On Friday, January 5, 2017, the Office of the National Coordinator for Health Information Technology (ONC) released its Draft Trusted Exchange Framework and Common Agreement(“TEFCA”) to provide a single “on-ramp” for stakeholders to join any health information network they choose in order to participate in the national exchange of health information regardless of what health IT developer they use, health information exchange or network they connect with, or where the patients records are located. As discussed in our recent blog (“2017 ONC Annual Meeting Highlights Challenges to Achieving Usability of Health Information”), the 21st Century Cures Act requires ONC to convene partnerships to develop and support a trusted exchange framework, including a national common agreement among health information networks to provide for full network-to-network exchange of health information.
The Draft Exchange Framework lists the following outcomes: (1) providers can access health information about their patients, regardless of where the patient received care; (2) patients can access their health information electronically without any special effort; (3) providers and payer organizations accountable for managing benefits and the health of populations can receive necessary and appropriate information on a group of individuals without having to access one record at a time; and (4) the health IT community has open and accessible application programming interfaces (APIs) to encourage entrepreneurial, user-focused innovation to make health information more accessible and to improve electronic health record (EHR) usability.
TEFCA has two major parts:
- Part A—Principles for Trusted Exchange. Part A includes the following 6 principles to serve as the foundation of the trusted exchange framework and which are detailed in Part B: (1) standardization; (2) transparency; (3) cooperation and non-discrimination; (4) privacy, security, and patient safety; (5) access; and (6) data-drive accountability; and
- Part B—Minimum Required Terms and Conditions for Trusted Exchange. Part B includes minimum terms and conditions which reflect the existing work in the industry and build on the foundation of the HIPAA Rules. It addresses, among other things, common authentication, rules for trusted exchange, and minimum organizational and operational policies.
The stakeholders who can use the Trusted Exchange Framework include health information networks, federal agencies, public health organizations, individuals, payers, providers, and technology developers. The permitted use cases for the Trusted Exchange Framework include public health, treatment, benefits determination, payment, individual access, and healthcare operations.
In spring 2018, ONC will release an open, competitive Funding Opportunity Announcement (FOA) to award a single multi-year Cooperative Agreement to a private sector organization or entity, known as a Recognized Coordinating Entity (RCE). The RCE will provide oversight and governance for Qualified Health Information Networks (“Qualified HINs”), which are networks of organizations working together to share data and which voluntarily adopt the final TEFCA. Qualified HINs will connect directly to each other via Connectivity Brokers, and each Qualified HIN will represent a variety of networks and participants that they connect together.
Comments for the draft Trusted Exchange Framework need to be submitted to exchangeframework@hhs.gov before 11:59pm Eastern Time on February 18, 2018. ONC encourages stakeholders to review the Draft Trusted Exchange Framework and Common Agreement and submit comments on the feasibility of the policies it outlines. We will post additional blogs as we learn more about the details of the TEFCA and stakeholder questions/concerns in the days and weeks ahead. If you have any questions about this blog or Barclay Damon LLP’s services, contact Herb Glose at hglose@barclaydamon.com, or (716) 566‑1579.