What You Need to Know About the Trusted Exchange Framework and Common Agreement
What’s a TEFCA?
We are only six months into 2019 but it has already been an action-packed year from a federal health IT policy perspective! The Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator for Health IT (ONC) both released significant proposed rules that will reshape the health IT landscape. CMS seeks to increase patients’ access to their health information from payers by requiring certain payers to adopt FHIR-based open APIs and they are proposing to require hospitals to share alerts about inpatient admissions, discharges, and transfers. ONC’s rule is focused on implementing many of the key provisions of the 21st Century Cures Act (Cures Act), including defining information blocking and the requirements of open APIs. While the rules have appropriately soaked up much of the attention of health IT stakeholders with the comment periods on both rules now closed, we anticipate attention will turn to the new draft of the Trusted Exchange Framework and Common Agreement (TEFCA) that ONC released in April.
Breaking TEFCA Down
In the Cures Act, ONC is mandated to either establish or select a TEFCA to enable exchange across disparate networks. In the new draft ONC’s stated goals for TEFCA are to:
- Provide a single “on-ramp” to nationwide connectivity;
- Ensure health information securely follows you when and where it is needed; and
- Support nationwide scalability.
TEFCA is comprised of two components—the Trusted Exchange Framework (TEF) and the Common Agreement.
- TEF – A set of six high-level principles ONC developed, which articulate how data exchange should be conducted.
- Common Agreement – Establishes the legal and technical requirements for exchanging data over the network created by TEFCA. The Common Agreement is made up of three subcomponents:
- Minimum Required Terms and Conditions – In the current draft ONC proposes the minimum set of required terms and conditions that different participants in the network must abide by.
- Additional Required Terms and Conditions – The Recognized Coordinating Entity (RCE), a public private entity that ONC is in process of selecting, will implement and oversee TEFCA. The RCE is charged with developing additional terms and conditions for ONC approval that will be included in next iteration of the Common Agreement that is released for public comment in 2020.
- QHIN Technical Framework – A separate document referred to in the Common Agreement that articulates the functional and technical requirements for exchange among QHINs, the top-level entity in the network created by TEFCA. In the first version of TEFCA the standards were written directly in the Common Agreement, which stakeholders felt would have created a cumbersome process for updating standards moving forward.
ONC outlines three roles in the draft document: QHINs, Participants who connect to the network through a QHIN, and Participant Members who connect to the network through a Participant. Each of these roles have specific obligations laid out in the Common Agreement they must abide by. ONC has developed a tool that cross walks many of the major provisions. Below we highlight the major changes from the previous draft.
- Updated the Purposes for which data can be exchanged – Based on stakeholder feedback ONC adopted a subset of the HIPAA Health Care Operations and Payment. Purposes with a * only apply to HIPAA covered entities and business associates. The set of Exchange Purposes proposed now is:
- Business planning and development (subset of HIPAA operations)*
- Quality assessment and improvement (subset of HIPAA operations)*
- Utilization review (subset of HIPAA payment)*
- Public health*
- Benefits determination
- Individual access services
- Modified supported Exchange Modalities – Based on stakeholder feedback ONC added QHIN Message Delivery, or push transactions, to the covered Exchange Modalities along with broadcast and targeted query and removed population level data.
- QHIN Technical Framework – As noted above, ONC moved the technical and functional requirements from the Common Agreement into the QHIN Technical Framework.
- QHIN Definition Broadened – ONC expanded the QHIN definition to allow a broader set of health information networks (HINs) to apply to become QHINs.
- Timelines Extended – Entities will have 18 months, rather than 12, to implement changes required by a new version of the Common Agreement.
Since public comment closed on June 17th, the RCE will now work with ONC to develop a revised version of the Common Agreement and QHIN Technical Framework for an additional round of public comment. ONC anticipates this will occur in 2020. After public comments are incorporated ONC will publish the final version 1 of the Common Agreement and QHIN Technical Framework in the Federal Register and on healthit.gov.
Both TEFCA and the proposed information blocking rules will require existing HINs and HIEs to make changes to their existing data use agreements and policies and procedures to come into compliance. Participation in TEFCA is voluntary so HINs and HIEs that intend to participate will want to actively consider areas where the two sets of requirements intersect when updating their existing agreements. It will also be important to monitor and consider the implementation timelines of information blocking and TEFCA.
For HINs and HIEs reviewing TEFCA, it is important to carefully consider the requirements of the three different roles and determine which best suites your organization. Becoming a QHIN is not the right path for many HINs and HIEs but it will be for others. Being a QHIN entails a significantly higher technical and policy bar that an entity considering the QHIN role will need to develop a sustainable business model around. We anticipate any future U.S. Department of Health and Human Services regulatory provisions pointing to TEFCA will allow participation in any of the three roles to comply with the requirement (i.e. if ONC adopted an information blocking exception for TEFCA participation that would apply to entities that are Participants or Participant Members as well as QHINs). If you wish to learn more about TEFCA or the proposed rules, don’t hesitate to contact us. The Ai federal policy team will also be onsite at ONC’s upcoming Interoperability Forum from August 21st-22nd in Washington D.C. if you want to connect in-person.
Check out these related resources produced by Ai:
This article was originally published on Audacious Inquiry and is republished here with permission.