quality while reducing racial, ethnic, and socioeconomic disparities in health and health care? Second, how can Medicaid privacy standards be reconciled with the Health Insurance Portability and Accountability Act (HIPAA) privacy rule? Third, what actual or perceived legal barriers exist to ensuring that Medicaid information is interoperable with data produced under critical health care, educational, and social programs from which beneficiaries are simultaneously receiving care?